As part of the global drive for digital transformation, legally binding digital signatures are at the forefront of many businesses’ ambitions to provide an enhanced and complete digital customer journey. Even though most people can understand the general concept of digital signatures, reaching the highest level of assurance with a Qualified Electronic Signature contains quite a few things to consider.

Here we provide a high-level comparison between Cryptomathic Signer and other eIDAS remote signing solutions available in the market.

Last week order for 186 double-decker trains was nullified due to a legal formality surrounding the Qualified Electronic Signature used to ink the deal. Guillaume Forget, Managing Director and e-signature specialist of Cryptomathic GmbH, unpacks what went wrong and highlights what businesses everywhere can learn from the debacle.

The COVID-19 pandemic put many industries to the test as they found alternate ways to serve their customers and manage to survive the crisis. The banking and finance sector may have already been ahead of the curve with digitalisation.

In May 2021, researchers published two attacks on certified PDFs, which enabled unintentional and fraudulent modifications to be applied to signed documents. Here we provide a brief summary of the attacks and explain why documents that are digitally signed using Cryptomathic Signer and its WYSIWYS technology is not susceptible to these attacks.

When deploying digital signatures to fully digitalize business processes, large organization such as banks must comply with the technical and legal guidelines of the country in which they operate. Complying with standards of various jurisdictions can prove difficult when the signature solution must be made available on both a global and a local level.

What You See is What Your Sign (WYSIWYS) is a term that is used to describe an enhanced level of data integrity within a digital signature system. Its purpose is to ensure that the content of a signed message cannot be altered, whether intentionally or accidentally (non-repudiation).

eIDAS provides the technical and legal framework needed for electronic identification and digital signatures to allow the banking industry to digitize its processes fully. This article introduces the technology needed for remote signing at the level of a qualified electronic signature (QES).

Cryptomathic’s Signer is the only qualified (electronic) signature creation device (QSCD) that is certified under the SO-GIS agreement using the Common Criteria Recognition Arrangement (CCRA). Its security target is written to strictly conform to the certified protection profile EN 419 241-2.

In this article, we will discuss the Certificate Authority (CA) in the context of eIDAS and what is required of this entity in ensuring the integrity of qualified electronic signatures.