The Society will start issuing Smartcards from Autumn 2014. The Smartcard will be rolled out to the whole profession and members will receive a letter with instructions during the course of the roll-out. The letter will invite members to attend a session in their area where their identity will be verified and a card will be issued.
Deploying these cards is a big project. If you hold a practising certificate you can be guaranteed we will be contacting you in due course. We will be using both email and letters.
There is no additional charge for the Smartcard or the card reader, this is a membership service which provides evidence of your entitlement to practice.
Every individual will need to sign a contract when they collect their card. This is a standard contract, and will be identical for everyone. An example is available here. The covering page gives a summary of some of the key terms. The contract is between the Certification Authority, The Registration Authority and yourself. You will be sent a copy in advance. A member of the Law Society of Scotland team will sign this at the event on behalf of the Society, as Registration Authority, and as an agent acting for the Certification Authority.
If you do not sign the contract, we cannot issue the card. This means you will have no physical Law Society of Scotland identification, as the Society is phasing out the cards currently issued.
Marsh have issued a statement explaining the Smartcard's implications on Master Policy cover. Read the statement.
These two documents are mentioned in the contract solicitors sign when receiving their Smartcard. They form part of the governance background and technical specification of the digital signatures we’re issuing.
Certificate Policy (CP) is a document which aims to state who the different actors/bodies of a public key infrastructure (PKI) are, their roles and their duties.
If you’d like to find out more about CPs and PKIs, Wikipedia* features additional information.
Certification Practice Statement (CPS) is a document from a Certificate Authority or a member of a web of trust which describes their practice for issuing and managing public key certificates. You can read more on Wikipedia*.
* These links are to an external website and its content is subject to change. Care should be taken in using such information.
You need to choose a six-digit PIN code to use with your card. This operates in exactly the same way as the PIN code for your bank card and must be entered whenever you use the card to apply a digital signature or log in to services. You also need to choose an eight-digit PUK code which is the same idea as the PUK code for your mobile phone -- it's the backup code that allows you to unlock it if you lock the card by using the incorrect PIN code repeatedly. If you repeatedly enter the wrong PIN code and then can’t remember your PUK code to unlock the card, you will need to e-mail us at firstname.lastname@example.org to get a new digital signature.
For all enquiries about the Smartcard please contact the Society by emailing email@example.com.
Even if you see the names of our project partners, like ACA or RedAbogacia, or have questions around indemnity where we may need expertise form Marsh or others, we’d still ask you to only contact us.
This means we can give you the best possible service and answer enquiries based on information provided to us by other sources, or indeed make sure you're put through to the best person in another relevant organisation.
European legislation is currently in progress which may require members of all professions to hold a valid professional identity card. The Smartcard is issued in conjunction with the Council of Bars and Law Societies of Europe (CCBE) and is recognised throughout Europe.
We will continue to keep members informed through regular updates in our monthly all-member Bulletin and website as well as news items in The Journal and other legal press. As the phased roll-out progresses, we will contact each member with more detailed instructions on how the card will be issued.
The Society will be issuing cards to solicitors holding a current practising certificate.
Not at the moment. The Smartcard is a member benefit for solicitors only. However, in the future a similar product may be available to other groups.
Your Smartcard provides evidence of your entitlement to practice. In the future, it is planned that the Smartcard will replace the current form of practising certificate issued by the Society.
Your Smartcard is valid for up to six years from date of issuance. The Society will send you renewal instructions before your card expires. However, the digital certificate on your card requires renewal after 3 years but this will not require a face-to-face with the Society. Online renewal instructions will be sent to you before your certificate expires.
Your practising certificate still needs to be renewed each year. Starting from 1 November 2015, all practising certificate renewals will need to be completed online.
The company we are working with has already deployed this solution to over 50 sets of professionals and bar associations across Europe over the last few years and some of these organisations have a membership ten times the size of the Society's. We know this solution works for them and we're confident it will work for us.
The only additional information will be a photograph. All other data will be the same as held on our main regulatory system, fulfilling the statutory functions around the registration of solicitors.
In a very basic sense, a digital signature could simply be a name at the end of an email or an image of a person's written signature added to an electronic document. The Smartcard will provide Scottish solicitors with a qualified secure digital signature, the EU digital signature with the highest form of security.
This form of digital signature guarantees the integrity of the text, as well as the authentication. The juridical value it has is for integrity: one is sure the text received is the same that was sent, and that no hacker has changed it.
The card reader is a small device connected to your computer via a USB cable. This is issued alongside the Smartcard at no extra charge and is required for using the digital signature.
When you receive your Smartcard, you'll be provided with instructions on how to install the necessary software and use the card reader.
No. Only the person whose name appears on the Smartcard can use the card. Allowing someone else to use your card may give rise to criminal/fraud penalties and possible civil liability if a contract proceeds on a fraudulent signature. Allowing someone else to use your card is the equivalent of encouraging someone to sign your name on a contract for you. Your Smartcard will be protected by a PIN code to ensure that only you can use it.
If you've lost your card, you can revoke it using the unique cancellation code provided for this purpose. You should send an immediate email to firstname.lastname@example.org, advising the Society that your card has been lost. You will receive instructions on how to be issued with a new card.
The guidance for photographs and proof of identity documentation can be found in the Smartcard photo guidance document.
We are encouraging members to focus on showing their new Smartcard card to those who ask for proof of practice, allowing the person to also check the details against the 'live' data on our website Find a solicitor function. This provides a robust and secure form of identification.
We also already produce a range of materials for you to display in your windows and receptions areas - allowing you to choose 'Member of the Law Society of Scotland' or 'Regulated by the Law Society of Scotland', depending on the message you prefer to convey to clients. Many firms have fed back they prefer these to displaying certificates.
Finally, we're currently working on a style of paper 'presentation certificate', which will be available to members on request once the Smartcard replaces the existing practising certificate, although this may be an 'opt in' service as discussions with members so far have suggested the above options are preferred by most.
RedAbogacía - is the trading name for the company Infraestructura Tecnológica del Consejo General de la Abogacía, SLU. They are wholly owned by the Spanish Bar Association, and are the provider of the software and card technology behind this project.
ACA - is the Abogacía Certification Authority (operated by RedAbogacía). This was set up in 2005 to provide EU-compliant digital signatures to Spanish lawyers, and has now authorised more than 80 registration authorities (of which the Law Society of Scotland is now one) across the legal and provisional services sectors in a range of European countries.
An open tender process was followed, which required documentary evidence and pricing information, and also included demonstrations, site visits to current clients and financial due diligence. A key aspect of our stated requirements was a solution which had already been deployed to a profession, ideally lawyers, of significant scale and over a period of time. RedAbogacía achieved the best score in relation to quality and cost, and all due diligence with existing clients and financially assured us they were the ideal partner for this project.
We had tenders from the UK, and from other EU countries, but selected on price, quality and proven track record.
Registration authority - for this project, the Law Society of Scotland is the registration authority - performing the necessary ID checks, issuing cards and digital signatures, and providing accurate information to the certification authority.
Certification authority - is Abogacía Certification Authority (ACA, operated by RedAbogacía). It meets all key EU and international standards required of certification authorities, holding the required information to allow the issuing and use of a qualified secure digital signature. This saves the Law Society of Scotland the cost, resource commitment and risks of attempting to become a certification authority in its own right within a small market like Scotland, something which we did not consider as viable or desirable when we designed the project specification in 2013 and tendered the project.
If you are in possession of a Smartcard, and you don't renew your practising certificate by 31 October, your digital signature will be revoked.