Understanding the Certificate Authority in the Context of eIDAS

In this article, we will discuss the Certificate Authority (CA) in the context of eIDAS and what is required of this entity in ensuring the integrity of qualified electronic signatures.

Read more

An Overview of EBA's New Guidelines on ICT and Security Risk Management (EBA/GL/2019/04) in the Light of COVID-19

Considering the COVID-19 impact on digitalization, EBA’s updated Guidelines on ICT and Security Risk Assessment will help focus on priority areas, including compliance.

Read more

Digital signature deployment models for banking - Operating as an eIDAS Compliant Registration Authority Reduces Costs and Preserves Customer Ownership

The eIDAS regulation provides both the technical and legal framework for electronic identification and digital signatures that the banking sector needs to fully digitalize its processes and go paperless.

Read more

Three Deployment Versions & Business Models of eIDAS-compliant Remote Signing for Financial Institutions

This article looks at 3 alternative deployment options for remote signing, catering for 3 different business models. The choice of the option will depend on the financial institution’s specific situation and strategic goals. This article gives guidance.

Read more

eIDAS-Qualified Remote Signing: Exploring EN 419 241-2 Certified Qualified Signature Creation Devices 

EU Regulation No 910/2014 (eIDAS) addresses the creation of remote electronic signatures using electronic signature creation data that is managed remotely by a third-party trust service provider (TSP) working on behalf of the signee.

Read more

Cryptomathic’s Signer Builds on the Only QSCD Certified under SOG-IS

Under eIDAS, a qualified electronic signature creation device (QSCD) must be certified and approved to be used for generating qualified electronic signatures (QES). Cryptomathic’s Signer is the only QSCD that is certified under the SOG-IS agreement using the Common Criteria Recognition Arrangement (CCRA). Its security target is written in strict conformance with EN 419 241-2: Trustworthy Systems Supporting Server Signing Part 2, Protection Profile for QSCD for Server Signing, CEN April 2019.

Read more

Benefits of eIDAS Qualified Signature Creation Devices and Why Cryptomathic Signer has the Strongest Security Credentials

The intent of eIDAS is to create a portfolio of technical and legal standards that enhance the security, legal validity and acceptance of electronic transactions that are used to conduct business online or to conduct official business across EU member state borders. The use of qualified electronic signatures is one such standard, which requires the use of a Qualified Signature Creation Device (QSCD).

Here is an explanation of the benefits of QSCDs and why Cryptomathic Signer has the strongest security credentials for use with these devices.

Read more

Open Banking - Success through Agile Alignment of Security Infrastructure, Strategy and Technology

Open banking can offer opportunities for retail banks that are faced with competition from newcomers to the banking and finance industry. For those unfamiliar with what open banking is, it can be best defined as “the use of open APIs that enable third-party developers (FinTech or non-banking service providers) to provide applications and services around the financial institution.” These services may be located between the customer and the bank, or placed in the bank’s bank-end.

Read more

eIDAS and the Globalisation of Trust

Globalization has continued its seemingly inexorable march over the last decades. Movement of capital, labor, ideas, goods and services across borders has made the world smaller. International and multilateral organisations create the rules that define and guide interactions between peoples and nations. Parallelly, we are seeing another revolution - the digitizing of our economy at a breath-taking pace.

Read more