Delivering on the eIDAS vision eIDAS (electronic IDentification, Authentication and trust Services) is an EU regulation (EU N°910/2014) on electronic identification and trust services for electronic transactions across the European Union. It was adopted in 2014, took effect in 2016 and provides a predictable regulatory environment to enable secure and seamless electronic interactions between businesses, citizens and public authorities across the digital European single market. The aim of eIDAS is to spur digital growth within the EU. By creating standards to be eIDAS compliant for eIDAS electronic signatures, eIDAS advanced electronic signature, qualified digital certificates, electronic seals, time-stamps and other proof for authentication mechanisms, eIDAS enable electronic transactions with the same legal standing as transactions performed on paper.
Two core concepts of eIDAS The eIDAS vision centers around two core concepts, the first one being interoperability; member states are required under eIDAS to create a common framework that will recognize eIDs from other member states, while ensuring its authenticity and security. This is key in allowing citizens and companies to easily do business across borders. The second is transparency; if organizations are eIDAS compliant, eIDAS provides a clear and accessible list of trusted services that may be used within the centralized signing framework. This allows security stakeholders the ability to engage in dialogue about the best technologies and tools for securing digital signatures for the whole European single market.
eIDAS and Trust Service Providers The eIDAS regulation has created an internal market area for trust services within Europe. Trust service providers (TSPs) are the companies or organization, that provides third-party trust services in the form of cert issuance, signatures and authentication. The eIDAS regulation specifies the requirements that any public TSP operating within the EU must meet, ensuring the entire EU is operating using the same set of standards for certificate trustworthiness. eIDAS also introduces the concept of qualification for TSPs, where all TSPs across the EU must adhere to some basic requirements which are audited periodically at least every 24 months.
Becoming a Trust Service Provider and eIDAS compliant PrimeKey’s Public Key Infrastructure and electronic signing solutions goes a long way in reducing the complexity of becoming an eIDAS compliant TSP. PrimeKey EJBCA eIDAS edition provides issuance, registration and validation services within the eIDAS context and is a proven solution to cost-efficiently establish core TSP capabilities. The PrimeKey EJBCA eIDAS edition is available both as software and as a hardware appliance.
Benefits of PrimeKey EJBCA eIDAS edition for Trust Service Providers PrimeKey is one of the world’s leading companies for PKI and electronic signing solutions, having developed successful technologies such as EJBCA Enterprise, SignServer Enterprise and PrimeKey PKI Appliance. The EJBCA eIDAS edition offers an easy and secure way of establishing the core capabilities of an eIDAS compliant TSP. The capabilities provided with EJBCA eIDAS edition include: Certificate Issuance Registration Point Validation Service High availability clustering Support for FIPS 140-2 level 3 certified and Common Criteria PP5 certified Hardware Security Modules (HSMs)
EJBCA Enterprise and SignServer Enterprise deployment options PrimeKey understands that organizations have unique business challenges, including security requirements, compliance, budgets and the availability of internal resources. We give you the choice to combine software, hardware Appliance and Cloud deployments for your PKI solution. This means the infrastructure can be deployed in the manner best suited to your business needs and can grow flexibly and expand over time. EJBCA Enterprise for eIDAS TSPs is available as: EJBCA eIDAS edition, EJBCA Enterprise software including support for common criteria PP5 certified HSMs PKI Appliance eIDAS edition, EJBCA Enterprise including common criteria PP5 certified HSM (available in Q1 2020) EJBCA Enterprise software with standard HSM support PKI Appliance hardware, EJBCA Enterprise software delivered as a hardware appliance including a FIPS 140-2 level 3 certified HSM SignServer Enterprise for electronic signing, electronic seals and time-stamping The same packing will be available soon for SignServer Enterprise.
