Instruction on the Procedure for Applying Electronic Digital Signatures in the Payment System of the Kyrgyz Republic

---

Back

Print Version

Date of creation: 2016-06-20

Approved by the Resolution of the Board of the National Bank of the Kyrgyz Republic dated June 15, 2016 No. 25/7

INSTRUCTION on the Procedure for Applying Electronic Digital Signatures in the Payment System of the Kyrgyz Republic

Chapter 1. General Provisions

1. This Instruction establishes the procedure for creating, registering, using, and storing electronic digital signatures for participants of the payment system of the Kyrgyz Republic.

2. An electronic digital signature is a tool used by a payment system participant to confirm the authenticity and integrity of an electronic payment document.

3. An electronic digital signature uniquely identifies the payment system participant who signed the electronic payment document.

Chapter 2. Terms and Definitions

4. The terms and definitions used in this Instruction correspond to those provided in the laws "On the Payment System of the Kyrgyz Republic", "On Electronic Documents and Electronic Digital Signatures", the Concept of Security Assurance in Banking Institutions of the Kyrgyz Republic approved by the Resolution of the Board of the National Bank of the Kyrgyz Republic dated April 28, 1998 No. 7/5, and the Regulation "On Interbank Electronic Payment Documents" approved by the Resolution of the Board of the National Bank of the Kyrgyz Republic dated June 24, 1999 No. 47/4.

5. Additionally, the following terms and definitions are used in this Instruction: Key carrier is a storage medium designed for the secure storage of the private key and the electronic digital signature certificate of the owner. PIN code is the personal secret code of the key carrier owner, analogous to a password.

Chapter 3. Registration Procedure

6. The role of the Administrator of the electronic digital signature system (hereinafter - Administrator) of the National Bank is assigned to employees of the Information Security Department of the Security and Information Protection Directorate (hereinafter - ISD SIP).

7. Each payment system participant signs an interbank Agreement on the exchange of electronic payment documents.

8. Each payment system participant appoints by order of the head two responsible persons who have the right to sign electronic payment documents on behalf of the participant.

9. A responsible person of the payment system participant submits to the National Bank of the Kyrgyz Republic (hereinafter - National Bank) a letter signed by the head of the organization – a payment system participant, according to which a registration procedure is conducted at the National Bank for these responsible persons.

10. The Administrator registers the name of the responsible person and their authority at the certification center of the National Bank, and then records this information in the memory of the key carrier. The participant's letter remains with the Administrator of the National Bank and is filed in the case.

11. The private and public keys generated by the certification center are unique for each responsible person of the payment system participant. The private key is recorded directly into the memory of the key carrier. The procedure for generating and recording the private key does not allow its external reading or reproduction.

12. The PIN code is selected, registered, and used exclusively by the responsible person of the payment system participant. This person bears personal responsibility for ensuring the confidentiality of their PIN code.

13. Recording the PIN code on any medium in a readable form is not permitted.

14. The key carrier that has undergone the registration procedure, together with the certified certificate, is transferred by the Administrator of the National Bank to the responsible person of the payment system participant under a transfer act.

15. The Administrator of the National Bank ensures the availability and integrity of public keys for all payment system participants.

16. The authenticity of a payment system participant's public key is verified by the corresponding electronic certificate, signed with an electronic digital signature of the certification center of the National Bank.

Chapter 4. Procedure for Creating and Using Electronic Digital Signatures

17. Electronic payment documents are formatted in accordance with standards established by the National Bank. A file of electronic payment documents may include one or several electronic payment documents.

18. Each electronic payment document, document package, or file is signed with an electronic digital signature of the responsible person of the payment system participant, which verifies all payments or messages presented in that file/package.

19. An electronic digital signature is created provided that a key carrier, registered in the prescribed manner, is present and the PIN code is correctly entered, confirming the authority to use that key carrier.

20. After three unsuccessful PIN code entry attempts, the key carrier is automatically locked. In this case, the responsible person of the payment system participant must immediately contact the Administrator of the National Bank.

21. Creating an electronic digital signature is impossible if the key carrier has been added to the "hot" list (lost or faulty), its validity period has expired, or the signature key certificate has been revoked, as well as in case of system or equipment failure.

22. In case of loss of the key carrier, the payment system participant is obliged to immediately notify the ISD SIP of the National Bank in writing.

23. The Administrator of the National Bank immediately revokes access and authority in the payment system for a lost or damaged key carrier. A new key carrier is issued to the payment system participant in accordance with the procedure established in Chapter 3 of this Instruction.

24. In cases specified in paragraph 21 of this Instruction, outgoing payments by the participant are carried out using key carriers of backup personnel or based on paper payment documents until the lock is lifted or a new key carrier is issued.

25. The authenticity of an electronic digital signature is verified using the corresponding public signature key.

Chapter 5. Procedure for Storing Key Carriers

26. A personal computer with hardware and software for creating and verifying electronic digital signatures must be located in a restricted-access room.

27. The personal computer equipped with hardware and software for creating and verifying electronic digital signatures must feature password protection at the operating system and application levels, or alternative multi-factor authentication systems that restrict access to authorized personnel in accordance with their job descriptions.

28. The key carrier with the private key must be stored by responsible persons of the payment system participant in a metal cabinet (safe) alongside the seal and other confidential documents.

29. It is prohibited to store the key carrier with the private key in unfastened desks or drawers, or to entrust it for storage to persons not authorized to do so.

30. Responsibility and control over compliance with the procedure for storing and using key carriers are directly placed on the head of the payment system participant.

Contacts Public Reception: +996 (312) 61-04-86, +996 (312) 66-90-15, extension +1257, +1256 Consumer Rights Protection Department: +996 (312) 66-90-15, extension +1671, +1666 Report Corruption: +996 (312) 66-90-15, extension +2120, +996 (312) 61-04-00 Auto-informer of Official Exchange Rates: +996 (312) 61-07-11 Numismatic Museum: +996 (312) 66-90-15, extension +1232, +996 (312) 61-24-14 E-mail: mail@nbkr.kg Media Relations: press@nbkr.kg 720010, Kyrgyz Republic, Bishkek city, Kiev street, 189