Issue or Renew Digital Certificates: e-CPF, e-CNPJ and NF-e, with our Registration Authority (AR-QualiSign) linked to ICP-Brasil, through videoconference or an in-company visit.
What is it?
The Digital Certificate is the authenticated and encrypted electronic identity of individuals and legal entities. With the Digital Certificate, it is possible to carry out several electronic transactions securely, in addition to digital signatures with unquestionable legal validity.
Frequently Asked Questions
Brazil has a National Digital Certification System that is maintained by the National Institute of Information Technology. Here you can find the translation of the acronyms for the bodies and processes that make up this System, and thus you can understand its operations.
The Digital Certificate is the identity of a person or a company on the internet. This technology makes it possible to digitally sign any type of document, with the same legal validity as those signed by hand.
The QualiSign Portal, in partnership with Serasa Experian, offers 3 families of digital certificates: e-CPF, e-CNPJ and NF-e
Contact us and get your Digital Certificate now.
Telephone: +55 (11) 5906-7222
Open from Monday to Friday, São Paulo working days, from 8:00 am to 5:00 pm.
The National Institute of Information Technology - ITI is a federal agency linked to the Civil Office of the Presidency of the Republic, whose objective is to maintain the Brazilian Public Key Infrastructure - ICP-Brasil, being the first authority in the certification chain – Root CA.
Provisional Measure 2,200-2 of August 24, 2001 started the deployment of the National Digital Certification System of ICP-Brasil. This means that Brazil has a public infrastructure, maintained and audited by a public body, namely the National Institute of Information Technology, which follows operating rules established by the Management Committee of ICP-Brasil, whose members are appointed by the President of the Republic, among representatives of the powers of the Republic, as well as segments of society and academia, as a way of providing stability, transparency and reliability to the system.
A Public Key Infrastructure (ICP or PKI - Public Key Infrastructure) is a public or private agency or initiative that aims to maintain a structure for issuing public keys, based on the principle of the trusted third party, offering mediation of credibility and trust in transactions between parties using Digital Certificates.
The main role of the ICP is to define a set of techniques, practices and procedures to be adopted by the entities in order to establish a digital certification system based on a public key.
Brazil's public key infrastructure, defined by Provisional Measure No. 2,200-2, of August 24, 2001, is referred to as Brazilian Public Key Infrastructure, or ICP-Brasil.
One may note that the model adopted by Brazil was that of certification with a single root, and the ITI, in addition to playing the role of Root Certification Authority - Root CA, also has the role of accrediting and discrediting the other participants in the chain, supervising and audit processes
ICP-Brasil is made up of a chain of certification authorities, formed by a Root Certification Authority (Root-CA), Certification Authorities (CA) and Registration Authorities (RA) and also by a policy management authority, that is, the Management Committee of ICP-Brasil.
MANAGEMENT COMMITTEE - The Management Committee of ICP-Brasil is linked to the Civil Office of the Presidency of the Republic. It is comprised of five representatives from civil society, members of interested sectors, and one representative from each of the following bodies: Ministry of Justice; Ministry of Finance; Ministry of Development, Industry and Foreign Trade; Ministry of Planning, Budget and Management; Ministry of Science and Technology; Civil House of the Presidency of the Republic and Institutional Security Office of the Presidency of the Republic. Its main competence is to determine the policies to be executed by the Root Certification Authority.
The Root Certification Authority of ICP-Brasil is the first authority in the certification chain. It executes the Certificate Policies and technical and operational standards approved by the Management Committee of ICP-Brasil. Therefore, Root-CA is responsible for issuing, dispatching, distributing, revoking and managing the certificates by certification authorities at the level immediately following its own.
Root-CA is also responsible for issuing the list of revoked certificates and for inspecting and auditing the certification authorities, registration authorities and other service providers qualified at ICP-Brasil. Moreover, it checks whether the Certification Authorities – CAs are acting in compliance with the guidelines and technical standards set forth by the Management Committee.
CA – Certification Authority
A Certification Authority is an entity, public or private, subordinated to the hierarchy of ICP-Brasil, responsible for issuing, distributing, renewing, revoking and managing digital certificates. It plays an essential role in ensuring that the certificate holder has the private key that corresponds to the public key that is part of the certificate. It creates and digitally signs the signer's certificate, where the certificate issued by the CA represents the declaration of the holder's identity, which has an excusive pair of keys (public/private).
It is also up to the CA to issue lists of revoked certificates - LCR and keep records of its operations, always complying with the practices defined in the Certification Practices Statement - DPC or CPS, in addition to establishing and enforcing, through the Registry Authorities linked to it, the security policies required to ensure the authenticity of the identification made.
RA – Registration Authority
It is an entity responsible for the interface between users and the Certification Authority. Linked to a CA whose objective is to receive, validate, forward requests so as to issue or revoke digital certificates to the CA and to identify, in person, its applicants. It is RA's responsibility to keep records of its operations. It can be physically located in a CA or be a remote registration entity.
The sectors of society participate in ICP-Brasil through the Management Committee, which includes five representatives of civil society in its composition. This participation gives the system a democratic and transparent character.
It is an Electronic Document with identification data of the person or institution that, through the document, wishes to prove its own identity before third parties. It also serves to check the identity of third parties. It is a kind of electronic identity card.
