DSS - secure software for cross-border eSignature creation and validation
Towards an even easier to integrate, better tested and more secure software for cross-border eSignature creation and validation
Nowina Solutions is participating to the further development of DSS (Digital Signature Service) open source software based both on the company technical expertise but also on its ability to sense future evolution of eSignature in Europe and to carry out application developments in this perspective.
Interview with David Naramski, Partner at Nowina Solutions
What is exactly DSS?
DSS (Digital Signature Service) is the European open source software for eSignature creation and validation. DSS creates and verifies legally binding, interoperable and secure electronic signatures based on Member States’ “Trusted Lists” (the public lists of supervised / accredited services issuing qualified certificates to the public).
In other words, it is a tool ensuring that two protagonists (government, business or citizen) speak a common language when it comes to eSignature regardless of the ends pursued. This means public administrations, businesses and citizens can trust and use eSignatures that are valid and structured in EU interoperable formats. DSS can be applied to all sorts of signed documents: invoices, contracts, certificates, diplomas, legal documents, etc.
DSS is not limited to a specific type of user or sector of activity. Any entity, anyone can use it in order to create and/or validate an eSignature on a document.
What are the key benefits?
The benefits are numerous. To begin with, DSS enables a protagonist to free oneself from technical consideration when it comes to eSignature and to focus on generating what s/he wants to produce: an invoice, a contract, etc.
DSS is therefore a powerful lever for companies to integrate eSignature with less effort.
It also increases cross-border interoperability and allows for higher levels of trust and confidence on electronic transactions.
Is DSS generic and sustainable?
Yes, indeed. The tool, realised in Java, is open source, available to all Member States, businesses and citizens for any electronic procedure. It is published at the Commission’s open source software repository Joinup and is continuously updated and undergoing maintenance.
Anyone can integrate it and redistribute it under the terms of the permissive Lesser General Public License (LGPL 2.1).
DSS supports various document formats. A “cook-book” is also provided with documentation targeting implementers /developers and aiming at facilitating the integration and use of DSS into their applications.
SD-DSS or DSS?
Developed initially in the context of the Services Directive (2006/123/EC, hereafter SD) aiming at facilitating the free establishment of service providers and the free provision of services in the European Union, and compelling accordingly Member States to make administrative procedures available online and across borders using a unique language, the DSS software was originally called SD-DSS.
The objective pursued was to make it easy for Member States and their eGovernment managers to comply with these obligations by providing them with the necessary technical tools to create advanced Signatures (DSS Software) and to manage Trusted Lists (companion software called TL Manager). Both tools rely on standard formats and specifications with the objective to increase cross-border interoperability.
As its usage and adoption gather momentum, the software has been revisited in a broader perspective changing its name to DSS. It can now be used more widely, whenever there is a need to create or validate an eSignature. As the prefix SD in SD-DSS has become somewhat anecdotal and too restrictive in its scope, the designation DSS naturally prevailed.
Has the adoption been rapid and who are the main beneficiaries?
By imposing, under the Services Directive, Electronic signatures to be accepted and technically supported across Member States, the European Commission has been instrumental in the starting phase.
In a second stage, businesses have largely adopted DSS as it allows for higher levels of trust and confidence on electronic transactions.
Ultimately the citizen will be the main beneficiary and user of the DSS Software. The path to this point will however require additional adjustments.
What developments can we expect to see in the near future?
A major evolution is related to the fact that DSS has been designed as an independent technical building block to be integrated in a larger application and customized easily to specific needs. DSS will continue to evolve from a library to a complete independent application, i.e. an end product that would be usable upon download. Beyond businesses, citizens will be the main beneficiaries of this evolution.
Another trend is the development of technical support to businesses as a sustainability guarantee. Indeed, if the Commission guarantees maintenance through a ‘Best Effort’ SLA until 2020, the private sector necessitates the SLA to go beyond the engagement of the Commission.
If the fact that DSS is a free open source tool has been instrumental to its development, the provision of a technical support is key to ensure its sustainability and further adoption. To address this need and in addition to helping our customers with the DSS deployment and integration within their business processes, Nowina supplies ongoing assistance on all technical issues following the deployment of DSS as part of a support subscription.
Lately, the emphasis has been put on testing. Through automatic testing of course, but also testing from two independent teams covering a conformance test with standard and a penetration test for security. We can expect the tool to become even easier to integrate and more secure in the coming months. This will dramatically improve the cross-border access of citizen and business to eSignature.