Our solution
Our Contact Validation API lets you check, before a signing certificate is issued or used, whether the email address and mobile phone number you intend to associate with it are already linked to other active certificates.
This supports the sole control principle: the contacts that act as authentication factors must stay under the exclusive control of the certificate holder. The service runs the check and returns a simple boolean result, so your application can decide whether to proceed or resolve the conflict first.
Contact Validation fits naturally into your certificate enrollment and signing flows, helping you meet the eIDAS sole control requirement without exposing any data about other subjects.
Main features
Verify email and mobile phone contacts before they are used as authentication factors for a signing certificate
Strict check when the subject is identified by tax code; relaxed check on name, surname, and date of birth for identities without one
Clear boolean response that tells you whether a conflicting association already exists
Pre-flight validation designed to run before your enrollment or signing operation
OAuth2 Client Credentials authentication for secure API access
Available in staging and production environments
Benefits for your application
Sole control alignment
help meet the eIDAS requirement that signature authentication factors remain under the holder’s exclusive control
Fraud prevention
surface reuse of the same email or phone across different identities before it becomes a problem
Stronger non-repudiation
reduce the risk of shared contacts undermining the legal value of the signature
Simple integration
a single call returns a clear outcome your application can act on
Privacy by design
the response exposes only the boolean outcome, with no third-party data
Early conflict detection
resolve contact issues up front, before the signing operation