Catalogue
CREDENTIALS MANAGEMENT
Administration and centralized control of qualified electronic signature.
International novelty
Technology developed by the Research & Development & innovation (R & D & I) Department of ANF AC.
The ANF AC credential management platform is the most advanced in the market, incorporating exclusive elements (patents pending) that makes it unique in its kind:
- Manages certificates without storing them. It allows remote administration, the platform can be installed under the sole custody of your organization.
Does not require external installation of certificates
- Ensures interoperability with all types of media: certificates integrated in secure signature creation devices (QSCD), HSM token (Hardware Security Module), PFX / PKCS # 12 software, and certificates in remote signature server.
Audited technology in accordance with Regulation (EU) 910/2014 on electronic identification and trust services for electronic transactions in the internal market and the Organic Law 15/1999, of December 13, on the Protection of Personal Data (LOPD). Besides an Impact Assessment on data protection has been developed.
Control of the companies' qualified certificates
Centralize the lifecycle of all certificates linked to an organization. The organization will enjoy absolute autonomy to order:
- Issuance.
- Suspension.
- Renewal.
- Revocation.
- Notification when the end of the validity period approaches.
- Automatic reissue of certificates 15 days in advance of their loss of validity.
Capacity and total autonomy to create usage policies:
- Configure using Internet Protocol address (IP address).
- Establish schedules and days of use.
- Determine which terminals are functional.
- Establish allowed URLs, including authorized pages (limited seizure)
- Indicate authorized computer applications, and
- other specifications that may be of interest ...
Capacity and total autonomy to create security policy:
- Requires Two-Factor Authentication (2FA) by:
- SMS
- Instant messaging
- Logical token
- Usage audit:
- Usage log
- Registration of unauthorized access attempts.
- Secure remote destruction of certificates.
- Even if the certificates are installed in token or in computer terminals to guarantee the non-repudiation attribute. Users can manage the entire lifecycle remotely and instantly.
- It makes any improper use impossible.
- Imposibilidad de acceso a los documentos firmados por los certificados. Otras plataformas precisan almacenar los certificados. (aunque es un servicio restringido a PCSCs)
It does not require integration, it is transparent and reliable to users:
- Your organization will have an intuitive management console that does not require specific knowledge to be installed and managed.
- Your organization does not need to install any application.
- Users do not need to install plugin, or extensions in browsers. The system is totally transparent and reliable to them.
100% compatible with all corporate solutions, regardless of programming language or commercial or customized solution.
Differences concerning to other market solutions
Functionality | Other platforms | ANF AC | |
---|---|---|---|
Implementation | It does not need to install Plugins or Extensions | ❌ | ✅ |
It does not require certificate custody | ❌ | ✅ | |
It does not require Application Programming Interface (API) implementation in the organization's systems to be used. | ❌ | ✅ | |
Interoperability | Compatible with all types of token and certificates on signature server | ❌ | ✅ |
100% compatible with AAPP browsers and platforms | ❌ | ✅ | |
System compatible with Distributed Certificate Platform | ❌ | ✅ | |
Autonomy | Credential platform independent of the Centralized Platform | ❌ | ✅ |
Autonomy of the organization in credential management | ❌ | ✅ | |
Customizable | Certificates can be stored in a single repository | ❌ | ✅ |
The Credential Platform can be in Software as a Service (SaaS) application | ✅ | ✅ | |
Certificates can be hosted in Centralized Platform without transport | ✅ | ✅ | |
Regulatory compliance | La plataforma de centralizada está auditada eIDAS con dispositivo QSCD | ❌ | ✅ |
Cumple eIDAS, LFE, ISO 27001, ENS, RGPD, LOPD. | ❌ | ✅ | |
Monitoring & Control. | It allows to establish usage policies | ✅ | ✅ |
It offers the possibility to recover centralized certificates. | ✅ | ✅ | |
Complete control of the remote lifecycle (there is no need for certificate custody) | ❌ | ✅ | |
Audit of use and attempted access not allowed | ✅ | ✅ | |
Create expiry notifications to take control of SSL Secure Server EV (QWSC) certificates with automatic renewal capability of 15 days in advance of their loss of validity. | ❌ | ✅ | |
Create expiry notifications to control qualified electronic seals with automatic renewal capacity of 15 days in advance of their loss of validity. | ❌ | ✅ | Create expiry notifications to keep track of PSD2 certificates in all its modalities with automatic renewal capability 15 days in advance of their loss of validity. | ❌ | ✅ |
Security | It allows to establish Security Policies | ✅ | ✅ |
Possibility to customize new security parameters | ❌ | ✅ | |
2FA in SMS, instant messaging, logical token. | ❌ | ✅ | |
PIN in exclusive possession of the user (guarantee of non-repudiation) | ❌ | ✅ | |
Lifecycle Control | Issuance Procedure | ❌ | ✅ |
Revocation / Destruction | ✅ | ✅ | |
Renewal | ✅ | ✅ | |
Suspension | ✅ | ✅ | |
Usability | Includes long-term signature capability. | ❌ | ✅ |
Intuitive and transparent system for the user | ✅ | ✅ | |
Multi language | ❌ | ✅ |