Organisations around the globe use tendering processes, including:
- Government agencies – Many governments have adopted e‑Tendering to improve efficiency and transparency in the procurement process.
- Public sector organisations – Public sector organisations such as schools, hospitals and universities use e‑Tendering to procure goods and services.
- Private sector companies – e‑tendering by private sector companies is on the rise. It helps companies save time and money while improving the efficiency of the procurement process.
e‑Tendering is defined as the electronic submission of bids or proposals for public procurement contracts. It is a more efficient and transparent way to procure goods and services, eliminating the need for paper‑based submissions and manual processing.
Additionally, e-Tendering has improved the security of the procurement process with digital signatures. Digital signatures help verify the authenticity of bids and proposals.
An e‑Submission is the process of electronically submitting documents such as contracts, invoices or reports. E‑Submissions are used by several industries, including:
Governments – Government agencies often use e‑Submissions to collect and process information from individuals and businesses. Government e-Submission practices include tax returns and business registrations.
Healthcare – Use of e‑Submissions in the healthcare industry is increasing. They’re using e‑Submissions for medical records, patient consent forms and other treatment‑related documents. This is helping improve efficiency while better protecting patient confidentiality and privacy.
Finance – Organisations such as banks and investment firms are adopting e-Submissions for financial reports, investment applications and other financial documentation. It improves efficiency while reducing the risk of fraud.
Manufacturing – To help meet product quality standards and increase efficiency, global manufacturers are implementing e‑Submissions for documents such as:
- Product specifications
- Manufacturing instructions
- Any documentation covered under intellectual property (IP)
Education – Educational organisations are using e‑Submissions when processing student transcripts, course registrations and other documents. It makes it easier for students and parents to access their records while improving overall system efficiency.
These are just a few of the sectors that are already implementing e‑Submissions into their workflows. As technology continues to evolve, we expect more industries to adopt the use of e‑services.
The underlying requirement for all such applications is that the transaction or document offers proof of authenticity, data integrity and non‑repudiation. Traditionally paper and ink were used, but in this digital world, digital signatures meet these requirements better than its predecessors.
Public procurement confidentiality is a growing requirement. Current systems protect information within a tender application, but there is often weak legal binding.
Privacy is also a concern since privileged users may have access to sensitive data. To protect this information, the encryption required needs strong cryptography.
Digital signature signing keys are unique to the user, under their control and the act of signing is performed wilfully by the end-user. Typically, this means signing using just a simple internet browser and a locally held signing key on a smartcard or USB token, however there are other options.
Data or document decryption can now be controlled by a security server with a full audit trail of all actions. Advanced security requirements may insist that the central authority be unable to decrypt tender information until after the office tender opening date and time.
Additionally, the decryption process may need to offer a properly authorised and fully auditable operations. Multiple members of a jury may need to agree before the decryption process is authorised.
Ensuring authenticity, integrity and non-repudiation in e-services
When assessing tenders, all end-users must be verified as part of determining whether adequate trust exists. Within the European Union (EU) it is possible that any of a large number of Certificate Authorities (CAs) issued the end-user’s qualified certificate.
Verifying the end-user’s digital signature and assessing their quality and acceptability for the intended purpose can become challenging. Once successfully decrypted and verified, the application may need to securely archive the document and any verification process meta data within a secure archive system for long-term availabiity, either for regulatory or legal reasons or for dispute resolution purposes.