Digital Signatures for Data Preparation
The IDES data preparation process uses XML digital signatures to provide security, data integrity and non-repudiation.
Generate a Signature
A digital signature is generated when the FATCA XML file is processed by a “one-way hashing” algorithm to generate a fixed length message digest. IRS requires SHA2-256 hash with a 2048-bit RSA key as the standard for digitally signing data files. The IDES data preparation process uses the “Enveloping XML Digital Signature“.
Types of XML Digital Signature
There are three types of XML digital signatures. The classification type describes the position of the signature in relation to the data being signed. The three types of signatures are:
Enveloping Digital Signature
After the data file is validated the using the FATCA XML Schema v1.1, digitally sign the FATCA XML file using the “Enveloping” Digital Signature. Use the enveloping signature type only and do not combine or alter elements types. IDES will reject the file if it contains errors or does not use the enveloping signature type.
Step 1- Create sender payload file
|Process Description||Sample and Resulting File Name|
|1. Validate FATCA XML file and digitally sign use “Enveloping” digital signature||