AUSTIN, Texas — HID Global has launched an enterprise-grade service that is said to enable users to verify the date and time of their electronically or digitally signed documents, code and other files.

The service embeds an irrefutable date and time thereby binding the signer’s Public Key Infrastructure (PKI) digital certificate to the date and time of their signature.

In a press release, the company explains:

Who: HID Global, which has now met the Internet Engineering Task Force (IETF) standards RFC 3161 requirements for operating as a Timestamping Authority (TSA). The company is also one of the world’s leading CAs and providers of digital certificate products.

What: The HID IdenTrust Timestamping-as-a-Service offers a high-availability Cloud-based platform for enterprises to embed timestamps to any software application, documents, or digital files by creating and embedding a trusted timestamp date and seal. Manipulation of the file breaks this seal and alerts the user that the file is no longer in its original state.

Why: PKI digital certificates are used to create trusted digital identities for many use cases. They are strengthened through industry-standard IETF X.509 verification using a trusted CA signature. The IETF’s PKI Time Stamp Protocol (TSP) goes further to establish the signature’s “proof of existence” at an instant in time. Trusted time stamps combat digital certificate forgery, prevent unauthorized use of revoked certificates, simplify time-based compliance record-keeping, strengthen legal claims, and prove long-term signature validity. Application examples include securing antivirus software updates with timestamped signatures.

How: Users connect to HID’s always-available Timestamping-as-a-Service to begin the process of creating their file’s unique identifying “fingerprint” and combining it with a trusted timestamp. The resulting timestamp token is sent to the client application and recorded with the file’s digital signature(s).

The company says its digital certificate and PKIaaS offerings are critical for securing information and digital assets inside or outside the firewall. They are said to enable users to conduct e-commerce, authenticate to regulated and government websites and secure communications between machines, network endpoints, mobile devices, secure virtual servers and IoT devices.

The Timestamping-as-a-Service is available at a low-cost subscription fee with a contractually guaranteed enterprise-grade Service Level Agreement (SLA).

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Related Content