Banco Central de Costa Rica

|/js/Menu_Izquierda_eng.htm

Corporate certificates

 

"CA SINPE - Corporation" is the Banco Central de Costa Rica’s Certifying Authority, through which the Electronic Seal (Digital Signature) and Electronic Agent (Authentication) certificate issuance services are offered to corporations that request them. Both certificates strengthen the processes carried out by corporations using electronic means, granting them legal validity.

 

These are the types of certificates offered:

 Región de Tabs

Electronic Seal Certificate

Electronic Agent Certificate

These are Digital Signature certificates for corporations, which ensure integrity and authenticity of electronic documents.

 

They are typically used as part of automated Digital Signature processes in which the cryptographic device that contains the keys associated with the certificate are activated so that they can work unattended and, therefore, will not need personal intervention each time a digital signature is used.

 

Electronic Seal certificates may be used, for instance, in automated processes for issuing certifications, proofs of transactions, proofs of receipt of documents, and in general, in any other similar process in which it is necessary to guarantee integrity of documents and link them legally to a corporation (authorship and nonrepudation).

The certificates also function as a proof of the identity of a Corporation in the electronic world.

 

They are usually used as part of an automated authentication process (as proof of identity) between automated systems, where the cryptographic device that contains the keys associated with the certificate is active, so that it can work unattended and does not require human intervention every time it is used.

 

The certificate may also be used for securing an https Web site, so that users who visit it are certain that they are visiting the site associated with that Corporation.

 

It may likewise be used to ensure a service, for instance a "Web service", as well as to be authenticated for a service provided by another entity without human intervention.

 

To request and obtain a certificate, the requirements described in each of the following three steps must be complied with:

 

Step 1: Letter to the Payment Systems Director:

 

To start the process, the Legal Representative must send a letter (see example in the documentation section) requesting issuance of a corporate certificate for the company he or she represents. Further information you may call to Centro de Operaciones del Sinpe to the (506) 2243-3700 or send an email to cos@bccr.fi.cr

 

The letter must comply with the following requirements:

 

 Región de Acordeón

Background information

A form must be filled out providing the necessary information for the Banco Central to complete the certificate issuance request in the name of the corporation requesting it (please see the form in the documentation section).

Specify the type of corporate certificate requested

The type of certificate being requested - Electronic Seal Certificate (Digital Signature)  or Electronic Agent Certificate (Authentication) - must be indicated.

A Corporate Certificate Authorized Agent must be designated

The Legal Representative must designate a "Corporate Certificate Authorized Agent" who will be in charge of carrying out, in representation of the requesting corporation, all the corresponding technical activities. It is recommended that this person has technological-computing skills.

 

To designate the Authorized Agent, the Legal Representative of the requesting corporation must bear in mind that as of the moment of the designation,  the Legal Representative must ensure that data of the Authorized Agent are always up to date in the CA SINPE - Corporation, as all processes related to the handling of the certificates will be carried out directly by this person in representation of the organization, and that the organization will be responsible for them.

 

The person acting as the "Corporate Certificate Authorized Agent" must have a private individual certificate to be able to sign the required documents for obtaining the requested corporate certificate.

 

The Legal Representative of the requesting corporation must bear in mind that as of the moment of the designation of the Corporate Certificate Authorized Agent, the Legal Representative must ensure that data of the Authorized Agent are always up to date in the CA SINPE - Corporation.

Indicate the "Literal Certification Number" of the Corporation

The corporation must request a Literal Certification of Legal Identity from the National Registry. This Certification is requested from the National Registry through its Web page, paying that entity the corresponding costs.

 

Once the certification is obtained, the "Certification Number" must be included in the request letter, which has the following format: RNPDIGITAL-XXXXX-XXXX. The certification is valid for 15 calendar days counted from the date of issuance; for this reason it is advisable to sent the request letter at least 10 calendar days before it expires.

