Tractis ceases operations: Next steps & Important dates

Today, February 20th 2018, we have published a post announcing that Tractis will stop providing electronic certification services on April 30th, 2018 and explaining the reasons behind our decision to cease operations.

We understand that your electronic evidences are important and are committed to help you during this transition period.

Next steps: We strongly recommend you to spend your Tractis Credit, download your electronic evidences and migrate your processes to a new provider before the closing date.

Important dates: Please, note that on

  • April 30th, 2018 (closing date), the Tractis infrastructure and support service will be fully deprovisioned. Unused Tractis Credit will be lost, without the right to a refund, and it will be no longer possible to use our services, to receive support or to download content previously stored in Tractis.
  • May 20th, 2018 (revocation date), the timestamping electronic certificate used by Tractis will be revoked. If you want to preserve your contacts or preserved evidences beyond that date, you must migrate your files to a new provider and re-stamp them before the revocation date.

If you are looking for a new provider, you can view a list of electronic certification services providers alternative to Tractis.

If you have any question or comments, don’t hesitate to contact us before the closing date.

By David Blanco
Saved in: Announcements, Business, Tractis | No comments » | 20 February 2018

Tractis closes its doors

Tractis will cease to provide electronic certification services on April 30th, 2018.

It has not been easy to make this decision. However, given the current market status, we believe is the right decision.

Although we offer multiple methods of identity verification and electronic signatures, our focus and passion has always been on those methods that offer the highest level of guarantee and security. That is, the e-ID’s issued by governments.

In Spain, our main market, this option was and still is the DNIe, the national electronic ID card.

However, the DNIe never got traction in the Spanish private sector. A failure that has multiple causes. AtTractis we have fought them all to the extent of our possibilities:

The sluggishness of the public administration in responding to the demands of the market in regard to the DNIe have contributed to a very large extent to the failure of the DNIe in the private sector. As an example, it took 4 years to publish the DNIe Manual for APDU commands, 10 years to extend the life of the DNIe certificates, 11 years to eliminate the FNMT harmful price system (paid validation in the private sector) and only when the European Union has forced the FNMT to do so … The private sector requires agility, responses in days, weeks or even months. Never years. Never decades.

Regrettably, the latest news signal that the use of the DNIe in the private sector in Spain will not only not improve, but will get rather worse. On the one hand, the harsh incorporation of the EU eIDAS Directive into the Spanish national legislation (compare the financial requirements needed to become a Qualified Provider of Electronic Trust Services in Spain VS. Estonia, the leading country in the use of e-IDs). On the other hand, the vulnerability recently discovered in the DNIe that forces the deactivation and re-issue of virtually all DNIe’s issued to date, a process that will take years.

We remain convinced of the enormous potential of e-IDs for secure e-commerce. Simply, and as much as it hurts, we have had to come to the conclusion that Spain is not just the place to try to realize this potential.

It is not easy for us to take this step, but we believe it is the right thing to do. After 13 years of struggle, the time has come to throw in the towel. Sad and exhausted, yes, but also proud of the work done and extremely grateful to all the customers, suppliers and investors who have trusted us.

Related: Tractis ceases operations: Next steps & Important dates.

By David Blanco
Saved in: Announcements | No comments » | 20 February 2018

R.I.P. John Perry Barlow (1947-2018)

Governments of the Industrial World, you weary giants of flesh and steel, I come from Cyberspace, the new home of Mind. On behalf of the future, I ask you of the past to leave us alone. You are not welcome among us. You have no sovereignty where we gather.

We have no elected government, nor are we likely to have one, so I address you with no greater authority than that with which liberty itself always speaks. I declare the global social space we are building to be naturally independent of the tyrannies you seek to impose on us. You have no moral right to rule us nor do you possess any methods of enforcement we have true reason to fear.

Governments derive their just powers from the consent of the governed. You have neither solicited nor received ours. We did not invite you. You do not know us, nor do you know our world. Cyberspace does not lie within your borders. Do not think that you can build it, as though it were a public construction project. You cannot. It is an act of nature and it grows itself through our collective actions.

You have not engaged in our great and gathering conversation, nor did you create the wealth of our marketplaces. You do not know our culture, our ethics, or the unwritten codes that already provide our society more order than could be obtained by any of your impositions.

