Digital Signatures for Data Preparation

 

The IDES data preparation process uses XML digital signatures to provide security, data integrity and non-repudiation.

Generate a Signature

A digital signature is generated when the FATCA XML file is processed by a “one-way hashing” algorithm to generate a fixed length message digest. IRS requires SHA2-256 hash with a 2048-bit RSA key as the standard for digitally signing data files. The IDES data preparation process uses the “Enveloping XML Digital Signature.“

Types of XML Digital Signature

There are three types of XML digital signatures. The classification type describes the position of the signature in relation to the data being signed. The three types of signatures are:

  • Detached
  • Enveloping
  • Enveloped

Enveloping Digital Signature

After the data file is validated the using the FATCA XML Schema v1.1 or v2.0, digitally sign the FATCA XML file using  the “Enveloping” Digital Signature. Use the enveloping signature type only and do not combine or alter elements types. IDES will reject the file if it contains errors or does not use the enveloping signature type.

Step 1 - Create sender payload file

Process Description Sample and Resulting File Name
1.  Validate FATCA XML file and digitally sign use “Enveloping” digital signature Sample Enveloping Signature v2.0.zipZIP
FATCAEntitySenderId_Payload.xml
Example: 000000.00000.TA.152_Payload.xml
For use with FATCA XML Schema v2.0