eIDAS-Qualified Remote Signing: Exploring EN 419 241-2 Certified Qualified Signature Creation Devices 

EU Regulation No 910/2014 (eIDAS) addresses the creation of remote electronic signatures using electronic signature creation data that is managed remotely by a third-party trust service provider (TSP) working on behalf of the signee.

Read more

Cryptomathic’s Signer Builds on the Only QSCD Certified under SOG-IS

Under eIDAS, a qualified electronic signature creation device (QSCD) must be certified and approved to be used for generating qualified electronic signatures (QES). Cryptomathic’s Signer is the only QSCD that is certified under the SOG-IS agreement using the Common Criteria Recognition Arrangement (CCRA). Its security target is written in strict conformance with EN 419 241-2: Trustworthy Systems Supporting Server Signing Part 2, Protection Profile for QSCD for Server Signing, CEN April 2019.

Read more

eIDAS and the Globalisation of Trust

Globalization has continued its seemingly inexorable march over the last decades. Movement of capital, labor, ideas, goods and services across borders has made the world smaller. International and multilateral organisations create the rules that define and guide interactions between peoples and nations. Parallelly, we are seeing another revolution - the digitizing of our economy at a breath-taking pace.

Read more

eIDAS - Establishing Trust in Digital Signatures

Originally published in nCipher website www.ncipher.com 

A few years ago, the BBC reported that the power of the traditional hand-written signature was under threat from its digital counterpart. While it may have taken some time, the increasing adoption of digital services – from banking and financial transactions in the private sector, to taxes and healthcare in the public – has led to a significant rise in the use of electronic signatures.

Read more

eID Verification Process and Client Onboarding for Banks and Financial Institutions compliant to eIDAS, KYC and AML

This article discusses the benefits eIDs provide for both banks and customers in streamlining cross-border transactions and what is required under eIDAS for identity verification and client onboarding.

Read more

Integrating PSD2 and eIDAS

With the introduction of PSD2, banks are forced to provide third party payment service providers (PSPs) with access to the bank’s customers’ account information for account servicing and payment initiation services, but only in the case where the user has granted access to these third-party players. This article explores a technical solution that leverages eIDAS to address the PSD2 requirements.

Read more

Which Trust Service Providers Support Remote QES Services?

The following content is an introduction to trust services and remote Qualified Electronic Signatures (QES) according to the eIDAS regulation and standards. This article is aimed at highlighting what a trust service provider (TSP) is and the valuable benefits of remote QES and other trust services.

Read more

What are E-Signature Validation Attacks and How to Protect Yourself in the Context of eIDAS

Ensuring that the integrity of an e-signature remains intact is crucial to protecting its attached messages or documents. This article will explain three types of e-signature validation attacks and how they can be avoided by adopting the standards for e-signatures under eIDAS.

Read more

eIDAS and the eSignature Standards Driving Digitization in the EU

The world is slowly but surely moving away from its centuries-old obsession with paper. With the very real threat of man-made climate change, it is a welcome sign that the world is moving towards electronic means for recording and communicating information which is reducing the pressure on our forests. In addition to the trees saved, this also reduces the carbon impact of having to physically ship those documents around – usually via the least carbon-efficient modes like airplanes.

Read more