You claim there are problems among us that you need to solve. You use this claim as an excuse to invade our precincts. Many of these problems don’t exist. Where there are real conflicts, where there are wrongs, we will identify them and address them by our means. We are forming our own Social Contract. This governance will arise according to the conditions of our world, not yours. Our world is different.

Cyberspace consists of transactions, relationships, and thought itself, arrayed like a standing wave in the web of our communications. Ours is a world that is both everywhere and nowhere, but it is not where bodies live.

We are creating a world that all may enter without privilege or prejudice accorded by race, economic power, military force, or station of birth.

We are creating a world where anyone, anywhere may express his or her beliefs, no matter how singular, without fear of being coerced into silence or conformity.

Your legal concepts of property, expression, identity, movement, and context do not apply to us. They are all based on matter, and there is no matter here.

Our identities have no bodies, so, unlike you, we cannot obtain order by physical coercion. We believe that from ethics, enlightened self-interest, and the commonweal, our governance will emerge. Our identities may be distributed across many of your jurisdictions. The only law that all our constituent cultures would generally recognize is the Golden Rule. We hope we will be able to build our particular solutions on that basis. But we cannot accept the solutions you are attempting to impose.

In the United States, you have today created a law, the Telecommunications Reform Act, which repudiates your own Constitution and insults the dreams of Jefferson, Washington, Mill, Madison, DeToqueville, and Brandeis. These dreams must now be born anew in us.

You are terrified of your own children, since they are natives in a world where you will always be immigrants. Because you fear them, you entrust your bureaucracies with the parental responsibilities you are too cowardly to confront yourselves. In our world, all the sentiments and expressions of humanity, from the debasing to the angelic, are parts of a seamless whole, the global conversation of bits. We cannot separate the air that chokes from the air upon which wings beat.

In China, Germany, France, Russia, Singapore, Italy and the United States, you are trying to ward off the virus of liberty by erecting guard posts at the frontiers of Cyberspace. These may keep out the contagion for a small time, but they will not work in a world that will soon be blanketed in bit-bearing media.

Your increasingly obsolete information industries would perpetuate themselves by proposing laws, in America and elsewhere, that claim to own speech itself throughout the world. These laws would declare ideas to be another industrial product, no more noble than pig iron. In our world, whatever the human mind may create can be reproduced and distributed infinitely at no cost. The global conveyance of thought no longer requires your factories to accomplish.

These increasingly hostile and colonial measures place us in the same position as those previous lovers of freedom and self-determination who had to reject the authorities of distant, uninformed powers. We must declare our virtual selves immune to your sovereignty, even as we continue to consent to your rule over our bodies. We will spread ourselves across the Planet so that no one can arrest our thoughts.

We will create a civilization of the Mind in Cyberspace. May it be more humane and fair than the world your governments have made before.

Davos, Switzerland
February 8, 1996

- John Perry Barlow. Declaración de Independencia del Ciberespacio.

By David Blanco
Saved in: Empowerment, Internet, Legal | No comments » | 19 February 2018

Moderating abuse in the comments section

Readers can use screen names but they know that they have given their details to us – that’s a real incentive to act in a reasonable way.

- John Witherow, Editor at The Times newspaper.

By David Blanco
Saved in: Identity, Quotes | No comments » | 12 August 2016

Tractis offers free validation of FNMT certificates

es.png As of July 1st, 2016 Tractis offers free validation of FNMT certificates.

In other words, from now on, you can use the certificates of the Fábrica Nacional de Moneda y Timbre (FNMT, Spain’s National Mint) in Tractis without having to pay an extra cost for each validation.

With the coming into force of the eIDAS European Regulation, the FNMT is obliged to provide free validation of their certificates to the private sector. At Tractis we have decided to pass on these savings to our customers immediately.

A little bit of background

This change in pricing policy by the FNMT is an announcement of great significance in the history and evolution of electronic certification sector in Spain.

Those who know and follow us know that at Tractis we have been critical and belligerent with the FNMT marketing and pricing policy, as we thought it to be an aberration in the world of electronic certification. Tractis supports 33 Certification Authorities in 14 countries. All charge for issuing certificates but not for their use (validation). The FNMT was the only exception, doing just the opposite: issuing free certificates and, then, charging for their use by the private sector.

