Login

Token, PIN, PUK - a simple explanation of the differences so you always know which code to enter when signing documents.

Token, PIN, PUK - these three abbreviations can mess things up. See what situations you use them in and why getting them wrong can block your signature.
Token vs PIN vs PUK - a guide for electronic signature users

What is the difference between a Token and a PIN/PUK?

At the podpisano.pl hotline we hear it regularly: "I don't know what this token is...".,

"I entered the token number instead of the PIN and now nothing works..." or

"Is a token the same as a PUK?".

It's not your fault - the terms are confusing, and the messages in the applications don't always help. That's why below we explain what's what and how to avoid trouble with a qualified signature.

Token, PIN and PUK - they are not the same thing!

In the context of a qualified signature, each of these elements has a different role:

  • Token - is a randomly generated, one-time verification code (OTP - One-Time Password), which you receive in the mobile application or by SMS. The token is used to authorize an electronic signature, for example, in SimplySign. Token is not a password or PIN! It is a momentary, dynamic code that works similarly to codes from online banking.

 

  • PIN - is your personal, defined code that you enter every time you sign a document if you use the Certum Mini or SimplySign solution. It is like a key to your electronic signature. The PIN is permanent (until changed) and can be mistaken for a token, but it serves a completely different function.

 

  • PUK - Used in emergency situations. If you enter the wrong PIN three times, your signature will be blocked. Then you have to use the PUK code to unlock the signature and set a new PIN. If you also block the PUK (already. after 3 wrong attempts), the signature is permanently blocked.

 

In which signature what do we use?

SimplySign (Asseco):

 

  • You sign mobile or on a computer
  • You enter login, password 
  • You generate a TOKEN - when you need to connect to the application on another device (such as SmartSign on a desktop). When you sign on your phone, TOKEN will not be necessary 
  • You select the file to sign and click sign You enter the PIN for signature confirmation
  • If you have a problem with your PIN, you need a PUK to set a new PIN
  • TOKEN is generated by the mobile application .

     

Certum Mini (reader + cryptographic card):

 

  • You sign on a computer with a USB reader connected with a signature card 
  • You choose the document to sign
  • You click sign
  • You choose a signature key (i.e. your USB reader with a signature card)
  • You need to provide a PIN for the card,
  • If you have a problem with your PIN, you need a PUK to set a new PIN,
  • TOKEN does not occur here.

     

Most common mistake: Token instead of PIN

This is a typical situation: a customer uses SimplySign, but thinks he needs "that code from the app." He enters the token in place of the PIN, three times... and boom - signature blocked . Not because he messed up something, but because the system does not recognize the token as a valid PIN.

What to do?

  1. Don't panic. The signature has locked up, but you can unlock it with the PUK code.
  2. Log in to panel.certum.co.uk to your account that you created during the signature installation.
  3. On the dashboard (main page after logging in), select your signature that you have locked. In the signature menu (three vertical dots) Select unlock PIN or change PIN/PUK.
  4. Enter the PUK code - which you assigned during activation 
  5. Set a new PIN.

If you do not have a PUK or have blocked it, you will need to make a new certificate and card.

Who stores this data?

Neither wepodpisano.pl), nor Asseco or Certum store your PIN or PUK. These are personal data, known only to you. Losing this information means you need to issue new credentials. Treat them like your bank login credentials.

Summary
  • Token = one-time code, generated in the mobile application, is used to log in to a certificate (e.g., SimplySign) in the cloud.

  • PIN = code used for signing, it confirms the identity of the person making the qualified signature, which gives the document legal force.

  • PUK = rescue code to unlock the PIN.

Do not mix these concepts! When in doubt, contact podpisano.pl. We will help you regain control of your signature.

If you have questions, or a problem accessing the signature, you can always write to us: [email protected]

SimplySign and Certum Mini qualified signatures

If you have any concerns or questions, please contact us

+48 22 417 05 55

We will answer your questions, find a date that suits you and an advisor in Gdansk, Gdynia, Krakow, Warsaw or Wroclaw.

You can also write an email from us [email protected]. 

Check also:

  • Qualified stamps

How do I access KSeF? ZAW-FA vs. Seal

  • Qualified Stamps, Qualified Signatures

Authentication in KSeF: ZAW-FA or a Qualified Seal? Which one should you choose to start with?

  • Qualified stamps

Registering with KSeF using a qualified digital certificate – Your ticket to skip the lines

  • Qualified Stamps, Qualified Signatures

KSeF in sole proprietorships and small companies: qualified signature, stamp, and invoice automation

See all

Do you need help?

Info
Learn more Add to cart
Info
Learn more Add to cart

Find what you're looking for