As part of the global drive for digital transformation, legally binding digital signatures are at the forefront of many businesses’ ambitions to provide an enhanced and complete digital customer journey. Even though most people can understand the general concept of digital signatures, reaching the highest level of assurance with a Qualified Electronic Signature contains quite a few things to consider.

Here we provide a high-level comparison between Cryptomathic Signer and other eIDAS remote signing solutions available in the market.

The COVID-19 pandemic put many industries to the test as they found alternate ways to serve their customers and manage to survive the crisis. The banking and finance sector may have already been ahead of the curve with digitalisation.

What You See is What Your Sign (WYSIWYS) is a term that is used to describe an enhanced level of data integrity within a digital signature system. Its purpose is to ensure that the content of a signed message cannot be altered, whether intentionally or accidentally (non-repudiation).

Cryptomathic’s Signer is the only qualified (electronic) signature creation device (QSCD) that is certified under the SO-GIS agreement using the Common Criteria Recognition Arrangement (CCRA). Its security target is written to strictly conform to the certified protection profile EN 419 241-2.

In this article, we will discuss the Certificate Authority (CA) in the context of eIDAS and what is required of this entity in ensuring the integrity of qualified electronic signatures.

The eIDAS regulation provides both the technical and legal framework for electronic identification and digital signatures that the banking sector needs to fully digitalize its processes and go paperless.

This article looks at 3 alternative deployment options for remote signing, catering for 3 different business models. The choice of the option will depend on the financial institution’s specific situation and strategic goals. This article gives guidance.

EU Regulation No 910/2014 (eIDAS) addresses the creation of remote electronic signatures using electronic signature creation data that is managed remotely by a third-party trust service provider (TSP) working on behalf of the signee.

Under eIDAS, a qualified electronic signature creation device (QSCD) must be certified and approved to be used for generating qualified electronic signatures (QES). Cryptomathic’s Signer is the only QSCD that is certified under the SOG-IS agreement using the Common Criteria Recognition Arrangement (CCRA).