In our view, together with the difficulty in the use of the National Electronic ID (DNIe) and an accompanying lack of smart card readers, the mere existence of the FNMT and its pricing policies have been one of the main obstacles to the widespread adoption and use of electronic certification by the private sector in Spain.

The State against the State

In theory, Spain was excellently positioned to become one of the leading countries in the use electronic certificates. It had a large number of certification authorities, experts, projects and, ultimately, abundant know-how. Moreover, Spain was one of the first countries to issue an electronic ID on a massive scale among the general population: The National Electronic ID card (DNIe) issued by the Ministry of the Interior.

In practice, the FNMT, a public company under the Ministry of Finance and Public Administration, offered a competitor to DNIe, which was easier to use, as its software certificates did not require the use of a smart card reader.

How to shoot yourself in the foot

In theory, DNIe and FNMT certificates were different and not comparable products. The former allowed generating qualified electronic signatures of a universal nature, the most powerful available. The latter generated less powerful advanced electronic signatures and were valid only within the realm of Spain’s Treasury

In practice, given the difficult use of  the DNIe and a paucity of readers, and given that the FNMT gave free validation of their certificates for the public sector, the Government went on extending the use of FNMT certificates beyond any advisable measure. FNMT certificates began to be used in situations outside the scope of the Treasury and in cases that should have been reserved for the DNIe (qualified signature).

Everybody’s business is nobody’s business

In practice both products competed for the same market. Notwithstanding this, neither DNIe nor FNMT certificates achieved success in the use of electronic certification by the private sector.

End users, unaware of the FNMT pricing policies, preferred FNMT certificates to DNIe in their dealings with public bodies, as they were less cumbersome (no reader required). From a users’ point of view, both could be used for virtually the same administrative procedures (widespread use of FNMT certificates for interactions with the Public Administration).

The private sector did neither go for the one -difficult to use DNIe- or the other -costly use of FNMT-.

The lost decade

Between theory and practice, time passed away.

Today, 10 years after the introduction of the DNIe and of FNMT pricing policy, and more than 50 million DNIe cards issued, use of the DNIe in the private sector is insignificant and that of FNMT certificates, very small.

DNIe awkward use, the lack of card readers and the FNMT pricing policy created a perfect storm whose result is truly a “lost decade” for the adoption of electronic certification by the private sector in Spain.

A gleam of hope or a train already gone?

The change in the FNMT pricing policy could be a second wind for FNMT certificates in the private sector and, perhaps, the final blow to the DNIe in this market. And this despite of the fact that the FNMT itself only made the change at the last moment and when forced to do so by a European Directive.

In a situation where FNMT certificates are used in practice outside of both the proper realm of the Treasury and that of advanced signatures, the free validation of FNMT certificates for the private sector reinforces the value proposition of the FNMT product, to the greater detriment of the DNIe.

It is also possible that this change comes too late. After 10 years, electronic certificates may have lost their chance for widespread use as a method of authentication and signing in the private sector in Spain in favor of alternative methods.

By David Blanco
Saved in: Announcements, Business, eID | No comments » | 6 July 2016

Tractis Migration to Amazon Web Services

Over the last month we have completed the migration of the Tractis infrastructure to the cloud.

Until now, all services provided by Tractis run on our own machines at the Acens data processing center (DPC) in Barcelona. From now on, all Tractis services will be hosted on Amazon Web Services, the world leading provider of cloud computing services. The only exception to our migration to the cloud is the Tractis Time Stamping Authority (Tractis TSA), which will continue to run on our own Hardware Security Modules (HSM), now housed in one of Claranet data processing centers in Barcelona.

We expect a number of benefits from this migration, including: minimal latency times for end users, greater speed of service delivery, easier management, high availability across all Tractis infrastructure components, better disaster recovery and extreme scalability in storage and processing. All of this while Tractis keeps on providing our services in strict compliance with Spanish and European data protection legislation. Our European customers can be confident that Tractis uses exclusively Amazon Web Services DPCs located in the European Economic Space.

