Currently, the staff in the service of a Public Administration carry out their functions by electronic means. Digital certificates allow these tasks to be carried out securely because they prove our identity. Its use is equivalent to a handwritten signature.
In addition, in the case of the certificates of employees and public workers, it also identifies them as professionals of the entity in their electronic relations.
The AOC Consortium is a reliable supplier recognized by the Ministry for Digital Transformation and Public Service. The AOC issues, among others, the T-CAT in different media (card or software) for public administration staff.
As the holder of your T-CAT you are responsible for the use that is made of it. All authentications and signatures (obligations, declarations, arrangements...) made with this certificate will be linked to you, with full legal validity.
In this context, where data protection and security have become fundamental concerns, we provide you with a series of recommendations to avoid security problems.
Recommendations and best practices
Your T-CAT is personal and non-transferable
Your T-CAT, like any other digital certificate, is personal and non-transferable, it is your "I" on the network; if you leave it to other people, you are facilitating a possible spoofing of your identity that can have important consequences.
- Do not give your T-CAT to other people to use it on your behalf (for processing, signing, etc.).
- As the holder of the certificate, you will be responsible for the signatures and authentications carried out with the T-CAT.
- Do not share your PIN and PUK (if the certificate has one) with anyone.
- Never save the certificate with the PIN and the PUK together.
- Before using your certificate, make sure you know exactly what you are signing, as once signed it will be fully legal.
Use your certificate in secure environments
- Before installing your T-CAT, check that your computer's operating system is up-to-date (this is a way to avoid possible security holes).
- You must follow the installation instructions provided by the lender.
- In the case of the T-CAT:
- Keep your T-CAT in a safe place. Whether it's on a card, or whether it's the T-CAT installation file in software. Avoid saving the file to a shared computer, USB or hard drive without a password.
- Install it on your computer in your individual password-protected session.
- Delete the T-CAT P certificate file if you change computers.
Life cycle of your T-CAT
- The validity of the T-CAT is 4 years and you will receive an e-mail 60 and 30 days before it expires. Contact your organization's Digital Certification Service Manager to ensure that the renewal is managed.
- If you detect that someone is misusing your T-CAT, revoke it as quickly as possible.