Go to main content
5 min read

Digital certificates: how they work and what role they play in digital identity

Digital certificates: how they work and what role they play in digital identity

Digital certificates have become a fundamental pillar of digital transformation. In a context where electronic identity is moving towards pan-European models such as the eIDAS2 regulation and the future EU Digital Identity Wallet, understanding how digital certificates work, their applications and limitations, is key for individuals and businesses alike.

What is a digital certificate and what is it for?

Often, carrying out procedures can mean waiting and travel time, however, in this case it is a benefit for individuals, because digital certificates allow them to sign documents electronically with legal validity, carry out administrative procedures online, such as filing taxes, consulting medical records or accessing social services and authenticate themselves with public and private organisations (banks, universities, employment services, etc.) securely and without the need to attend in person.

They are also the technological basis for using the electronic ID card and other digital identity mechanisms currently in use in Spain and the European Union.

Meanwhile, in the case of companies, digital certificates are essential for issuing legally valid electronic invoices, participating in public tenders and submitting documentation without physical travel, signing contracts, notifications and other documents with legal security and traceability, and complying with regulations such as the Crea y Crece Law, which requires the use of electronic invoicing between companies.

In addition, their use improves document efficiency and reduces the risk of impersonation or manipulation of information. The process, although standardised, may vary depending on the type of certificate and the issuing entity in Spain, which nevertheless has a mature ecosystem of digital certificate issuing entities.

The main entities issuing digital certificates in Spain

The main entities issuing digital certificates in Spain are FNMT-RCM (Fábrica Nacional de Moneda y Timbre), the most popular option among citizens and the self-employed; Camerfirma, an entity linked to the Chambers of Commerce, notably used by SMEs; and ANCERT (Notariado), the Notarial Certification Agency, and other qualified providers registered in the official list of the Ministry of Economic Affairs and Digital Transformation.

Step-by-step application process

  • Online application: The procedure is initiated from the issuing entity's website, where the keys are generated and an application code is obtained.
  • Face-to-face proof of identity: The applicant must go to an authorised office with their ID or Foreigners’ ID card.
  • Download the certificate: Once the applicant’s identity has been verified, the certificate is downloaded to the device from which the procedure was initiated.
  • Use and management: It can be installed on compatible browsers, digital signers or mobile devices.

Some issuers already allow 100% digital processes through video identification or biometric validation, although not all certificates allow this option yet. Although widely deployed, digital certificates have significant advantages, but also barriers that need to be addressed to facilitate their mass use.

The benefits include full legal validity, especially in the case of qualified certificates; time and cost savings for both individuals and companies; trust and security: They guarantee that the identity of the signatory or authenticator has been verified by a trusted entity and they replace paper, reducing bureaucracy, promoting efficiency and facilitating document traceability.

Challenges: user experience, compatibility, maturity

Technical complexity: Requires pre-configuration, installation of certificates on devices and compatibility with browsers or operating systems.

User experience could be improved: Especially on mobile devices.

Expiry and renewal: Certificates are usually valid for 2 to 5 years, and renewal can be cumbersome if not done in time.

Device dependency: Many certificates only work from the computer where they are installed, although this is being solved through Cloud solutions or mobile apps.

Digital certificates and blockchain: interoperability and security

The rise of technologies such as blockchain is driving an evolution in the traditional model of digital certificates, thanks to the fact that this technology adds information immutability, certificates issued in blockchain cannot be altered or manipulated; greater control by the user, who can only share the necessary data and decentralisation: there is no longer dependence on a single central issuing authority, but validations can be distributed.

Use cases: education, identity, official documentation

  • Verifiable academic certificates: Universities and training centres already issue degrees or micro-credentials in blockchain networks such as EBSI or Ethereum.
  • Decentralised identification (DID): Where individuals manage their identity without relying on intermediaries.
  • Official documentation: From licences to notarial records, they can be issued in real-time verifiable formats.

In the European context, digital certificates are set to evolve towards a more agile, interoperable and user-centred model. The new eIDAS2 regulation, in force since 2024, extends the legal framework that supports digital certificates, incorporating the European digital identity wallet.

Towards a unified digital identity

The ultimate goal is clear: to move towards a unified European digital identity, where citizens can present digital certificates with a single click, from a mobile application, validate credentials between countries without barriers or additional formalities, and control their own data, only granting access to what is strictly necessary.

This scenario is materialising through pilot projects, such as CertiDigital in Spain or developments based on EBSI (European Blockchain Services Infrastructure).

Digital certificates are not simply technical tools: they are the basis on which digital trust is built in society. In an environment where online identity is becoming essential, its role will become increasingly relevant and its integration with emerging technologies and new regulatory frameworks, such as eIDAS2, will lead the way towards a more connected, secure and interoperable administration.

Foto de Redacción ISBE

Redacción ISBE

Redacción @ ISBE

What is ISBE?
At ISBE, we are working to accelerate this path. Spain’s technological future is being built here.

To watch this video, you need to accept marketing cookies.

Watch video

Would you like to receive our newsletter?

Leave us your details and you will be the first to know the latest news about ISBE.
Contact information

Basic Data Protection Information: Alastria will process the data to deal with your queries or requests and to send you communications that may be of interest to you, if you have consented to this. No automated decisions or profiling will be carried out on the basis of the data collected. You can exercise your data protection rights by emailing hello@redisbe.com and access information about the processing of your data in the Privacy Policy.

By clicking the "Send" button I declare that I have read and understand the Privacy Policy and how my data will be processed for the management of my query or request.

Follow us

  • next-generation
  • ministerio
  • plan-de-recuperacion
  • cam
  • alastria
Project 'INFRAESTRUCTURA DE SERVICIOS BLOCKCHAIN ​​DE ESPAÑA (ISBE)', part of the framework of the Collaboration Agreement signed between the Community of Madrid and Consorcio Red Alastria, within the Program of Territorial Networks of Technological Specialization in the Framework of the Recovery, Transformation and Resilience Plan - financed by the European Union - Next Generation EU.
©Alastria, 2026