The complexity of the infrastructure to migrate, the large number of services provided, the customers in production and the legal implications, have made this move a non-trivial task. This migration is the culmination of several months of work, thoughtful planning and careful execution. However, it is just another step in our goal to evolve the Tractis services infrastructure from various monolithic applications to micro-services.

We have updated the Tractis documentation and policies to reflect these changes. Special mention deserve the Tractis Terms of Use, the Tractis Time Stamp Policy, diverse parts of our Help section, the data protection agreement entered by AWS Europe and Tractis and, lastly, our annual audit on data protection.

By David Blanco
Saved in: Announcements, Tractis | No comments » | 5 October 2015

Tractis launches real-time support for Enterprise Plans

Throughout the summer we plan to make several releases aimed at larger corporations.

Following the launch of unified multi-account billing, this week we announce real-time support. As the name suggests, this new feature allows you to contact directly and in real time, with the technical and business staff assigned to your Tractis account. All communications are made using Slack and

About Slack

If you do not know about Slack yet, you not know what you are missing. A powerful instant messaging tool, extremely easy to use, that allows group chats, file sharing, advanced search and integration with more de 80 third party services. A month ago, Slack announced 1.1 million daily active users. No exaggeration to say that they have burst into the world of business communications.

One day we will write a post explaining how Slack has transformed the Tractis team daily work and increased our productivity. For now, suffice to say that it has become our communications hub, integrated with all our internal work tools (task management, CRM, helpdesk, file sharing, monitoring, alerts, log management, code repositories, etc.)

About allows you to share channels among different Slack teams. Even if your company has its Slack team and Tractis its own, both can share a communication channel.

In other words, while technically Tractis and yours are two different companys, in practice, thanks to Slackline, you have access to the Tractis team with the same full set of features as the rest of your project teammates. Directly from your internal communication center and in real time. Actually, it is as if Tractis was another member of your team – which is just what we want to become.

Live support is available in Beta, for now, and only for customers with a Tractis Enterprise monthly subscription plan.


Slack in standard form, as we use it in Tractis, is free, with additional functionalities for paid plans. If you want to give it a try, use this link to create a Slack Account and get a free $100 credit (only until September 30, 2015). If you finally decide to hire a paid plan, Tractis will receive another $ 100 credit. With or without the referral program, we would recommend Slack without hesitation. is a service created by Blanca Alvarez and Ernesto Jimenez, former negonator extraordinaire. Some of their clients are Bloomberg, Dow Jones, Harvard … and now Tractis. With or without the shared past of Tractis with the Slackline founding team, the possibility of becoming a member of your clients teams seems a most intriguing proposition, worth a try.

By David Blanco
Saved in: Announcements, Tractis | No comments » | 24 August 2015

Tractis launches consolidated multi-account billing for Enterprise Plans

Throughout the summer we plan to make several launches aimed at large companies.

We start with consolidated multi-account billing, a new feature that lets you redirect spending from several Tractis accounts to just one.

Here’s an example. Suppose you work in a large company and want to use some Tractis electronic certification services (identity verifications, electronic signatures, time stamping, preservation of evidences, etc.) at different departments, divisions, products or companies in the group. On one hand, you want to group all spending on a single bill and, on the other hand, you want to maintain separate individual account management so that each account continues having its own configuration, administrators, users, gateway management and logo and colors customizations.

The consolidated multi-account billing allows you to achieve exactly that.

You just have to tell us the main account for redirecting spending (Master Account) and the accounts (Slave Accounts) you want to make use of the credit in the Master Account. We will make all the necessary settings for you to enjoy the advantages:

  • Simpler: A single bill for multiple accounts.
  • Better prices: By combining the spending from several accounts into one, you can achieve higher transaction volume discounts.
  • Increased customization: Each account is still run independently (configuration, users, customization, etc.).
  • Greater control: Only the Master Account Administrators have access to transaction and spending reporting from Slave accounts.

We believe that this new feature will prove extremely useful for large companies, central purchasing departments and software subsidiaries that provide services to multiple divisions, departments, products and companies in the group.

Consolidated multi-account billing is available only to Tractis clients under a monthly Enterprise subscription plan.

