eSeal
What is an Enterprise Certificate?
An enterprise certificate is the company’s digital identification.
It is used to identify the company and enter into agreements. Some of the most common uses:
- Reporting to Altinn, the Norwegian Tax Administration and the Norwegian Financial Supervisory Authority
- Authentication of the company vis-à-vis Elhub, the Norwegian Tax Administration’s APIs and the Debt Register
- Digital signing
- Secure messaging in CertPub
Enterprise Certificate is also called eSegl or eSeal and meets current standards in both Norway and the EU.
safety
When you use an Enterprise Certificate for reporting on behalf of the company, you know that you are reporting for the correct company and avoid using your private identification.
This is how the delivery takes place
1. Order
2. Download the Enterprise Certificate
3. Sign for receipt
Our Enterprise Certificate
Standard Enterprise Certificate
- 3 years validity
- NCP level – Normal Certificate Policy
- Soft token
- SEID 2.0
- 3072 bit RSA
NCP is a high level of validation.
Can be delivered with customer-generated key and elliptical curves.
LCP Enterprise certificate
- 3 years validity
- LCP level – Lightweight Certificate Policy
- Soft token
- SEID 2.0
- 3072 bit RSA
LCP is the lowest level of validation and is delivered digitally.
Can be delivered with customer-generated key and elliptical curves.
NCP + Business
certificate
- 3 years validity
- NCP+ level – Normal Certificate Policy +
- Soft token
- SEID 2.0
- 3072 bit RSA
NCP+ is the most stringent level of validation.
Commfides generates key.
Can be delivered with customer-generated key and elliptical curves.
Test certificate
- 3 years validity
- NCP level – Normal Certificate Policy
- Soft token
- SEID 2.0
- 3072 bit RSA
Commfides generates key. Can be delivered as LCP, NCP or NCP +.
Can be delivered with customer-generated key and elliptical curves.
Central concepts
LCP
LCP stands for Lightweight Certificate Policy and is the lowest security level. LCP certificates thus have easier validation and lower requirements for ordering and delivery.
NCP
NCP is Commfides' standard certificate and stands for Normal Certificate Policy. NCP is the second highest security level.
NCP+
NCP + is the strictest security level and makes high demands both when it comes to ordering and delivery.
Test certificate
All types of Enterprise Certificate can be ordered as a test certificate for use in test environments. Test certificates have no requirements for approval.
eIDAS
eIDAS stands for electronic IDentification, Authentic and trust Service and is an EU regulation with the aim of increasing digital interaction across national borders. All Commfides certificates are issued at eIDAS level.
SEID 2.0
SEID is a Norwegian collaboration for e-ID and digital signatures between several private and public actors. The purpose is to facilitate cooperation between e-ID providers and to simplify the national infrastructure.
Do you need to send reports?
Altinn
All types of companies in Norway report A-messages to Altinn. The A report can be sent through the payroll system, via an accountant or directly to Altinn. By using a Business Certificate, you make reporting flexible and correct.
Reporting of sick leave
NAV facilitates digital follow-up and reporting of sick leave. An Enterprise Certificate is used to identify the company digitally and meet the requirements for secure communication.
Maskinporten
Maskinporten has been developed by the Norwegian Digitalisation Agency (Digitaliseringsdirektoratet) and makes it possible for companies to share information in a secure way. All companies that will use Maskinporten need an Enterprise Certificate.
Skatteetaten
The Norwegian Tax Administration (Skatteetaten) has several digital services that make it easy for businesses to gain access to their data. One of them is access to an electronic tax card for employees. Enterprise certificate can be used to gain access.
Elhub
There is a requirement that all message exchange in the electricity supplier network Elhub is encrypted with an enterprise certificate. The certificate must be issued to the organization number that signs the message.
Administration of e-ID
E-ID Portal
When the company becomes a customer, you get access to the E-ID portal. The portal makes it easy to manage the Employee e-ID.
OVERVIEW
The portal provides a full overview of which employees have an e-ID, and the status of deliveries and invoices.
