Further Offers Digital Signature
All Credit Suisse documents bear digital signatures. The digital signature forms part of the PDF document.
A digital signature confirms the following:
- The documents were issued by Credit Suisse.
- The documents were not altered.
Implications of the Digital Signature
Tax-related documents (e.g. statements of interest) are valid as originals only if they are forwarded electronically. Practice varies among tax offices. Some accept paper printouts of the electronic documents, whereas others require the original to be forwarded electronically. Receipts for VAT, withholding tax, and direct federal tax are accepted as originals if sent in electronic form.
Checking Digital Signatures
In the future, various tax authorities and auditing companies will check to determine if the e-documents filed are authentic and unaltered. The review procedure is laborious.
Checking electronic signatures requires Adobe Acrobat Reader version 8.0 or higher. When validating the signature, the system checks whether a certificate is currently valid (comparison with list of locked certificates). For this to happen, validation must take place before the certificate has expired, and you must be connected to the internet during the validation process.
How Digital Signatures Work
To protect confidential information, encryption systems are used to encrypt packets of data that are sent over the net. Such encryption procedures are the basis of secure data exchange. Mathematicians have developed a variety of systems to do this. They are all based on the idea that only someone with the appropriate key can decrypt an encrypted message.
Credit Suisse has concluded an agreement with an official Trust Center (certificate issuing authority). The Trust Center provides Credit Suisse with two keys to the signature used with its documents:
used by Credit Suisse to encrypt the e-documents and kept strictly confidential.
used to decrypt the e-documents and can be downloaded publicly from the website to check whether the document was actually issued by Credit Suisse and has not been altered.
The secure mathematical operation and the long key guarantee that the e-documents' authenticity and integrity can be confirmed only if the two keys fit together. The public key is accessible to all, while the private key belongs only to the issuer of the e-documents. Moreover, the public key can be used to encode the messages, whereas they can be decoded only by using the private key:
- The sender encodes his/her message using the beneficiary's public key.
- A message encrypted in this way can be decrypted again only with the beneficiary's private key.
Validity Period of the Key:
The keys used by Credit Suisse for encryption (private keys) are valid for three years. The (public) keys used for decryption are valid indefinitely (or until revoked in the blocked list).