Frequently Asked Questions
Enterprise Certificate
An enterprise certificate is a digital proof of identity for businesses. The enterprise certificate functions as the company’s electronic identity in various contexts that require authentication, for example signing electronic documents, logging in on behalf of the company, reporting or connecting to APIs. An enterprise certificate can be used by individuals manually or in automatic processes between machines.
In a technical sense, the enterprise certificate is a digital certificate that confirms the company’s identity. The information about the company in the certificate has been verified by an approved certificate issuer, a so-called CA – Certificate Authority. Commfides is one of the approved issuers in Norway. The enterprise certificates we issue follow the international X.509 standard for digital certificates within Public Key Infrastructure.
The enterprise certificate confirms the company’s identity using PKI – Public Key Infrastructure. The certificate contains a public key that is available to everyone and a private key that only the company has access to. The certificate links the public key to the company, based on the issuer’s check of the company information. The certificate can thus be used to establish a secure connection between the company and the other party.
This confirmation forms the basis for a number of digital actions that the company is involved in, for example connecting to various public services such as the Tax Administration’s APIs, signing tenders and reporting to Altinn. If an employee uses their private e-ID for these purposes, uncertainty arises as to who commits to the action. An enterprise certificate creates a clear distinction between private and professional roles.
The enterprise certificate can be used to log into or gain access to a number of public services such as ID-Porten, the Tax Agency’s APIs and Helsenett. It can also be used for reporting, such as:
- Sick leave reporting to NAV
- A message to Altinn
- Reporting of value transactions to the Norwegian Financial Supervisory Authority
- For energy companies to Elhub
- Reporting to the Norwegian Petroleum Directorate
Enterprise certificates can also be used to secure message exchange within the public sector.
Another important area of use is the signing of tenders and contracts. Here, the certificate streamlines the process, and helps to minimize the risk both for the signatory, for the supplier and for the purchaser. If the tender process is carried out electronically, an electronic signature may be mandatory. A signature with an enterprise certificate is, in contrast to a personal signature, binding for the company.
You can order an enterprise certificate on Commfides’ website. The order form for a enterprise certificate can be found here. The certificate is sent to the recipient via encrypted e-mail, while the password is handed out separately when attending in person (see also the next point). Delivery time is normally three to five working days, but can vary with demand – allow plenty of time when ordering.
The person ordering the enterprise certificate must have a role in the company that is registered and visible in the Brønnøysund Register. Examples of such roles are general manager, councillor, contact person, authorized signatory or authorized representative. It is also possible to authorize individuals in the company to order enterprise certificates. In that case, the order must be signed by one of the persons with a role as described above. The person who receives the power of attorney can order enterprise certificates either via the order form or in Commfides’ e-ID Portal.
The recipient of the enterprise certificate will receive it by e-mail. The password for the enterprise certificate must be sent separately. It can either be sent with Posten’s PUM service for collection at the post office (which is linked to the recipient’s address), or the recipient can collect the password by attending in person at Commfides, at Lysaker in Oslo. The recipient must be able to show a valid passport, possibly a national or European ID card.
For those who need several enterprise certificates, whether it is for their own business, or on behalf of customers in the role of dealer, there is a good solution. Commfides provides access to a web-based tool, called the e-ID Portal, where a person from the business can order, manage and keep track of certificates. The portal provides an overview of the status of ordered certificates and simplifies both the ordering and delivery process. The portal is free and is suitable for those who need the majority of certificates and who want a good overview.
Enterprise certificates follow a common European standard in line with EU regulations. The so-called eIDAS regulation, which entered into force in 2018, regulates electronic identification and trust services. New enterprise certificates are issued according to the national certificate profile SEID 2.0. These certificates have increased security with stronger cryptography than before, and can be used across European borders.
Delivery
Your private e-ID is delivered on a USB stick. You can collect it from Commfides’ offices in Lysaker or have it sent with Posten’s PUM service to the post office linked to your registered address. In any case, you must show a valid passport or national ID card when collecting.
