Digital certificates bind digital information to physical identities and provide non-repudiation and data integrity. Before you begin the IDES enrollment process, each entity should obtain one valid digital certificate issued by an approved certificate authority (CA). IDES stores your public key and related digital certificate. IDES only recognizes and accepts digital certificates issued by IRS approved certificate authorities, listed below.
IRS Public Key
The IRS Public Key is a certificate that can be downloaded from the IDES Enrollment site. The public certificate should be included in the FATCA data packet (transmission archive) to the IRS.
Note: The public/private key pairs used for encryption for FATCA filings have an expiration date. The IRS Public Key for FATCA filing will expire soon. The IRS has a new key and will replace the existing key on November 30, 2018. After November 30, you will need to download the new IRS Public Key from IDES to file your FATCA Reports.
Certificate File Format
Supported formats for the digital certificate are:
- Distinguished Encoding Rules (DER) binary X.509
- Privacy Enhanced eMail (PEM) ASCII (Base-64) encoded X.509
IDES will convert digital certificates received in DER format to Base64 for storage and retrieval.
| Certificate Authority | Type of Certificate |
|---|---|
| Sectigo (formerly Comodo) | EV SSL |
|
Standard SSL EV SSL |
|
|
Standard SSL EV Multi-Domain SSL |
|
| GoDaddy | EV SSL |
|
Organization SSL Extended SSL |
|
|
Standard Server SSL FATCA Organization Certificate |