search
Where Thought Leaders go for Growth
Reference a solution

Time stamping to guarantee the integrity of your electronic documents

Time stamping to guarantee the integrity of your electronic documents

By Samantha Mur

Published: 29 October 2024

What is time-stamping, and why is it important for businesses? While this process is used to record the date and time of an event in the traditional sense, it is particularly important when it comes to transactions and the processing of electronic documents.

In a context of digital transition, the transformation of your business processes brings with it new challenges. Keeping proof of exchanges, tracing actions carried out on an online document and knowing the exact date of a document's electronic signature are all functions attributed to time stamping.

But what exactly is it used for and how does it work? When should time-stamping documents be used, and what are its advantages? appvizer gives you the essential keys to understanding!

Find out in this article:

Timestamping: definition

Electronic time stamping: dating and no more editing

Electronic time-stamping is a process that consists of associating a precise (to the nearest second) and reliable date and time with data, as securely as possible.

In a context of dematerialisation of documents and business processes, time stamping has a number of applications, including :

  • certifying the date of an electronic signature,
  • proving the existence of a document
  • guaranteeing transaction times (purchases, sales, etc.),
  • validating receipt of electronic mail,
  • comply with legal archiving and document retention periods,
  • date an electronic invoice when it is issued, etc.

☝️ The timestamp used cannot be a device using a system clock (such as a computer). As the date and time can be changed manually locally, this does not give any legal value to the creation date of a document, for example.

Similarly, although online tools can be used to change the date on which a document was created or modified, or even the date on which a file was last accessed, they are not legally recognised time-stamping systems either.

So how can the reliability of the time-stamping process be guaranteed?

Certified time-stamping: guaranteeing security and compliance

Certifiedtime-stamping is the cryptographic guarantee that the time-stamped data or documents have not undergone any subsequent modification and that the date recorded is accurate.

According to the European eIDAS regulation, qualified time-stamping makes it possible to guarantee :

  • the existence of the document at a precise date and time, defined using a Coordinated Universal Time (UTC) source;
  • the integrity of the document, which certifies that its content has not been modified since that date.

This is where a time-stamping PSCo (Trusted Service Provider) comes in. Thanks to its FIPS-compliant secure equipment, this service provider delivers a certified time-stamp, which takes the form of an electronic seal or a time-stamp token for an electronic document.

This third-party trust organization complies with the obligations set out in the RFC 3161 standard in order to qualify as a Time-Stamping Authority (TSA).

How time-stamping works

A Time-Stamping Authority uses Public Key Infrastructures (PKI). The technical process is as follows:

  1. A hash value is created and sent to the TSA by the client application (such as a unique identifier);
  2. Any changes that need to be made to the file will be communicated to the TSA server;
  3. The time-stamping authority associates the hash with other information, including the reference time. The TSA's private key is used to digitally sign the result, and a timestamp token is then issued and sent to the client;
  4. This token, containing all the important time-stamping information, is received by the client application and recorded in the document or code signature.

ℹ️ When the timestamped file is opened, the client application authenticates the TSA and checks that the timestamp has been issued by a trusted TSA. A new hash of the data is calculated and compared with the original hash. If any changes have been made after the timestamp, the unreliability of the data is reported.

What is the benefit of a document time-stamping solution?

Giving evidence value

The time-stamping of an electronic document has legal value: it acts as irrefutable proof in the event of a legal dispute or litigation.

Applying a time-stamping token or electronic seal, via the time-stamping service, makes it possible to prove :

  • the integrity or non-alteration of the document: no changes have been made since the time-stamping ;
  • the anteriority of the document: the date of issue is the date of the time-stamp;
  • acknowledgement of receipt: the stamp attests to the date and time of receipt of an e-mail;
  • the enforceable nature of the document: it constitutes evidence that can be used before a legal authority;
  • traceability of all actions carried out during document processing.

Guarantee the compliance of your documents and transactions

Using a reliable system dedicated to the electronic time-stamping of documents can be of vital importance for issuing dematerialised documents and carrying out transactions with your customers, partners and suppliers in full compliance.

Its enterprise applications guarantee the compliance and reliability of various types of documents and transactions, including :

  • electronic invoices
  • dematerialised payslips
  • certified copies of digital documents with legal value,
  • electronic document signatures, etc.

Certified time stamping and electronic signature

To guarantee the legal nature of an electronic signature, the date and time of the computer used in no way constitutes legal proof.

However, a time-stamped signature does have the following benefits:

  • the security and integrity of the signature are strengthened ;
  • the time-stamped content is irrevocable;
  • the date and time of signature are more reliable;
  • the confidentiality of the signatory is preserved, in accordance with the RGPD;
  • faster processing of files;
  • procedures and decision-making are accelerated, etc.

💡 The certified time-stamping process of an electronic document signature enables the validity of the signature to be perpetuated with long-term validation (LTV). The signature can thus be authenticated, and the authenticity of the document can therefore be proven at any time.

Selecting trusted third parties

For any company, it is essential to use a certified time-stamping system to guarantee the existence, integrity and anteriority of its electronic data and documents.

In many cases, time stamping is included in your electronic signature solution, such as DocuSign, which manages, sends and signs electronic documents, while also integrating the time stamping system.

By opting for an " electronic time-stamping service provider " (PHSE), as defined by the RGS (référentiel général de sécurité), offering a FIPS (Federal Information Processing Standard) compliant service, you can ensure the security and legality of all your processes.

This is the case with Universign, a Trusted Service Provider (TSP) qualified under the European eIDAS regulation and recognised as a trusted authority by Adobe, which offers qualified time stamping directly integrated into the electronic signature and seal services of its solution.

Legal value at the click of a button

To ensure the best possible guarantee of document reliability and security, don't hesitate to turn to trusted time-stamping authorities or third-party time-stampers, for all the advantages we have outlined.

More than just guaranteeing the date and time of your documents, transactions and electronic signatures, time stamping enables you to trace with certainty every event and stage in the life cycle of a document, from its creation to its storage, management and distribution. This makes it particularly useful for collaborative platforms and digital workspaces.

Are you ready to time-stamp your documents with peace of mind?

Article translated from French