The employee e-ID is issued on a USB stick. You get it sent with Posten’s PUM service to the post office linked to your registered address. You must show a valid passport or national ID card when collecting. Please contact us if you wish to collect it from Commfides’ offices in Lysaker.
The enterprise certificate is sent electronically to the recipient. The password can be collected from Commfides’ offices in Lysaker or sent to Posten’s PUM service to the post office linked to your registered address. In any case, you must show a valid passport or national ID card when collecting.
Employee e-ID
An increasingly large part of public services from the state, county and municipality are wholly or partly online. An electronic ID confirms that you are who you say you are, and is currently required to access these services.
Commfides’ Employee e-ID is an electronic ID at the highest level of security and is issued in accordance with Norwegian public requirements and EU standards. An Employee e-ID has functions for digital signing, authentication (login) and encryption of information.
Employee e-ID is a personal e-ID owned by a company and which identifies the company and the employee. The digital ID is located in a chip on a plastic card. The employee can use it to log in to the PC or to public digital services. It can also be used to sign documents.
Technically, the Employee e-ID is a digital certificate, a data file that contains information and a confirmation of your and the company’s identity. The identification process, which includes checking passports and a callback procedure for the company, is important because it is the basis for this confirmation.
Identity theft is a growing societal problem. If fraudsters gain access to your digital identity, it can in the worst case lead to your bank account being emptied. And for a company, there can be major consequences if unauthorized persons gain access to internal systems.
If an employee uses a private BankID to log in in a work context, it makes both the person and the company vulnerable to fraudsters. Employee e-ID is safer for both the company and the employee.
An Employee e-ID from Commfides can be used to log in to public services, but not to log into the bank. ID theft thus becomes less attractive, and both your money and your company’s data are more secure.
The principle of not using a private e-ID in a work context is also enshrined in the legislation, specifically in section 19 of eForvaltningsforskriften. Among other things, it states that use of the employee’s e-ID requires special approval.
Medium-sized and large businesses often have several departments with different needs in security, access and digital signing. By adding an Employee e-ID to the access card, you can tailor both physical and digital access the employees have in relation to their roles in the company.
With an Employee e-ID, the employee can be identified as connected to the business and log in to over 1,500 public services. The employee will also be able to use their e-ID to log on to services as a private person, for example Altinn and NAV.
The E-ID portal is a free and user-friendly tool for companies that use the Employee e-ID. It provides a complete overview of which people have an Employee e-ID in the company and makes ordering, renewal and administration easy.
In the E-ID portal, the company can order Employee e-ID and enterprise certificates as required and keep track of its certificates. The portal also shows the status of deliveries and invoices, and gives access to revoke or renew certificates.
Private e-ID
An increasingly large part of public services from the state, county and municipality are wholly or partly online. An electronic ID confirms that you are who you say you are, and is currently required to access these services.
Commfides is one of four Norwegian providers of e-ID, and supplies a personal electronic ID at the highest level of security which, among other things, gives access to healthcare services.
Commfides’ Private e-ID is stored on a USB stick that is inserted into the computer. When you log on to public services through the ID portal, you will be asked about the login method. With Commfides’ solution, you only need to enter your PIN code to log in.
Technically, Private e-ID is a digital certificate, a data file that contains personal information and a confirmation of your identity. The identification process, which includes checking passports, is important because it is the basis for this confirmation.
Identity theft is a growing societal problem. If fraudsters gain access to your digital identity, it could in the worst case lead to your bank account being emptied, or sensitive personal data being lost.
A Commfides e-ID can be used to log in to all public services, but not to log into the bank. ID theft thus becomes less attractive, and both your money and your personal information are more secure. The ID port gives access to over 1,000 public services.
Commfides e-ID makes it easy to log in to public services online via the ID portal. Some of the most popular services are Altinn, the Norwegian Tax Administration, NAV, Lånekassen, Mine resepter, Samordnet opptak, the Norwegian Medicines Agency and a number of municipal portals.
