You can validate the authenticity of electronic signatures in the document validation service of the Digital and Population Data Services Agency. You can currently validate documents in PDF as well as ASiC formats (e.g. Estonia’s DigiDoc).
The service checks
- the technical validity and the legal status of the signature
- whether the correct person or organisation has signed.
The service does not check the accuracy of the document's content or, for example, whether the person or organisation that has signed is eligible to use services.
This is how you validate your document in the service
To validate the document signature, click Validate document.
- Select the file that you want to validate by clicking the field and by browsing your computer for the file. Alternatively, you can drag the file to the field.
- Click Send to validation button.
- The details of the electronic signatures on the document are displayed.
- Click Clear to clear the view.
The service will not save the validated document.
The service runs the following inspections on the document and signatures:
The service issues a notification if the document does not contain electronic signatures. For example, just a picture of a signature is not an electronic signature.
The service issues a notification if the document has been modified or content has been added after it was signed electronically. It can be a relevant change, such as adding information to text fields on a form. Please note that this can also be an inappropriate change, such as a dishonest modification of the information on the document.
The validity of the signature means that the signature is a technically valid electronic signature in accordance with Standard, and that the signature has not been edited or forged at a later time.
If the electronic signature is not valid, this may indicate for example that the signature or the data that has been signed has been edited later on or that the application that has produced it is not functioning according to the standards.
Even if an electronic signature is valid as such, this does not guarantee that the certificate used for making the signature or the party that issued the certificate are trustworthy.
The service checks whether the certificate for the signature has been issued by a party trusted by DVV. This means:
- certificates listed in the Trusted List (EUTL), which is a list of EU Commission trusted certificates
- all Digital and Population Data Services Agency certificates
- as well as possibly other Digital and Population Data Services Agency trusted certificates.
The service issues a notification if the document has been signed with a DVV advanced level seal certificate.
The parties that grant EU qualified certificates and EU qualified certificate types are listed in the EU Commission maintained Trusted List (EUTL). For a certificate to be included on the Trusted List (EUTL), it must meet with the requirements laid down in Article 22 of the eIDAS Regulation.
The signature certificate on the Digital and Population Data Services Agency’s Citizen Certificate as well as the signature certificate on organisation cards are EU qualified certificates. The signature certificate on the social welfare and healthcare sector professional ID is not on the Trusted List (EUTL) for trusted certificates, but an effort is being made to get it added to the list as soon as possible.
If the document is signed with a Digital and Population Data Services Agency certificate card, but no signature certificate has been used for the signature, and a authentication and encryption certificate has been used instead (meaning the document was signed with a PIN1 code). The service will issue the notification “The signature has not been made with an EU qualified certificate.” This is due to the fact that the DVV’s authentication and encryption certificate (identification certificate) is not an EU qualified certificate, but the signature certificate is.
QSCD refers to a qualified signature creation device as referred to in Article 29 of the EIDAS Regulation. For example, the chips on the Digital and Population Data Services Agency’s newest certificate cards are QSCD-certified devices.
When a signature has been made with an EU qualified certificate and the certificate’s private key is in a QSCD-certified device, the signature is a qualified electronic signature. A qualified electronic signature is valid as such throughout the European Union, and it is legally binding and indisputable without separate evidence.
Therefore, a qualified electronic signature as referred to in the eIDAS Regulation will pass the following inspections:
- it is technically valid
- it has been made with an EU qualified certificate
- the key used in the signature is stored in an EU qualified signature creation device (QSCD).
First the service will give a notification on the number of electronic signatures in the document:
- how many valid signatures with EU qualified certificate issuers and signature keys stored in a qualified signature creation device.
- how many valid signatures with EU qualified certificate issuers.
- how many valid signatures made with non-qualified certificates.
- how many invalid signatures that failed validation.
A list of possible notifications issued by the service:
- The electronic signature or electronic seal is valid. (In addition, the level of the signature is notified.)
- The electronic signature is not valid.
- Document has not been modified or forged after signature.
- Document has been modified or content has been added after it was signed or sealed electronically.
- The signature is made by a party trusted by DVV.
- The signature is not made by a party trusted by DVV.
- The signature is made with an EU qualified certificate.
- The signature is not made with an EU qualified certificate.
- The signature key is stored in an EU qualified signature creation device (QSCD).
Technical error notifications
If an electronic signature is invalid, the service will also list the technical error notifications related to this. These will be listed in the “Show technical error notifications” tab. These notifications are only available in English.
Terms and conditions
By using the Validation Service, you accept the Terms and conditions for the Validation Service. The Validation service user is obliged to ensure that the user is entitled to submit the document in a third-party service that validates the electronic signature or seal and the time stamp.
Terms and conditions for the Validation service (pdf)
- Individuals
- Processing times
- Marriage
- Having or adopting a child
- Names
- Moving
- Guardianship
- Life changes while living abroad
- Moving while living abroad
- Registration of a child born abroad
- Marriage concluded abroad
- Partnership registered abroad
- Divorce granted abroad
- Registration of a name change performed abroad
- Gender recognised abroad
- Death abroad
- Registration of citizenship
- Notification of retaining Finnish citizenship
- Legalisation of foreign documents
- Submitting foreign documents
- As a foreigner in Finland
- Registration of a foreigner
- Registration of a foreign student
- Municipality of residence
- Family relationships and Marital Status
- Instructions on arriving in Finland from Ukraine
- Guide for employed persons
- Fast track service for specialists and growth entrepreneurs
- Instructions for legalisation
- Submitting foreign documents
- Foreigner’s move to Finland, in Finland and out of Finland
- Check your own personal details
- Elections and Right to vote
- Suomi.fi Web Service
- Citizen Certificate and electronic identity
- Certificates from the Population Information System
- Population information in the Population Information System
- Registration of a gift notification
- Services of notary public
- Certification of purchase
- Citizens’ initiative
- Death and estate inventory
- Public Service Info
- Address service
- Forms
- Digital support for citizens
- Organisations
- Certificates
- For social welfare and healthcare service providers
- For organisations
- Electronic sealing service
- Timestamping Service
- Electronic signature
- Service certificates
- Advisory service, support and revocation service
- Certificate Directory
- Test the use of a certificate
- Card Reader Software
- Information about certificates
- Population information services for organisations
- Public administration sampling and updating service
- Private sector information services
- PIS modified data interface
- Modified data update service
- Population Information System query interface
- Browser-based Population Information System query
- Resident sampling services for property management offices and maintenance companies
- Data extraction for municipalities
- Reform of personal identity code
- Conditions for using population information
- Maintaining the Population Information System
- Extracts from registers
- Suomi.fi services
- Services to promote digitalisation
- Digital support
- European digital identity wallet
- Digital security services
- Services of notary public
- Certification of purchase
- Right to officiate weddings
- E-services
- Finnish Authenticator identification service
- Certificates
- About the agency
- Digital and Population Data Services Agency
- Digital and Population Data Services Agency as an Employer
- Use our services electronically
- Contact
- Customer service for private customers
- Customer service for organisations
- Service locations
- Digital and Population Data Services Agency address, switchboard e-billing details
- Digital and Population Data Services Agency Management
- Marriage ceremony premises information
- Contact details for media
- International Affairs
- Invoicing
- Quality policy
- Equality plan for customers
- Data protection
- News
- Population Information System
- For media
- Brochures and publications
- Projects
- Foresight and research cooperation