Council Directive 2001/115/CE governs a series of matters related to invoicing, including those surrounding the security of the electronic invoice (eInvoice), and provides for the creation of a legal framework for the electronic invoice in the EC.
Article 2 of this EU directive dealing with eInvoices defines the following requirements for technological products that are used in the management of the electronic invoices:
- Guarantee of authenticity of the origin and integrity of the content of electronic invoices.
- Generation of advanced electronic signatures in accordance with Directive 1999/93/CE of the European Parliament and of Council. The electronic signature endorsed by the directive is one based on a recognized certificate and created using a secure signature-creation device in accordance with Sections 6 and 10 of Article 2 of the above mentioned Directive on Electronic Signatures.
- Preservation of the authenticity of the origin and integrity of the content of the electronic invoice based on the preservation of the verification of the signature during the period for which the invoice must be held.
The TrustedX platform offers the security mechanisms required for handling electronic invoices in compliance with Spanish Royal Decree 1496/2003. TrustedX security services support generating and verifying signatures in different formats (e.g., PKCS #7, CMS/CAdES, S/MIME, XMLDsig/XADES and PDF Signature/PAdES), which means being able to meet all legal security requirements and having complete interoperability with current and future clients and suppliers.
TrustedX guarantees the preservation of signatures over the long term through the option to use the standard long-term signature formats (advanced CAdES and XAdES formats), including the archive format (ES-A). Thus, TrustedX supports the requirements for preserving the signatures of electronic invoices during the time for which they must be held by law.