As electronic transactions become the default, the question is no longer just “was it sent?” — but “who sent it, who received it, is the content intact, when did it happen, and is the evidence sufficiently verifiable?” Trusted Delivery transforms the process of sending and receiving digital documents into an evidence chain with identity, digital signatures, timestamps, audit logs, and interoperability across eDelivery systems.
Why is Trusted Delivery becoming essential?
Vietnam is expanding its legal framework for end-to-end electronic transactions. The 2023 Electronic Transaction Law recognises data messages in many forms — electronic documents, electronic records, electronic certificates, electronic vouchers, electronic contracts, and other forms of electronic data interchange. This provides the foundation for digital delivery systems to move from “file transfer” to “delivery with evidence.”
Data messages must be preserved and traceable
An electronic document holds legal weight only when the system can prove its origin, integrity, and accessibility. Trusted Delivery adds an evidence layer for events such as message submission, availability to the recipient, recipient acceptance/rejection, handover, or expiry.
- Content hashing to prove the document has not been altered.
- Digital signature or electronic seal for system-level evidence.
- Timestamps for each key business milestone.
Digital signatures, digital certificates, and certification services are the foundation
Regulations on digital signatures and digital signature certification services remain the bedrock for building electronic transactions with authenticity, non-repudiation, and long-term verifiability. Within a Trusted Delivery system, digital signatures do not only sign documents — they also sign delivery evidence.
- Keycloak/SSO for user and organisation identity.
- HSM/DSS/TSA for key protection, digital signing, and timestamping.
- Audit logs and evidence packages for audits, inspections, and dispute resolution.
Deployment Architecture: from user portal to evidence and AS4
A modern Trusted Delivery platform should combine user experience, API gateway, identity management, microservices, event streaming, per-service databases, object storage, evidence services, and an AS4/eDelivery gateway.
Reference Architecture Layers
When should AS4/eDelivery be used?
When the sender and recipient are on the same platform, the system can handle the exchange via a user portal or internal API. When two independent eDelivery systems are involved in the same scenario, AS4/eDelivery serves as the standard communication layer between access points.
User Portal or Internal API
The sender uses the Sender Portal; the recipient uses the Recipient Portal. Evidence is generated within the same trust domain.
AS4 Access Point
Provider A sends an ERD Dispatch to Provider B via AS4/ebMS3/SOAP/WS-Security. Receipts and evidence are returned to update the delivery status.
Trusted Directory and PMode
The system looks up participant, endpoint, certificate, capability, and PMode before sending via Domibus or a compatible AS4 gateway.
Real-World Applications in Vietnam
Trusted Delivery is suitable for transactions that require proof of sending, receipt, time of occurrence, content integrity, and accountability of the parties involved — particularly in digital government, finance, insurance, healthcare, education, and large enterprises.
Government Agencies and Public Services
Sending decisions, file-processing notifications, appointment letters, outcome of administrative procedures, or requests for additional documents to citizens and businesses.
- Proof of notification delivered.
- Reduced reliance on paper and postal services.
- Cross-agency data interoperability.
Banking, Insurance, and Finance
Sending contract notifications, terms-and-conditions updates, confirmation requests, debt reminders, insurance dossiers, or important transaction documents.
- Reduced “not received” disputes.
- Clear audit trail for compliance purposes.
- Integration with eKYC, digital signatures, and evidence packages.
Enterprises and Human Resources
Sending employment contracts, decisions, disciplinary notices, termination notifications, addenda, or internal regulations to employees.
- Recipient acceptance or rejection recorded.
- Handover evidence preserved.
- Archived as part of the employee record.
Cross-Provider Certification Service Interoperability
ERDS/eDelivery providers can exchange messages via AS4, using a trusted directory for routing, endpoint authentication, and receipt generation.
- Four-corner model.
- AS4 send and receive.
- Provider capability lookup.
Proposed Implementation Roadmap
Trusted Delivery should not be deployed as an email-sending module. It is a trust platform that must begin with policy, identity, evidence, security, operations, and verifiability.
Define Trust Policy
Identify message types, identity assurance levels, retention groups, evidence types, notification channels, and operational responsibilities.
Build the Trusted Delivery Core
Deploy microservices for request intake, message registration, delivery orchestration, evidence, notifications, audit, and reporting.
Integrate Identity, Digital Signing, and Timestamping
Connect Keycloak, WSO2, HSM/DSS/TSA, object storage, and MariaDB to ensure identity assurance, policy enforcement, and integrity evidence.
Enable AS4 Interoperability
Configure trusted directory, AS4 endpoints, certificates, PMode, and Domibus/AS4 Access Point for cross-provider delivery exchange.
Operate with Compliance Evidence
Set up dashboards, correlation ID tracing, legal record retention, backup/disaster recovery, evidence package export, and incident response procedures.
Trusted Delivery is the next step in digital trust
Digital signatures prove who signed. Trusted Delivery proves how a message was sent, made available, received, rejected, handed over, or expired. When these two capabilities are combined, organisations can operate electronic transactions at a significantly higher level of trust than email or a conventional information portal.
References
Official sources and reference documents used to guide the content of this blog page.
- Government Electronic Information Portal, Law No. 20/2023/QH15 — Electronic Transaction Law: https://vanban.chinhphu.vn/?docid=208421&pageid=27160
- Government Electronic Information Portal, Decree No. 48/2024/ND-CP amending Decree 130/2018/ND-CP on digital signatures and digital signature certification services: https://chinhphu.vn/?docid=210212&pageid=27160
- Government Electronic Information Portal, Consolidated Document 06/VBHN-BTTTT on digital signatures and digital signature certification services: https://chinhphu.vn/?classid=0&docid=210792&pageid=27160
- Government Electronic Information Portal, Decree No. 194/2025/ND-CP on national databases, connectivity and data sharing, and open data for electronic transactions of state agencies: https://chinhphu.vn/?docid=214448&pageid=27160
- Mobile-ID website and blog — reference materials on digital trust, PKI, digital signing, and government digital transformation.
Community Discussion
Comments
Comments