Invoice signing

Signature services from IBM Sterling e-Invoicing provide for the digital signing of an e-invoice, and include checking for duplicate invoices.

Signatures are based on the buyer and supplier country codes and are applied through the TrustWeaver on-demand service. In addition, to meet legal requirements of some countries, e-Invoices should contain certain items of information that are necessary for tax purposes. IBM Sterling e-Invoicing ensures that invoices contain the mandatory data to be compliant. This information includes but is not limited to the invoice number, invoice date, supplier VAT ID, Buyer VAT ID, currency, and line item details (description, quantity, price, and VAT amount).

The following describes the default process, using the C/XAdES standards, supported by the signing production service to support suppliers and buyers in IBM Sterling e-Invoicing transactions:

1. Invoice data is prepared by end user and sent to the service , in an agreed format, which represents the format that will be treated as the original invoice by both transacting parties. The end userer indicates the desired signature format, as well as the VAT origin and destination countries in two-letter ISO codes.
2. The service applies the appropriate electronic signatures in accordance with the applicable default or custom compliance configuration. After applying the correct signatures, with the exception of XAdES-EPES, the invoice and signature are time-stamped, resulting in the C/XAdES-T signature format. The Service may then validate the certificates associated with the private signing keys through an automated connection to the appropriate Certification Authority(ies). The resulting data,C/XAdES-T and validation data e.g. an OCSP response, are again time-stamped for long-term archiving purposes, the end result being in the C/XAdES-A format. This procedure will allow the supplier to offer tax authorities sufficient elements to confirm that the certificate was valid when the invoice was issued, as well as ascertain the continued integrity of the invoice from that moment onwards. It can also help the end user meet specific requirements for archive time-stamps in certain countries.
3. The service sends the end user-supplier’s signed original invoice back, which will either store it on behalf of the end user or send it to the end user for storage using TrustWeaver Archive Services in compliance with the applicable law.
4. At any point in time during the mandatory storage period, a tax auditor should be able to access the parties’ archives on-line (usually from the party’s principal business location in the country, and in human-readable format) and verify the authenticity and integrity of the stored e-invoices. Appendix 2 is used to support these audit requirements.

The Service can process invoice data in the document formats listed in the table below. These document types can be signed using digital signatures based on the PKCS#7 signature standard and the ETSI-defined extensions to that standard: CAdES-T/A and XAdES-BES/EPES/T/A as well as PAdES- EPES/LTV for PDF signatures. Digital signatures can be applied with different signature methods depending on the document format.

The following table describes which signature methods can be applied to a specific document format (XML Container is the TrustWeaver XML container). Commonly used formats are marked by an asterisk: