Sign up

The Greendizer Blog

News and thoughts by the people behind Greendizer

Greendizer for Magento

05/09/2012 5:49 p.m.
A few weeks ago, we announced that our Greendizer Invoice Connector for Magento was submitted for review.

Today, we're very happy to announce that it has been approved and is now available on the Magento Connect portal.




The module is very easy to install, and silently syncs every invoice you generate on Magento with your Greendizer account.

With Greendizer for Magento, your invoices are automatically backed-up in the cloud, your customers instantly notified with a customizable email message, and you get to use our Invoices Application to keep an eye on everything.

The module will be regularly updated to support the features and capabilities we add to improve Greendizer. The next release will add support for digital signatures.

By the way, If you think Apple's app validation process takes too long, wait until you deal with Magento!

We are busy working on some very exciting stuff. We can't wait to share some of them with you.

Mohamed Attahri Greendizer for Magento
Published by Mohamed Attahri
05/09/2012 5:49 p.m.
magento;module;plugin

Open Domain Directory

03/12/2012 8:57 p.m.

We're one of those businesses where the sign up form cannot be sized down to a couple of fields. We decided that if we couldn't act on the number, we would try to make it smarter and try to guess as many values as possible from the context.

We were surprised by how much information could be found in a simple email address. For example: jimi@springshield.fr is very likely to be someone working at Springshield, a France-located business. With a few lines of javascript, we've been able to reduce the sign up effort of our users by 1/3. 

Ironically, a big chunk of the information needed to sign up on Greendizer can be found publicly - every business has its name and full address available somewhere out there on the web. The problem is the information is not complete, accurate, verified or standardized in a single format which can be used by anyone.

Of course, we could have used an API like LinkedIn's but we didn't want to make the process even longer by asking the user to authorize an intermediary service to access his profile.

We also considered the WHOIS records, but spammers and marketers forced the registrars to protect the privacy of the domain owners.

We came up with a simple solution and reached out to our community to get some feedback and eventually adopt it. We'd like to improve the web with a free, open, and decentralized domain-based business directory, where every domain-owner - aka business - remains in control of the data he chooses to make public.

We think it's achievable with a simple manifest file located in the root of every domain (example.com/example.manifest), with a bunch of information about its owner.


{
"type":"business",
"name":"Greendizer",
"desc":"Invoicing designed for developers",
"address":"15 rue de Chambéry",
"state":"",
"city":"Paris",
"country":"FR",
"logo":{
"16":"https://www.greendizer.com/static/icons/gd16.png",
"128":https://www.greendizer.com/static/icons/gd128.png"
}
}
  • Businesses would no longer have to update their profiles on every online service they registered in;
  • Developers can speed up sign up processes by using a free, open, verified and up-to-date source of information;
  • Many developers would no longer have to deal with logo uploading, organization profile management, etc.;
  • Caching mechanisms of the web are more effective as everyone would be linking to the same URLs (especially logos).

To make it accessible to browser-based applications, we suggest to make the responses compliant with th W3C CORS specification.

The special Access-Control-Allow-Origin header required for CORS

JSONP is excluded because it's only viable if you are 100% sure that the source source is trustworthy. In an  open environment, there is no way to know if a manifest contains the expected JSON data or a malicious script that your browser would blindly execute.

The CORS specification is supported by all the major browsers (IE8+, FF 3.5+, Safari 4+, Chrome 3+), and doesn't require the resource to be altered to become accessible. Websites like http://enable-cors.org/ make it very easy to configure a server to return the appropriate headers.

We like the extreme simplicity of the idea. Favicons work pretty much the same way, and proved this kind of approaches can be viable. The question is, how would you improve it?

Update (03/20/2012):
  • The humans.txt initiative proposes a similar idea to reference the "people" behind a website (thanks @hbou)
  • OpenGraph does not offer a solution to the problem we're trying to solve. A metadata is only useful when you've been able to locate the resource its describing.
Mohamed Attahri Open Domain Directory
Published by Mohamed Attahri
03/12/2012 8:57 p.m.
domain, favicon, directory, whois, odd, cors, business

Greendizer turns your invoice to a digitally signed PDF

02/13/2012 9:45 p.m.


