Launching an eIDAS-compliant trust center for the German banking industry

Banks need to be at the forefront of enterprise cybersecurity. They represent a top target for attackers and the threat of financial losses, regulatory consequences, and reputational damage has spurred the banking industry to innovate and accelerate the field of cybersecurity. In Germany, a lot of that innovation is happening at Bank-Verlag.

Bank-Verlag is a wholly owned subsidiary of the Association of German Banks, servicing private banks in Germany in the areas of IT security, electronic banking, cashless payments and regulatory compliance. In addition to actively participating in the development of security standards and safety procedures, Bank-Verlag develops and operates several secure services for German banks, including white-labelled online banking services, secure management of PSD2-requests, fraud detection systems and more. The latest addition to Bank-Verlag’s state-of-the-art security service portfolio is an eIDAS-compliant trust service for electronic transactions, such as remote signatures and seals as well as PSD2 certificates (QWAC and QSEAL). When designing the service, Bank-Verlag did not only need to consider eIDAS-compliance and adherence to the highest security standards; the service also needed to be flexible enough to support the varying needs of different banks. Although the requirements were tough, not only from a security perspective, but also regarding flexibility and configurability, Bank-Verlag managed them successfully.

Bank-Verlag partnered with PrimeKey, placing PrimeKey’s PKI Appliance at the heart of their eIDAS-compliant trust service and to extend their knowledge and experience. The ready-to-use appliance proved powerful enough to address all Certificate Authority-related needs, while being adaptable enough to support specific use-cases and customer needs.

The ease of use of the PrimeKey PKI Appliance significantly reduced development complexity for Bank-Verlag, ensuring quick time-to-market while minimizing risk and development resources.

PrimeKey has a product that keeps its promises – it really is PKI-in-a-box, ready to use and easy to use. It helped us significantly reduce the complexity of becoming a qualified eIDAS trust service provider.

– Alexander Esser, Head of eIDAS Trust Service, Bank-Verlag

Germany’s Federal Network Agency (BNetzA) recently certified Bank-Verlag as a qualified trust service provider, enabling Bank-Verlag to create qualified electronic seals and the associated qualified certificates in accordance with the eIDAS regulation. Soon to come is the certification for qualified electronic signatures. For Bank-Verlag, the qualified eIDAS trust service is a strategic investment that provides opportunities to grow their customer base beyond financial institutions. Based on PrimeKey PKI Appliance, Bank-Verlag can rest assured that their PKI infrastructure will be flexible and scalable enough to support future needs and use-cases.

Download pdf

Products used for this customer

EJBCA Enterprise

EJBCA Enterprise is a powerful and flexible Certificate Authority and a complete PKI (Public Key Infrastructure) Management System.

Learn more

PKI Appliance

PrimeKey PKI Appliance offers the most cost-efficient, easy and secure way to deploy an enterprise PKI system.

Learn more

Get in touch with us

We’d love to help you succeed with your ambitions.

    I accept that PrimeKey stores my information, and I accept cookies for analysis and business identification. Read more about cookies and privacy policy here.