Exploring eIDAS - The Key Principles for Trust Services

The eIDAS Regulation creates a pan European market for electronic Trust Services (eTS). This includes things like electronic signatures and seals, electronic service delivery, website authentication and time stamps. The major thrust of the Regulation is towards ensuring that these mechanisms, when used, get the same legal status as conventional paper-based alternatives - across borders, throughout the EU. The creation of a digital Single Market requires that these electronic means of conducting business and providing services be on the same legal pedestal as the traditional methods.In order to achieve these goals, the eIDAS Regulation provides various guidelines and sets criteria that must be met. However, there are certain key principles behind all of these guidelines which collectively form the essence eIDAS. In this article, we look as some of these key principles for trust services as envisaged by the developers of eIDAS.

Read more

Cryptographic Key Management - the Risks and Mitigation

With the increasing dependence on cryptography to protect digital assets and communications, the ever-present vulnerabilities in modern computing systems, and the growing sophistication of cyber attacks, it has never been more important, nor more challenging, to keep your cryptographic keys safe and secure. A single compromised key could lead to a massive data breach with the consequential reputational damage, punitive regulatory fines and loss of investor and customer confidence.

Read more

eIDAS: Qualified Certificates supporting PSD2

The Payment Service Directive 2 (PSD2) allows non-banks to provide payment services which before were reserved for banks only. The market of services initiating a payment transaction or getting information about account balance will grow, and will also be open for new business models and technologies. The Directive and its implementation standards require all transactions to be handled through secure channels and all data shall be protected regarding authenticity and integrity.

Read more

Examining the Impact of eIDAS - Part 2

In Part 1 of our series exploring the wide footprint of the eIDAS regulation, we looked things like PSD2, the European Citizen’s Initiative and the eHealth Governance Initiative. However, these are just a few examples of the many applications of the eIDAS mechanisms. In this part, we look at some other interesting applications including Social Security and the prevention of Money Laundering.

Read more

Examining the Impact of eIDAS - Part 1

The eIDAS regulation is a key foundational stone in the creation of the pan-European Digital Single Market. It provides the essential elements to build a robust and secure electronic identification system and reliable trust services. Without the tools that eIDAS enables, a number of other EU directives and initiatives would not be able to function effectively - or at all.

Read more

Electronic Seals according to eIDAS

 eSeal - solution for legal persons

The eIDAS regulation introduced Electronic Seals as a solution for legal entities, allowing them to protect authenticity and integrity of electronic documents and data. An Electronic Seal is based on the same technology as an Electronic Signature and also can be Advanced and Qualified. A Qualified Electronic Seal is verified with Qualified Certificate.

Read more

Key Management in a Multi-Cloud Environment - A blessing or a curse?

Most people will probably agree that encrypting your sensitive data is the right thing to do. Not only is it the technique of choice to meet multiple compliance mandates, depending on the market your business operates in, this might be PCI, HIPAA, NERC-CIP or more general regulations like GDPR or PSD2. Encryption also helps you to achieve a higher level of resilience against data breaches and ultimately protects your organization from the impacts on reputation and the costs involved.

Read more

Bridging a link between PSD2 and eIDAS

Following the revised Payment Service Directive (PSD2), banks in the EEA are required to enable their customers (users) to grant third party providers (TPPs) access to

Read more

Quantum Computing and its Impact on Cryptography

“Quantum computing” is computation performed using a computing device based on the strange, counter-intuitive physical properties of matter at very small scale, known as quantum mechanics.

Read more