By Riaan De Villiers, Business Analyst at LAWtrust
In the digital era, details are all that matter when settling a legal or business dispute—proving the existence of specific data at a particular date and time, especially in business, is now more important than ever. Associating a date or time with a document, also known as “trusted timestamping,” provides auditable proof of the exact time the record or transaction was created, updated, or deleted. That is why your business must use trusted timestamping to secure documents and transactions.
According to LAWtrust’s business analyst Riaan De Villiers, a document with a trusted timestamp is a formidable piece of evidence that will assist settle disputes regarding the time of a transaction swiftly.
Consider this scenario: after signing a Non-Disclosure Agreement (NDA) with a contractor, it comes to light that the contractor has leaked critical information to a third party. During the dispute, the contractor claims that the information leaked before the signing of the NDA. On the other hand, your company’s lawyers argue that said information was revealed after the contractor signed the NDA.
“In the event of a dispute, the precise time of a transaction can be useful.” However, a simple timestamp retrieved from a user’s computer may not always be sufficient: any user can easily change the time and date on a computer. “A trusted third party, the timestamp authority, provides a trusted timestamp and applies a verified and auditable date and time from a Coordinated Universal Time source,” de Villiers continues.
Furthermore, the timestamp is protected from tampering using Public Key Infrastructure (PKI) cryptography combined with industry-standard cryptographic hardware. Applications such as Adobe Reader can automatically query the evidence in a timestamp to verify that the timestamp has not been changed maliciously or by accident.
Here’s what to look for in a Trusted Timestamp Authority:
- A highly effective, flexible Timestamp Authority server designed for use as an Enterprise TSA or as a high-volume commercial service TSA.
- RFC 3161 TSP and Microsoft Authenticode timestamp protocols are supported.
- Very effective timestamp service management with detailed transaction logs with viewing, searching, reporting and archiving options.
- Support of robust signing algorithms like RSA and elliptic curve cryptography.
- Supporting all standard hashing algorithms.
- Ease of installation, configuration and management using secure web browser management screens.
- Recording and archiving issue timestamps if required for legislative or regulatory purposes or as evidence to simplify dispute resolution processes.
“To ensure that the information shared in documents is protected, it is crucial for organisations to effectively use trusted timestamping, as this will fortify security measures put in place,” concludes de Villiers.
LAWtrust’s Trusted Timestamp Authority is available as a cloud-hosted service or deployed on-premises for a wide variety of needs. The service provides independent and irrefutable proof of time for business transactions, e-documents and digital signatures. In addition, the timestamp can independently prove when a digital signature was applied even after the signing certificate has expired.
*Check out the latest edition of the Public Sector Leaders publication here.
For enquiries, regarding being profiled or showcased in the next edition of the Public Sector Leaders publication, please contact National Project Manager, Emlyn Dunn:
Telephone: 086 000 9590 | Mobile: 072 126 3962 | e-Mail: [email protected]