eIDAS - Establishing Trust in Digital Signatures

by Juan Asenjo (guest) on 06. July 2020


A few years ago, the BBC reported that the power of the traditional hand-written signature was under threat from its digital counterpart. While it may have taken some time, the increasing adoption of digital services – from banking and financial transactions in the private sector to taxes and healthcare in the public – has led to a significant rise in the use of electronic signatures. Despite the fact that electronic signatures have been recognized as legally valid in some countries in Europe for years, a lack of consistency across the EU member states has proved a hindrance to cross-border business.

Download white paper

Electronic signatures have continued to increase with the enforcement of EU Regulation No. 910/2014 back in 2016. The electronic identity, authentication, and signing regulation, better known as eIDAS, is designed to establish a framework for electronic transactions that allows legally binding cross-border business throughout the European internal market.


Indeed, eIDAS creates standards for which electronic signatures are given the same legal standing as their “wet-ink” equivalents and sees the regulation of Trust Service Providers (TSPs) by supervisory bodies within their respective member state.

Businesses operating in the EU benefit from using trust services that comply with the regulation: any signed document and agreement is valid throughout the EU. By using a Qualified Trust Service, they can be sure that a document's electronic signature has at least the same validity as a wet-ink signature. Banks, in particular, are using the eIDAS regulations to ensure the identity of their customers and the validity of their agreements. As governments continue to expand the digital services they offer to their citizens, they are also requiring the use of eIDAS-compliant services and signatures.

To achieve the highest level of security and assurance, TSPs are required to use qualified signature creation devices, also known as QSCDs, which ensure the security of their signatures by applying strong cryptography.

Regardless of how strong that cryptography may be, it will only ever be as good as the root of trust that protects the underpinning cryptographic keys.

And it’s here where nCipher comes into the picture.

 Selected Signing Services

Common Criteria EAL 4+ certified, nCipher nShield hardware security modules (HSMs) are the root of trust for Trust Services.

In short, approved QSCDs enable TSPs to comply with eIDAS Regulations.

As digital signatures become more prevalent and are now recognized as legally valid across the EU, regulations such as eIDAS are important in reassuring European consumers that TSPs can protect the validity of their digital transactions and their identity. As part of this, nCipher is working with leading digital service providers, integrating nShield HSMs to serve as the root of trust for protecting customers’ most valuable and sensitive digital assets with eIDAS-compliant solutions.

And it’s not just in the EU. Governments and businesses in other countries are now adopting the eIDAS model to establish trust and legally binding digital signatures. Visit nCipher and Cryptomathic to get more information on eIDAS-compliant QES and find out how to deliver remote digital signatures for business continuity.


Originally published on nCipher website: www.ncipher.com 




References and Further Reading

Other Related Articles: # Digital Signatures # eIDAS # HSM

Want to know how we can help ?

Get in touch to better understand how our solutions secure ecommerce and billions of transactions worldwide.