EU Regulation No 910/2014 (eIDAS) addresses the creation of remote electronic signatures using electronic signature creation data that is managed remotely by a third-party trust service provider (TSP) working on behalf of the signee.

Under eIDAS, a qualified electronic signature creation device (QSCD) must be certified and approved to be used for generating qualified electronic signatures (QES). Cryptomathic’s Signer is the only QSCD that is certified under the SOG-IS agreement using the Common Criteria Recognition Arrangement (CCRA). Its security target is written in strict conformance with EN 419 241-2: Trustworthy Systems Supporting Server Signing Part 2, Protection Profile for QSCD for Server Signing, CEN April 2019.

Globalization has continued its seemingly inexorable march over the last decades. Movement of capital, labor, ideas, goods and services across borders has made the world smaller. International and multilateral organisations create the rules that define and guide interactions between peoples and nations. Parallelly, we are seeing another revolution - the digitizing of our economy at a breath-taking pace.

Originally published in nCipher website www.ncipher.com 

A few years ago, the BBC reported that the power of the traditional hand-written signature was under threat from its digital counterpart. While it may have taken some time, the increasing adoption of digital services – from banking and financial transactions in the private sector, to taxes and healthcare in the public – has led to a significant rise in the use of electronic signatures.

This article discusses the benefits eIDs provide for both banks and customers in streamlining cross-border transactions and what is required under eIDAS for identity verification and client onboarding.

With the introduction of PSD2, banks are forced to provide third party payment service providers (PSPs) with access to the bank’s customers’ account information for account servicing and payment initiation services, but only in the case where the user has granted access to these third-party players. This article explores a technical solution that leverages eIDAS to address the PSD2 requirements.

The following content is an introduction to trust services and remote Qualified Electronic Signatures (QES) according to the eIDAS regulation and standards. This article is aimed at highlighting what a trust service provider (TSP) is and the valuable benefits of remote QES and other trust services.

Ensuring that the integrity of an e-signature remains intact is crucial to protecting its attached messages or documents. This article will explain three types of e-signature validation attacks and how they can be avoided by adopting the standards for e-signatures under eIDAS.

The world is slowly but surely moving away from its centuries-old obsession with paper. With the very real threat of man-made climate change, it is a welcome sign that the world is moving towards electronic means for recording and communicating information which is reducing the pressure on our forests. In addition to the trees saved, this also reduces the carbon impact of having to physically ship those documents around – usually via the least carbon-efficient modes like airplanes.