The challenge has been daunting; just what we have been looking for. Our team suffered few cuts and bruises but they delivered an amazing feature which will make pen and paper even more obsolete.  Greendizer already allows you to download any of your invoices in PDF format using the Viewer but now, you can sign your invoice PDFs digitally and without any hassle. 

A digital signature allows the reader of the document to identify the signer and it guarantees the content has not been altered since it was initially signed. 

Greendizer does just that. After the invoices have been digitally signed by our servers, the authenticity and the integrity of the data contained can be easily verified by users. We seal and sign your invoices the first time they are requested in PDF format. Any attempt to modify them afterwards would render the signature invalid.

When you open a PDF document with Adobe Reader, it detects the signature and automatically verifies its validity for you. The state of the signature and the "reason" field where you can find the name of the signer can easily accessed through a side bar.

Adobe Reader makes it easy to find the signature's date, the X.509 certificate used to apply it and other pertinent technical details.


How cool is that? This new feature just took security of our Greendizer invoices to a whole new level. You can now exchange Greendizer PDF invoices with peace of mind and can be 100% sure about their trustworthiness.

Please feel free to share your thoughts, suggestions and expectations in the comments. Your feedback is what helps us make better products.
x509, signature, legal, pdf, invoices, invoice, digital

Conditions for a valid digital invoice

02/13/2012 8:16 p.m.


First, we should mention that there are two levels of digitization of documents:
The European directive 2001/155 of December 20th, 2001 sets the legal framework for the exchange of digital invoices in the European Union (EU). It states that the use of digital invoicing requires the receiver approval beforehand. For the digital invoices to be valid, the directive enforces two formats : EDI and Digital Signature. Therefore, the exchanged invoices must be digitally signed and archived during the legally required period.

The digital signature must be specific to the signer and issued by a certification authority. The signature should ensure the authenticity of the invoice origin as well as its integrity and inalterability. The certification delivered by this third-party authority must be included with the invoice in order for the receiver to be able to verify :
  • The identity of the sender and their public key
  • The validity period for the certificate
  • The unique serial number
  • The identity and signature of the certification authority
For a digital invoice to be valid, it should be archived by the two parties in its original format including the certificats it contained when first exchanged. These archives should be presented in a human readable format and in a reasonable amount of time if requested by the fiscal administration. Fiscal services may request the entire archive or part of it over one, two, or three fiscal cycles which corresponds to the right of recovery. This obligation is equally valid for the sender and the receiver.

The European directive 2001/155 of December 20th, 2001 is applied in all EU countries which have included it in their national laws. In the case of France, this directive was transposed in articles 289 and 289bis of the general tax code. To get rid of your paper invoices, you should, therefore, use digitally signed invoices in order to abide by the European law as well as your country's law. In case the conditions above are not met, you take the risk that fiscal authorities do not validate your digital invoices. This may affect the VAT (contesting the VAT discounts operated) as well as the calculation of the taxable profit.

There is a larger number of software and web services available now that allow sending digital invoices. But are these invoices legally valid? Most of the existing systems do not take this aspect into consideration, and the ones that do take in charge digital signature usually involve setting costs as well as important delays. In fact, no digital invoicing service is totally free and the rare exceptions that are, provide you with a very limited free version that will ultimately oblige you to go for a non-free-of-charge package.

Greendizer offers a free service for all small and medium size companies. That is why we guarantee our customers to keep free-of-charge not only invoice creation, sending, and archiving services, but also the invoice digital signature service.
Hamza Bernoussi Conditions for a valid digital invoice
Published by Hamza Bernoussi
02/13/2012 8:16 p.m.
signature, legal, digitization, pdf, fiscal, edi, invoices

Live from twitter®

Follow Greendizer on Twitter

Join us on Google Plus®

Find us on Facebook®