ELECTRONIC IDENTITY FOR THE ADMINISTRATION

Realization of the Signature

In order to be able to sign a document, the following steps have previously been taken:

1. High on the Cl@ve system.

2. Generation of password. There may be two cases.

2.1. First registered users in Cl@ve and users of TUSS Key and Password.

When the security of access to the system is improved, the establishment of a new password will be required, with which you will have to authenticate from that moment on. (Consult the user guide in the "Password Update" section)

2.2. Current Cl@ve registered users. It is generated according to the corresponding manual.

3.- Generation of authentication and signature keys.

Using the Cl@ve system, citizens can generate their authentication and signature keys in two different phases:

3.1. At will. The citizen can generate his authentication and signature keys at will in an independent act of generating keys on demand. (Consult "STEP 5 - SIGNATURE KEY GENERATION PROCEDURE" from the section "SIGNATURE PROCESS" from this same page)

3.2. At the time of the first signature. If a citizen intends to sign a document the first time, and has not yet generated the authentication and signature keys, they will be generated in a process immediately prior to the signature they intend to make. (Consult "STEP 5 - SIGNATURE KEY GENERATION PROCEDURE" from the section "SIGNATURE PROCESS" from this same page)

Once the above steps have been completed, the citizen will be able to sign the documents that the different services of the Administration integrate into the Cl@ve system. Gradually, different administrations will be integrated with this functionality until all the General Administration of the State and other administrations that are interested in joining the System are completed.

Due precisely to the heterogeneity of the Agencies that will provide services through the Cl@ve System, the citizen will notice that there are changes in the different screens through which he navigates during the signing process. This is because certain agencies have a specific function within the system, and so that it can provide all the necessary security guarantees to the process, the information involved in the processes is safeguarded and managed by different administrations.

Particularly relevant in the signing process are the SGAD as manager of the Cl@ve platform, the GISS as Trusted Services Provider, the Tax Agency as responsible for the single registration and the General Directorate of the Police as Certification Authority and Trusted Services Provider, so the logos corresponding to these bodies can be shown, along with those of the Administration that provides the service from which the citizen intends to authenticate and/or sign. (Consult "PHASE 6 - SIGNATURE PROCESS" from the section "SIGNATURE PROCESS" from this same page)

Process of signature

Phases of the signature process:

First, you must proceed to authentication, prior to any administrative procedures within the system.

In this case, the Social Security portal has been chosen as an example. It is necessary to remember, that depending on whether the authentication is done with Cl@ve PIN or Cl@ve Permanente, some services or others can be accessed. In this case, as it is intended to sign, we will use Cl@ve Permanente, which is endowed with a higher level of security.

On the right side of the screen, in the white box, we see the "Access" button that allows us to enter the Cl@ve system:

    Procedimiento de autenticación

    Once activated we find the next screen, where it will be necessary to enter our identity document number (DNI/NIE) and the password that we have activated previously.

    The password may need to be updated. This will happen with the first registered users in Cl@ve and with users inherited from other systems. This update provides passwords with the most advanced security measures.

    If this is so, the following screen will be displayed:

    NOTE: For the management of the passwords of the Cl@ve system, the National Police Force is responsible. For this reason, the National Police logo is displayed on the screens that perform functions of their competence.

    Actualización de la contraseña

    It is necessary to keep in mind, that once updated, the valid passwords to authenticate in the system will be the new ones and not the previous ones.

    If it has not been necessary to perform the previous step, we will find this screen:

    Continuación del proceso

    Once entered we press the continue button, and if the process is done correctly, we will have identified ourselves in the Cl@ve system.

    In this example, we are going to make a Social Security Beneficiary Discharge.

    To do this, on the page shown, we request the desired procedure. It will be each of the Administrations that establish the level of security required to access them. In this case, we have authenticated ourselves to a high level, which allows access to this Service.

    Acceso a un trámite

    Being a procedure typified as High Security, the user will be requested to enter a one-time use key (OTP) that will be sent through an SMS to the mobile phone that registered the system,

    Comprueba tu teléfono móvil

    Once this security check has been carried out, the administrative procedure is completed following the instructions of the corresponding Agency until its completion.

    Cumplimentar trámite administrativo

    On the next screen you can see the box that needs to be activated to continue with the process. It is a statement that the data provided is true.

    Continuar con el proceso

    In the previous case the procedure needs to be signed by the applicant. Consequently, a screen will be displayed for the realization of the signature.

    If the user has not requested the signature certificates previously, a screen similar to this will be displayed, where the possibility of requesting the generation of the same is given.

    Solicitud del certificado centralizado

    It is necessary to highlight that, at this point in the process, the screens change and the National Police logo is displayed. This is so because the management and custody of the certificates belongs to that Body. Therefore, to perform this part of the process with the same guarantees as the certificates of the electronic DNI, the request is redirected to the systems of the General Directorate of the Police (DGP) for its generation.

    In this process, the password is requested, whose knowledge is only in the possession of the user, and the I accept box is marked, after reading it, if you agree with the information contained in it.

    Emisión de tu certificado de firma centralizado
    Emisión de tu certificado de firma centralizado aceptar

    If the process of generating certificates is carried out correctly, it is redirected to the Agency in which we were previously, changing the screens again to inform the citizen at all times in which Agency it is located. On that screen you will be informed of the completion of the process.

    Solicitud del certificado centralizado firmado

    Once the certificates are generated, we are already in a position to sign a document.

    The next screen shows the user that it is necessary to sign a specific procedure. To be able to do it, it is necessary to enter the password and the OTP received through the mobile phone.

    The operation is then confirmed.

    Proceso de firma

    If the process has been carried out successfully, a screen similar to the next one will be displayed, giving the opportunity to obtain a proof of the operation carried out.

    Finalización del proceso de firma

    This would be the final result of the signing operation.

    Finalización del trámite administrativo