Validation service for electronically sealed documents
The Digital and Population Data Services Agency offers organisations an electronic seal service that allows them to sign or seal digital data with a seal certificate issued to the organisation. The seal certificate contains the details of the legal person. The electronic seal is an advanced level electronic signing certificate.
How to validate electronic seals in documents
The Digital and Population Data Services Agency's validation service allows you to check electronic documents that have been sealed with the Digital and Population Data Services Agency's electronic seal certificate. Use of the validation service is free of charge.
Please note that if an electronically sealed document has been printed after sealing, you can no longer validate the document.
The validation service provides the following information:
- whether the electronic signature or seal is valid
- whether changes have been made to the document after sealing
- which organisation sealed the document
- has the signature or seal been made with a qualified certificate
- the certificate chain of the seal certificate
- when the document was electronically sealed
Go to the validation service
The Digital and Population Data Services Agency is a public authority that administers a personal data file and, under the Act on the Population Information System and the Certificate Services of the Digital and Population Data Services Agency (661/2019), is responsible for providing certified electronic services.
The service runs the following inspections on the document and signatures:
The service issues a notification if the document does not contain electronic signatures. For example, just a picture of a signature is not an electronic signature.
The service issues a notification if the document has been modified or content has been added after it was signed electronically. It can be a relevant change, such as adding information to text fields on a form. Please note that this can also be an inappropriate change, such as a dishonest modification of the information on the document.
The validity of the signature means that the signature is a technically valid electronic signature in accordance with Standard, and that the signature has not been edited or forged at a later time.
If the electronic signature is not valid, this may indicate for example that the signature or the data that has been signed has been edited later on or that the application that has produced it is not functioning according to the standards.
Even if an electronic signature is valid as such, this does not guarantee that the certificate used for making the signature or the party that issued the certificate are trustworthy.
The service checks whether the certificate for the signature has been issued by a party trusted by DVV. This means:
- certificates listed in the Trusted List (EUTL), which is a list of EU Commission trusted certificates
- all Digital and Population Data Services Agency certificates
- as well as possibly other Digital and Population Data Services Agency trusted certificates.
The service issues a notification if the document has been signed with a DVV advanced level seal certificate.
The parties that grant EU qualified certificates and EU qualified certificate types are listed in the EU Commission maintained Trusted List (EUTL). For a certificate to be included on the Trusted List (EUTL), it must meet with the requirements laid down in Article 22 of the eIDAS Regulation.
The signature certificate on the Digital and Population Data Services Agency’s Citizen Certificate as well as the signature certificate on organisation cards are EU qualified certificates. The signature certificate on the social welfare and healthcare sector professional ID is not on the Trusted List (EUTL) for trusted certificates, but an effort is being made to get it added to the list as soon as possible.
If the document is signed with a Digital and Population Data Services Agency certificate card, but no signature certificate has been used for the signature, and a authentication and encryption certificate has been used instead (meaning the document was signed with a PIN1 code). The service will issue the notification “The signature has not been made with an EU qualified certificate.” This is due to the fact that the DVV’s authentication and encryption certificate (identification certificate) is not an EU qualified certificate, but the signature certificate is.
QSCD refers to a qualified signature creation device as referred to in Article 29 of the EIDAS Regulation. For example, the chips on the Digital and Population Data Services Agency’s newest certificate cards are QSCD-certified devices.
When a signature has been made with an EU qualified certificate and the certificate’s private key is in a QSCD-certified device, the signature is a qualified electronic signature. A qualified electronic signature is valid as such throughout the European Union, and it is legally binding and indisputable without separate evidence.
Therefore, a qualified electronic signature as referred to in the eIDAS Regulation will pass the following inspections:
- it is technically valid
- it has been made with an EU qualified certificate
- the key used in the signature is stored in an EU qualified signature creation device (QSCD).
In the feedback provided by the validation service, an electronic signature also refers to an electronic seal.
First the service will give a notification on the number of electronic signatures in the document:
- how many valid signatures with EU qualified certificate issuers and signature keys stored in a qualified signature creation device.
- how many valid signatures with EU qualified certificate issuers.
- how many valid signatures made with non-qualified certificates.
- how many invalid signatures that failed validation.
A list of possible notifications issued by the service:
- The electronic signature or electronic seal is valid. (In addition, the level of the signature is notified.)
- The electronic signature is not valid.
- Document has not been modified or forged after signature.
- Document has been modified or content has been added after it was signed or sealed electronically.
- The signature is made by a party trusted by DVV.
- The signature is not made by a party trusted by DVV.
- The signature is made with an EU qualified certificate.
- The signature is not made with an EU qualified certificate.
- The signature key is stored in an EU qualified signature creation device (QSCD).
Technical error notifications
If an electronic signature is invalid, the service will also list the technical error notifications related to this. These will be listed in the “Show technical error notifications” tab. These notifications are only available in English.
Terms and conditions
By using the Validation Service, you accept the Terms and conditions for the Validation Service. The Validation service user is obliged to ensure that the user is entitled to submit the document in a third-party service that validates the electronic signature or seal and the time stamp.
Terms and conditions for the Validation service (pdf)