Understanding eIDAS


EIDAS is the European Regulation for the electronic identification and trust services for electronic transactions. It repeals Directive 1999/93/EC. Since its announcement in July of 2014, the intent of the eIDAS Regulation has been to facilitate secure and seamless electronic transactions throughout the European Union (EU) by providing a regulatory environment that would promote their use.

This article explains the purpose and scope of eIDAS, its scope, the use of electronic signatures under eIDAS and the requirements to qualitfied trust service providers.

Read more

Major standards and compliance of digital signatures - a world-wide consideration

This article introduces the most relevant digital signature standards for global players, governments and banks.

Read more

Recommendations for Providing Digital Signature Services


With the ever-growing number of electronic transactions and documents, the use of digital signatures make it possible to trust and act upon these transactions as if they were printed on paper and signed by a trusted source. Digital signatures are used as a proof of authenticity, data integrity and non-repudiation of communications conducted over the internet. 

This article describes 7 drivers for successful digital signature services.

Read more

What is a Digital Signature - What it Does, How it Works

In the fast-paced world of business, there is always the need for speeding up various processes that are integral for optimizing efficiency, while still protecting the privacy of the business and its clients/customers. The use of digital signatures has continued to grow as a means of meeting the need for faster and more secure authentication that cannot be easily forged or compromised.

Consider how important and time-sensitive documents have been signed in the past. The user would first need to obtain the documents to be signed by means of receiving a paper document by mail or printing the document from a designated online source. The document would need to be physically signed and then returned to its originator. This caused the user to complete the process offline, which would involve other physical processes that could be considered time-consuming and costly in returning the signed document and then the additional steps that were needed to verify the signature. However, with the use of digital signatures and the WYSIWYS experience, the user can now securely access, view and sign documents online, thus eliminating the need for most offline steps.

Read more

Signing in the Cloud

Introduction

What is driving Electronic Commerce and e-Government solutions? The answer is simple: useful applications and user-friendly yet secure solutions that can deliver operational cost savings. Smartcards, used for providing digital signatures for Electronic Commerce (EC), never caught on in any significant volume for the mere fact that there are very few smartcard readers around, which makes such solutions very expensive. However, there is an alternative

Read more

Delivering Advanced Electronic Signatures - via a central signing server

The notion of Advanced Electronic Signature was introduced in the European Directive for electronic signatures[1], which remains today an important milestone for the standardisation and legal recognition of electronic signatures. Advanced Electronic Signatures (hereinafter AdES) offer a very practical method to protect information and provide trust in electronic business. They can be embedded in popular document formats such as PDF, XML and CMS messages[2] and are also the base stone for creating qualified electronic signatures (QES)[3]

Art. 2 of the directive contains some requirements on signatory identification and. This paper describes how a central signature server can fulfill these requirements. This article relates to the European Commission Standardisation mandate m460 to CEN and ETSI on electronic signatures and is proposed as input for the ETSI standard prTS 14167-5.

Read more

Where 2FA and PKI Meet

Under pressure from sophisticated attacks and rising fraud, many B2C organisations of the financial industry are currently enhancing the static password based authentication to their web applications to something stronger - the 2FA age. 2-Factor Authentication (2FA) is currently achieving large scale deployments and consumer adoption where PKI failed a few years ago.

From a technical standpoint, PKI offers significant benefits including the possibility to sign tran

Read more