CPK – Central Signing Component
Introduction
In the context of electronic public administration, a digital signature has the same legal weight as a handwritten signature on paper. However, for an electronic signature to be valid, trustworthy, and broadly usable, it must be created and verified using technologies that meet both legal and technical standards. In Slovakia, this is ensured by the CPK – Central Signing Component, which is one of the key building blocks of the Central Government Portal (ÚPVS).
What Is CPK?
The Central Signing Component (CPK) is a technical solution for creating and verifying electronic signatures, seals, and timestamps. Its primary goal is to ensure that documents exchanged within public administration are trustworthy, legally binding, and compliant with both Slovak and EU regulations—especially the eIDAS Regulation and Act No. 305/2013 on eGovernment.
CPK enables users to electronically sign official documents using various methods and also verifies incoming signatures on submitted documents.
Supported Authorization Methods
One of the greatest advantages of CPK is its flexibility in supporting multiple electronic authorization mechanisms tailored to diverse user scenarios. These include:
1. Authorization via eID (Qualified Electronic Signature)
This is the standard method using the national eID card with a chip. The user signs the document with a qualified electronic signature (QES) using a physical smart card reader and their personal security code (BOK).
2. Mobile Authorization (eDoPP, eID 2.0)
A modern approach using the mobile app Slovensko v mobile, which allows NFC reading of the eID. The signature is created using a qualified certificate stored either on the card or remotely (remote signing).
3. Authorization via Access Point Function (AFPM)
Also referred to as “click-to-sign,” this method allows the system to authorize a submission on behalf of the user by applying a qualified seal. A structured authorization document is added to indicate who authorized the submission and how.
4. Authorization by Public Sector Staff
Public authority employees may authorize documents using a qualified electronic seal or a signature based on a mandate certificate. This is commonly used for issuing decisions, notifications, and official statements.
5. Local Signing of Files
CPK also supports signing locally stored documents using standardized tools such as D.Suite or other compatible signing applications.
Key Features of CPK
Beyond signature creation and verification, CPK offers a wide range of additional capabilities:
- Signature type detection (e.g., QES, advanced, seal),
- Merging and splitting of signature containers (e.g., ASiC-E, XAdES-ZEP),
- Conversion between signature formats (e.g., PAdES to XAdES),
- Remote signing using server-side qualified certificates that meet QSCD requirements,
- Real-time or asynchronous signature validation, based on the requirements of the submitting system or service.
Role of CPK in eGovernment Architecture
CPK is essential for the delivery of public services that require secure legal acts. It is widely used by:
- Citizens when submitting applications, appeals, or benefit requests,
- Businesses during interactions with state agencies (e.g. Financial Administration, Statistical Office),
- Government authorities for sending decisions, requests, and official communications.
Together with other components like CEP (filing), eDesk (mailbox), and IAM (identity management), CPK provides the legal and technical foundation for trustworthy digital government services.
Conclusion
The Central Signing Component is a technical and legal guarantor that digital documents within the public sector are valid, verifiable, and legally enforceable. Thanks to its flexibility and scalability, CPK is well suited for integration with modern services such as Slovensko v mobile, digital onboarding, and cross-border eIDAS interactions. Its ongoing development represents a cornerstone of a secure and user-friendly digital state.