By David Blanco
Saved in: Announcements, Tractis | No comments » | 15 July 2015

Certification of identity attributes in your Tractis Public Profile

After the improvements in privacy control in your Public Profile, we launch the certification of identity attributes in your Tractis Public Profile.

When we say “identity attributes” we refer to the various pieces of information in your Tractis Public Profile. Name, surname, sex, age, nationality, telephone …they are all identity attributes, i.e., attributes that define your identity. Perhaps we could call them simply “personal data“. However, your Tractis profile contains both personal and professional data. We believe that “identity attributes” is a more precise designation.

From “alleged” to “certified” identity attributes

Until now, all the identity attributes in your Tractis profile data were “alleged” by you. A third party had no way of knowing whether the information revealed (alleged) by you was true or not. This ignorance can lead to distrust in electronic commerce scenarios and in some cases prevent the transaction from being finalized.

Starting today, you can certify your identity attributes, so that third parties (e.g., a prospective buyer) may be confident that the information in your profile is true.

Certified identity attributes supported

We have begun by supporting the certification of the following attributes:

  • Personal information: Name, surname and ID Number (e.g.: Spanish DNI).
  • Professional information: Mobile phone number.

Certification methods for identity attributes

The certification method depends on the identity attribute you want to certify. In the case of:

Just visit your profile, click on the “Verifications” tab, select the attribute to certify, click “Certify” and follow the instructions.

Certification freshness and re-certification

The certification date of an identity attribute is important. A potential buyer may trust your mobile number if it has been certified within the last two weeks but wary if the certification was made more than 6 months ago (you might no longer have that mobile number). For this reason, beside each certified identity attribute, we indicate the “Freshness” of such certification, i.e., the date it was made and, therefore, the time passed since.

Should you, or a third party, consider it has been too long since the certification was carried out, you can re-certify an identity attribute. Just press “Re-certify“, complete the certification process and your identity attribute will be certified dated today.

Certification assurance Level

Not all certification methods provide the same assurance level. In other words, the method used for certification has an effect on the strength of the electronic evidence generated and their eventual use in court. Tractis assigns a “Tractis Score” (assurance level) to each certification method. You can see the Tractis Score assigned to each certification made simply by looking at the colour of the certification button. To summarize:

  • Grey: Identity attribute not certified.
  • Red: Tractis Score 0. Zero assurance level.
  • Orange: Tractis Score 1. Minimum assurance level.
  • Yellow: Tractis Score 2. Low assurance level.
  • Blue: Tractis Score 3. Substantial assurance level.
  • Green: Tractis Score 4. High assurance level.

For more information, simply move your mouse cursor over the certification button.

Beta and next steps

This feature is in Beta. For the duration of the Beta, certifying identity attributes is free, so it may be a good time to improve the “quality” of your Tractis Profile ;)

We want to start taking small steps, to learn and sort out the problems and smooth off the rough edges that can arise during the certification process, to receive your suggestions and keep on expanding gradually the functionalities available and the number of identity attributes that you can certify in your Tractis Profile.

Comments are welcome.

By David Blanco
Saved in: Announcements, Tractis Identity | No comments » | 8 July 2015

Improved privacy control of your Public Profile

Each Tractis user has a Public Profile. Here is mine.

As the name suggests, the Public Profile is visible for everybody, whether they have a Tractis account or not, whether they are logged in or not.

So far, the main function of the Public Profile has been to provide information about you and your activity to other Tractis users. Just click on the name of another user (on a template, a comment or a contract) to see their Public Profile. Since all the information in the Profile was public, users not wishing to share some personal detail, simply did not add it to their profile.

We have a number of ideas to make of your Tractis Profile a more powerful tool. Some have been in the oven for quite some time. In preparation for the launch of these new features, starting today you can control separately the privacy of each and every one of the details in your personal and professional information (name, photo, address, company, position, etc.). Simply select whether you want some data to be “Public” or “Private” in your Profile. For example, you can choose to share only your name, or your name, photo and all your professional contact details or any other combination. It’s up to you.

In other words, you can now fill out your complete Tractis Public Profile without the fear of sharing too much information. Simply choose what data you want to share and which not. By default all your data is private and it is made public only if you so decide.

By David Blanco
Saved in: Announcements | No comments » | 17 June 2015