ADMINISTRATION
With the E-ID Portal, administration becomes simple. You can order, cancel or renew your e-ID with a click. One or more administrators get access to manage Employee e-ID for the company.
Become a dealer
The e-ID portal makes it easy to become an e-ID dealer. As a retailer, you can manage the e-ID for as many customers as you want without losing track of it.
Frequently Asked Questions
An enterprise certificate is a digital proof of identity for businesses. The enterprise certificate functions as the company’s electronic identity in various contexts that require authentication, for example signing electronic documents, logging in on behalf of the company, reporting or connecting to APIs. An enterprise certificate can be used by individuals manually or in automatic processes between machines.
In a technical sense, the enterprise certificate is a digital certificate that confirms the company’s identity. The information about the company in the certificate has been verified by an approved certificate issuer, a so-called CA – Certificate Authority. Commfides is one of the approved issuers in Norway. The enterprise certificates we issue follow the international X.509 standard for digital certificates within Public Key Infrastructure
The enterprise certificate confirms the company’s identity using PKI – Public Key Infrastructure. The certificate contains a public key that is available to everyone and a private key that only the company has access to. The certificate links the public key to the company, based on the issuer’s check of the company information. The certificate can thus be used to establish a secure connection between the company and the other party.
This confirmation forms the basis for a number of digital actions that the company is involved in, for example connecting to various public services such as the Tax Administration’s APIs, signing tenders and reporting to Altinn. If an employee uses their private e-ID for these purposes, uncertainty arises as to who commits to the action. An enterprise certificate creates a clear distinction between private and professional roles.
The enterprise certificate can be used to log into or gain access to a number of public services such as ID-Porten, the Tax Agency’s APIs and Helsenett. It can also be used for reporting, such as:
- Sick leave reporting to NAV
- A message to Altinn
- Reporting of value transactions to the Norwegian Financial Supervisory Authority
- For energy companies to Elhub
- Reporting to the Norwegian Petroleum Directorate
Enterprise certificates can also be used to secure message exchange within the public sector.
Another important area of use is the signing of tenders and contracts. Here, the certificate streamlines the process, and helps to minimize the risk both for the signatory, for the supplier and for the purchaser. If the tender process is carried out electronically, an electronic signature may be mandatory. A signature with an enterprise certificate is, in contrast to a personal signature, binding for the company.
You can order an enterprise certificate on Commfides’ website. The order form for a enterprise certificate can be found here. The certificate is sent to the recipient via encrypted e-mail, while the password is handed out separately when attending in person (see also the next point). Delivery time is normally three to five working days, but can vary with demand – allow plenty of time when ordering.
The person ordering the enterprise certificate must have a role in the company that is registered and visible in the Brønnøysund Register. Examples of such roles are general manager, councillor, contact person, authorized signatory or authorized representative. It is also possible to authorize individuals in the company to order enterprise certificates. In that case, the order must be signed by one of the persons with a role as described above. The person who receives the power of attorney can order enterprise certificates either via the order form or in Commfide’s e-ID Portal.
The recipient of the business certificate will receive it by e-mail. The password for the enterprise certificate must be sent separately. It can either be sent with Posten’s PUM service for collection at the post office (which is linked to the recipient’s address), or the recipient can collect the password by attending in person at Commfides, at Lysaker in Oslo. The recipient must be able to show a valid passport, possibly a national or European ID card.
For those who need several enterprise certificates, whether it is for their own business, or on behalf of customers in the role of dealer, there is a good solution. Commfides provides access to a web-based tool, called the e-ID Portal, where a person from the business can order, manage and keep track of certificates. The portal provides an overview of the status of ordered certificates and simplifies both the ordering and delivery process. The portal is free and is suitable for those who need the majority of certificates and who want a good overview.
Enterprise certificates follow a common European standard in line with EU regulations. The so-called eIDAS regulation, which entered into force in 2018, regulates electronic identification and trust services. New enterprise certificates are issued according to the national certificate profile SEID 2.0. These certificates have increased security with stronger cryptography than before, and can be used across European borders.