Digital Certificates allow the parties involved in an electronic transaction, each to present their credentials to prove, to the other party, their real identity (WHO). A digital certificate has two keys, one public and one private. The public key is freely distributed and serves to validate a signature as being created by its corresponding private key. The private key is kept secret by the owner and used to sign digital transactions.
A Digital Certificate makes it possible to check whether a user really has the right to use a certain key, helping to prevent the use of counterfeit keys to impersonate other users.
The digital certificate of ICP-Brasil, in addition to personifying the citizen on the worldwide web, guarantees, under the current legislation, legal validity to the acts practiced with its use. Digital certification is a tool that allows applications, such as electronic commerce, contract signing, banking operations, e-government initiatives, among others, to be carried out. These transactions are carried out in a virtual manner, that is, without the physical presence of the interested party, but which require the unequivocal identification of the person who is carrying it out over the Internet.
Technically, the certificate is an electronic document that, by means of logical and mathematical procedures, ensured the integrity of the information and the authorship of the transactions. This electronic document is generated and signed by a trusted third party, that is, a Certification Authority that, following rules issued by the Management Committee of ICP-Brasil and audited by ITI, associates an entity (person, process, server) with a pair of cryptographic keys.
Basically, the Digital Certificate works as a type of virtual identity card that allows the secure identification of the author of a message or transaction on a computer network. The digital certification process uses very complex logical and mathematical procedures to ensure confidentiality, integrity of information and confirmation of authorship.
The Digital Certificate is an electronic document, digitally signed by a trusted third party, that identifies a person, whether an individual or legal entity, associating them with a public key. A digital certificate contains the data of its holder, such as name, date of birth, public key, name and signature of the Certification Authority that issued it, and may also contain additional data such as CPF, voter registration, ID, etc.
It is the Electronic Identity Document issued by a Certification Authority accredited by the Root Certification Authority of ICP-Brasil – Root CA and certified by the SRF Certification Authority (SRF-CA), which certifies the authenticity of the issuers and recipients of the documents and data that travel on a communication network, ensuring their privacy and inviolability.
Individuals with a registration status in their CPFs statting they are classified as canceled may not hold e-CPF or e-CNPJ certificates. The same is true for legal entities whose CNPJ statuses are classified as unfit, suspended or canceled.
As the person who signs is always an individual, even if they represent a legal entity, when using the e-CNPJ for digital signatures, the QualiSign Portal understands this person who signed as the company's representative before the Federal Revenue of Brazil, namely the individual that is shown up in the e-CNPJ.
The main information contained in a digital certificate is the holder's public key; name and email address; certificate validity period; name of the Certification Authority - CA that issued the certificate; digital certificate serial number and the CA digital signature.
Yes. Anyone can apply to the Certification Authorities for a Digital Certificate.
Yes, it is possible for a foreigner to have a digital certificate from ICP-Brasil. Yet, in order to issue the certificate, they must have a CPF issued by the Federal Revenue Service.
The difference is that, in an individual's digital certification, the person responsible for the certificate is the person himself or herself, whereas in the legal entity's digital certification, the holder is the company and the company has an individual in charge of using the certificate.
Agility, cost reduction and security. These are the main advantages of a digital certification. Currently, digital certifications allow processes that had to be carried out face-to-face or through countless paper documents, to be done entirely electronically. This makes processes less bureaucratic, faster and, therefore, cheaper. Digital certification guarantees authenticity and integrity. The ICP-Brasil digitally signed document is valid as a paper document signed manually.
First, one must take into consideration that a digital certificate stands for one's “identity” in the virtual world. Thus, they must adopt some precautions to prevent another person from agreeing on contracts and/or deals and carry out bank transactions on behalf of the certificate holder. Below are some recommendations to use a digital certificate:
a.) The password for the private key and the private key itself must not be shared with anyone;
b.) If the computer where the cryptographic key pair was generated is shared with several users, one should not store the private key at the hard disk, as all users will have access to it, but on a floppy disk, smart card or token;
c.) If the private key is stored at a computer's hard disk, it must be protected from unauthorized access, keeping it physically secure. Never leave the room open after using your computer and having to keep it switched on. Likewise, make sure you use a password-protected screen saver. Watch out for computer viruses, as they can damage your private key;
d.) ) If the software for generating the key pair allows you to choose whether or not to have a password to protect the private key, you should choose to access it by means of a password. Not using a password means that anyone who has access to the computer can impersonate the private key holder, signing contracts and operating bank accounts. In general, it is much easier to use a password than to physically protect a computer;
e.) Use a long password, interspersing letters and numbers, as there are programs developed to unveil passwords. Personal data such as spouse or children's names, birthdays, addresses, telephone numbers, or other elements related to someone must be avoided. Passwords should never be written down, but memorized.
These are portable devices that operate as storage media. Users' private keys are stored on their chips. Access to the information contained therein is done through a personal password, determined by the holder. The smart card is similar to a magnetic card, requiring a reader device for its operation. The token resembles a small key that is placed in a computer entry.
Yes. The digital certificate, unlike the documents usually used for personal identification such as CPF and RG, has a validity period. It is only possible to sign a document while the certificate is valid. The user can request the renewal of the certificate for the CA once this validity is expired.