Strong electronic identification, electronic signature and certification activities

Service providers and certification-service-providers providing strong electronic identification for the public must notify FICORA of

• prior to the launch of operations;
• changes to the operation; and
• termination of operations.
  

FICORA maintains a public register on identification service providers and their services, and those providing qualified certificates. FICORA also monitors that identification and certification service providers provide services in compliance with the obligations imposed on them.

The obligations are based on the Act on Strong Electronic Identification and Electronic Signatures. The objective of the Act is to create common rules for the provision of strong electronic identification services. It will likewise promote the provision of identification services and the use of electronic signatures. The Act is founded on the principle that users must be able to trust information security and protection of privacy when they use strong electronic identification services.

The majority of electronic services do not require electronic identification or electronic signatures. However, various legal transactions can be performed using electronic services, requiring the existence of a fiduciary relationship between the parties involved.

In addition to monitoring the compliance with the Act, FICORA

• may issue technical regulations on the requirements for the reliability and information security of the operations of identification service providers and qualified certificate providers;
• gives advices and guidance on matters related to identification services, electronic signatures and qualified certificates;
• monitors the activities of international standardization groups; and
• follows international progress in the fields of strong electronic identification and electronic signatures.