 

Should there be any doubt regarding interpretation of the scope of the power of the Legal Representative,  SINPE’s Operations Center, at the BCCR’s discretion, may additionally request a Notary’s certification indicating that the Legal Representative has sufficient authority  to designate the Corporate Certificate Authorized Agent, and request the certificate.

Authorize the Banco Central de Costa Rica to make the corresponding certificate charge

The fee for each corporate certificate is established in the Payment System Regulations issued by the Banco Central de Costa Rica, and payment should be made through a debit from a customer account of the requesting corporation.

 

The request should therefore include the customer account number in colones, from which the cost of the certificate will be debited, as well as an express authorization to the Banco Central de Costa Rica to make the corresponding debit from that account.

Digitally sign the request letter and Subscriber Agreement

To complete this process, the Legal Representative must have a Private Individual certificate. He or she must digitally sign this request letter for emission of certificates and the Subscriber Agreement, in which the duties and responsibilities between the parties due to emission and use of certificates are set forth. Both documents will be sent by the SINPE - Operations Center (COS) together with the data provided by the interested party through the "Data Collection Form", with all requirements verified by the COS, and the Authorized Agent will be assigned an appointment for the processes related to certificate delivery.

Supporting documentation

-Data collection form: this document must include all the data that must be supplied to the Banco Central to start the certificate emission request process.

 

-Template letter for requesting issuance of a certificate: this is a template of the request letter that must be submitted.

 

-Subscriber Agreement: this is a copy of the Subscriber Agreement that the SINPE Operations Center (COS) will send you with the data of the requesting corporation, to be signed by its Legal Representative.

Review of the request by the Banco Central

After the note with the indicated information has been sent to the Bank, and the Subscriber Agreement has been signed by the Legal Representative, the Banco Central will review it to continue with the process.

 

 

Step 2: Technical request of the certificate by the Authorized Agent

 

Once the request has been received, and compliance with all requirements has been verified by the Banco Central, the SINPE - Operations Center (COS) will begin communicating with the designated Corporate Certificate Authorized Agent, who must comply with the following tasks and requirements:

 

 Región de Acordeón

Verify compliance with cryptographic devices requirements

Cryptographic devices are those in which the certificate will be stored (hardware security module - HSM)

 

These devices must comply with the requirements established in the Policy on Certificates for the National Hierarchy of Registered Certifiers; to establish compliance, the Corporate Certificate Authorized Agent must validate that the device they have or will acquire has been homologated.

 

-List of devices certified by the BCCR

Generate the certificate request

The Authorized Agent must generate the certificate request, as indicated in:

 

-Guide for generating a request: this is a step-by-step guide to obtain the request for a digital certificate.

 

Send the certificate technical request

After completing the previous tasks, the Authorized Agent must send the request generated in the cryptographic device to the SINPE - Operations Center (COS), where the certificate will be stored, as well as the hash (request summary) to guarantee request integrity.

This information must be send by the Authorized Agent to the SINPE - Operations Center (COS) through a digitally sighed official letter, via e-mail.

 

 

 

Step 3: Delivery of the Corporate Certificate

 

Once all requirements have been complied with and verified, the SINPE - Operations Center (COS) will assign an appointment to the Authorized Agent to give him or her the Corporate Certificate.

To receive the certificate, the Authorized Agent must:

-Present his or her valid identification card

-Present his or her valid Private Individual digital certificate

-Validate that the data on the corporate certificate he or she receives correspond with those provided

-Digitally sign the Subscriber Agreement which had previously been signed and sent by the Legal Representative

-Sign a voucher indicating satisfactory reception of the certificate

-Provide a USB storage device to receive the Certificate

 

Remember that data of the designated Authorized Agent must be always up to date in the CA - SINPE. To report any change related to the designation of the Authorized Agent, the "Change of Authorized Agent" template must be filled out.

 

 

structure image
Banco Central de Costa Rica © 2014.