You can, among other things, use e-ID to submit your tax return, change your GP, apply for a nursery place, change your address or apply for a student loan. Commfides Private e-ID gives access to public services at all security levels. Private e-ID can also be used for digital signing.
You can order your electronic ID on our Order form for Commfides Private e-ID. To place an order, you must provide a Norwegian social security number or D-number.
Your e-ID is delivered on a USB stick. You can collect it from Commfides’ offices in Lysaker or have it sent with Posten’s PUM service to the post office linked to your registered address. In any case, you must show a valid passport or national ID card when collecting.
Commfides’ Private e-ID can be ordered by anyone with a Norwegian social security number or an active D-number.
SSL
SSL is a technology that is used, among other things, to secure the users of a website or a network. Today, it is expected that all websites use SSL.
When information is transferred on the internet, the transfer follows the so-called HTTP protocol, a set of rules for how such transfers are made. Because this information can basically be intercepted or manipulated by outsiders, an additional layer of security is needed that encrypts the information using SSL. This more secure version of HTTP is called HTTPS – Hypertext Transfer Protocol Secure .
SSL stands forSecure Sockets Layer, a standard for how internet use, e-mail and other types of data transfers can be done with secure communication. Although the term SSL is still used, today the protocol has been replaced by the TLS protocol, which stands for Transport Layer Security .
We can use the internet without any form of securing the data, using HTTP. The more secure HTTPS protocol came as early as 1997, but in the beginning it was primarily banks, online shops and the like that adopted it. Such services would be far too vulnerable if outsiders had the opportunity to eavesdrop on the data traffic – then they would be able to use bank account details and steal the money.
Over time, it has become more and more common to exchange personal information and/or passwords. The more sensitive the information, the more important it is to protect it. Not only can the information be intercepted, it can also be changed, so that what reaches the recipient is something other than what was sent from the sender. Both can be exploited by fraudsters. HTTPS provides higher protection and it is now expected of all websites that they are protected with SSL.
To secure the users of a website, the owner must obtain a digital certificate from a certificate authority or CA. With the help of the certificate, a secure connection is established between the user and the relevant service – between client and server.
When the client (for example a browser) contacts the server to establish a connection, the server sends a copy of its SSL certificate in return. The client checks that the certificate is valid and issued by an approved certificate issuer. In that case, the client gives a signal to the server, which establishes a secure communication channel between client and server.
Modern browsers have a field to the left of the address field that shows whether a website uses SSL. If it does, a padlock will appear. How it looks depends on the security level. If the website does not use SSL, the user is made aware that the connection is not secure, and the browser warns against exchanging sensitive information or blocks the page.
SSL certificates are available at three different validation levels. The difference between the three is about how thoroughly the certificate issuer checks the owner of the service/website. The lowest level of validation is domain validated certificates (often abbreviated to DV). It only involves a simple check that those who order the certificate owns website, through confirmation of the domain’s email address. This certificate encrypts traffic to the website, but does not provide the user with information about the page’s owner.
The next level is organization validated certificates (abbreviated to OV). In order to be issued such a certificate, the company must be checked more thoroughly – both by checking against the Brønnøysund register (or similar registers in other countries) and through a so-called callback-process where the company’s identity is checked. In addition to encrypted traffic, the user can see independent information about the page’s owner.
The highest level is extended validation (abbreviated to EV). Here, the procedures for checking the company are even stricter and in accordance with international requirements for secure websites, which are determined by the organization CA/Browser Forum.
If you want to secure several domains at the same time, there are two solutions for this:SANandWildcard.
SAN stands for Subject Alternative Name and means that you can add additional domains, IP addresses or e-mail addresses to one and the same certificate. On a certificate for the domain example.no, you can add example.no or example.com.
Wildcard is a solution that makes it possible to secure all subdomains of a domain based on the formula *.eksempel.com, so that the certificate also applies to the addresses godt.eksempel.no and nytt.eksempel.no and so on.
