Future trends in electronic invoicing

August 26, 2008  |  Uncategorized

About one month ago, it was distributed a draft of the conclusions of the EC electronic invoice experts regarding future regulation needs to push development and disemination of electronic invoices.

I was disappointed to find that one of the conclusions implies that electronic signature is seen as a barrier for further development of the electronic invoice, and a feature that some of the members of the expert group see as superfluous feature.

In my opinion, electronic documents need ways to reinforce security to allow to tell apart fake documents from authentic documents. Ths is generally true even for informative documents with less impact on companies results.

It is also true that electronic signature is not the only way to reinforce security regarding autenticity of documents. For example, a document can be assumed to be authentic if it is retrieved from a trusted source, even if it is not completed with an electronic signature. But then we must define what are the requirements of such “trusted sources” to keep that assumption.

On the other hand, both approaches, electronic signatures and reference or trusted sources (which in turn frecuently are based in electronic signature derived schemes) need more precise definition to avoid lack of interoperability, which, in my opinion is the real barrier for electronic invoice wide deployment.

Some common authenticity mechanisms are required both for electronic invoices (those that are born electronically from the beginning) and for invoices certified scanning (invoices digital copies that become equivalente to an original, after a security mechanism has been added to a common scanning).

This approach, “certified scanning”, has been initiated in Spain with high success.

Certified scanning is a process in which an electronic signature is applied to a image file while it is scanned from a document paper. This image is stored in a secured database and the main concepts and terms of the paper document are added as metadata to the contextual fields of the image file in the database.

Once a paper document is “certifiedly scanned” the digital copy becomes equivalente to an original, and the paper source can be destroyed. The new “electronic original” can then be used for auditing purposes.

For the companies that receive thousands of invoices, “certified scanning” adoption imply benefiting from most of the advantages of the electronic invoice without dealing with the slow adoption pace that their suppliers could show.

If we want to support “certified scanning” we need a common definition of the requirements for that conversion. And they should not be very different form the requirements for “electronic invoices” .

If we accept authenticity mechanisms not based in electronic signature, they should be common for both approaches. And if electronic signature is still to be used in the future as the authenticity mechanism of the electronic invoice, the broad options in variants should be reduced and clearly defined (in my opinion, the XL definition of CAdES -TS 101 733- or XAdES -TS 101 903- should be used, including both validation and timestamping, from the signer side).

Source: ePractice


Related posts

Comments are closed.