SAN and Wildcard can be combined to create tailor-made solutions.
At Commfides you can buy SSL certificates from some of the largest international suppliers. Thus, we can always offer products that are at the forefront of development. Commfides, started in 2005, has built up unique industry experience and expertise in the area.
You can buy certificates individually via the order form on the website, or become a reseller with access to our SSL portal. There you can, for example, order and keep track of certificates for your own customers.
Whichever solution you choose, you will have access to our support, which is open from 08:00 to 17:00 every weekday.
Signeringsporten
Signeringsporten is a user-friendly solution for electronic signing.
With Signeringporten, you can streamline your company’s handling of documents, both internally at the workplace and externally with customers and partners. Your employees, customers and partners get the opportunity to sign business documents digitally regardless of where they are in the world, even when they only have access to a tablet or mobile phone.
Signeringsporten has a number of functions and can be tailored to the company’s needs. It can also be integrated with other systems, for example ERP and CRM services, or with archive systems so that documents can be signed in the subject systems and archived directly afterwards.
For hundreds of years, the handwritten signature has been used as a personal confirmation that the content of a document, contract or similar has been read, understood and accepted. As in many other areas, digital technology has made it possible to simplify the process.
The first solutions for electronic signing came in the 1990s, and since then the technology has become increasingly secure and user-friendly. Commfides offers the signing solution from Ascertia, one of the world’s leading companies in e-signing, which in Norway is called Signeringporten.
Most people rely on electronic signing when agreements are to be entered into in one context or another, for example when buying or selling. A lot of time can be saved for the individual when you can approve the agreement with a few keystrokes instead of printing on paper or going somewhere to sign physically.
For companies, these time savings can multiply. Documents and contracts should preferably be visited by a number of people who may be sitting in different countries. With a modern and reliable e-signature solution, this process can be completed in a fraction of the time it would take with physical signatures.
Signeringsporten is a user-friendly system that guides signatories through the workflow. The process starts with uploading the documents, then you enter a signature field in the document and set up the order for signing. Signeringsporten can also be set up with templates so that the documents are already prepared for signing.
Each signatory is notified by e-mail when it is their turn to sign. You are guided through the process to your assigned signature field. The user activates the signature with a password, or by using an electronic ID together with a PIN code. Once you have signed, the signature is locked and forwarded to the next person. The system follows up with a reminder to each signatory.
The signatures in Signeringporten are created using cryptography and so-called PKI technology. Each user has a unique signing key with an associated digital certificate. The certificate acts as the person’s digital identity and is integrated into each signature. Thus, it links the identity of the signatory to the signed documents with great certainty.
CertPub
CertPub is a service that simplifies and secures communication and transactions between public and private businesses and across national borders.
When exchanging messages or transactions between different businesses, great demands are placed on security. CertPub is an infrastructure and lookup service that makes it easy for a company to find the digital certificates required for various purposes.
CertPub is a Norwegian service developed by Commfides with others on the initiative of the Norwegian Digitalisation Agency and Bits (the banking and financial industry’s infrastructure company).
The service is based on a common European standard for secure file transfer, PEPPOL, which facilitates secure communication, transfers and trade across national borders.
The service includes certificates for various purposes. Businesses that are to receive messages or transactions must have an enterprise certificate.
When a business performs a transaction through CertPub, the recipient’s certificate is automatically retrieved and the transfer is encrypted throughout.
The first businesses to adopt CertPub are banks that use the service for their communications and system providers that handle EHF invoices and messages.
It is expected that more industries will adopt CertPub in the coming years, for example within health, the police and several other public services.
You can make your company available in CertPub by ordering an Enterprise Certificate and/or a Test Certificate.
You will receive a confirmation from Commfides that the certificate has been produced and registered in the CertPub directory. The delivery time is 1-3 working days.
Commfides operates the CertPub service. The certificate is automatically renewed after 3 years (unless terminated within 30 days before the expiry date).