eIDAS, Qualified Trust Service Provider, QTSP, Qualified Certificates ZetesConfidens – A Qualified Trust Services Provider at your service
EJBCA Enterprise, Becoming an eIDAS (Q)TSP Swisscom – Becoming eIDAS compliant and migrating from RSA to EJBCA Enterprise
EJBCA Enterprise, PKI Appliance Bank-Verlag – Launching an eIDAS-compliant trust center for the German banking industry
Segregation of duties and access control Registration authority with role-based access control and approval mechanisms Support for smart card protected crypto token activation Cryptographically protected audit log, recording all security events
Cryptographic controls The standard PKI Appliance has a built in FIPS 140-2 level 3 certified HSM The PKI Appliance eIDAS edition has a built in Common Criteria PP5 certified HSM Reset-to-factory defaults mechanism including secure key zeroization Common criteria certified software components
Physical and environmental security, operational security Built in backup and restore functionality SNMP monitoring Support for 2 and 3 node cluster setups offering fail-over or high-availability Dual Gigabit Ethernet ports with separation of management and application networks Redundant, field-replaceable power supply Easy to use update mechanism for firmware and application software
Network Security SNMP monitoring Dual Gigabit Ethernet ports with separation of management and application networks
Compliance Registration Authority with role-based access control and approval mechanisms Support for operating multiple, independent PKI hierarchies within one installation Built in backup and restore functionality
PrimeKey’s role in the eIDAS community Enabling a broad adoption of electronic signatures in Europe will take more than regulation. Delivering on the eIDAS vision requires a community of different actors, including trust service providers and technology providers, working together to support the eIDAS requirements. PrimeKey has numerous eIDAS and ETSI Webtrust audited customer installations and so far we have appreciated working with 30+ eIDAS (Q)TSPs. As one of the world’s leading companies for PKI and signing solutions, PrimeKey is committed to continuing to drive the adoption of digital signatures across Europe.
Fill in your contact information below and we will get in touch with you. First name*Last name*Company*Email* Country*CountryYour locationAfghanistanAlbaniaAlgeriaAmerican SamoaAndorraAngolaAntigua and BarbudaArgentinaArmeniaAustraliaAustriaAzerbaijanBahamasBahrainBangladeshBarbadosBelarusBelgiumBelizeBeninBermudaBhutanBoliviaBosnia and HerzegovinaBotswanaBrazilBruneiBulgariaBurkina FasoBurundiCambodiaCameroonCanadaCape VerdeCayman IslandsCentral African RepublicChadChileChinaColombiaComorosCongo, Republic of theCosta RicaCôte d'IvoireCroatiaCubaCuraçaoCyprusCzech RepublicDemocratic Republic of the CongoDenmarkDjiboutiDominicaDominican RepublicEast TimorEcuadorEgyptEl SalvadorEquatorial GuineaEritreaEstoniaEthiopiaFaroe IslandsFijiFinlandFranceFrench PolynesiaGabonGambiaGeorgiaGermanyGhanaGreeceGreenlandGrenadaGuamGuatemalaGuineaGuinea-BissauGuyanaHaitiHondurasHong KongHungaryIcelandIndiaIndonesiaIranIraqIrelandIsraelItalyJamaicaJapanJordanKazakhstanKenyaKiribatiKosovoKuwaitKyrgyzstanLaosLatviaLebanonLesothoLiberiaLibyaLiechtensteinLithuaniaLuxembourgMacedoniaMadagascarMalawiMalaysiaMaldivesMaliMaltaMarshall IslandsMauritaniaMauritiusMexicoMicronesiaMoldovaMonacoMongoliaMontenegroMoroccoMozambiqueMyanmarNamibiaNauruNepalNetherlandsNew ZealandNicaraguaNigerNigeriaNorth KoreaNorwayOmanPakistanPalauPalestine, State ofPanamaPapua New GuineaParaguayPeruPhilippinesPolandPortugalPuerto RicoQatarRomaniaRussiaRwandaSaint Kitts and NevisSaint LuciaSaint Vincent and the GrenadinesSamoaSan MarinoSao Tome and PrincipeSaudi ArabiaSenegalSerbiaSeychellesSierra LeoneSingaporeSint MaartenSlovakiaSloveniaSolomon IslandsSomaliaSouth AfricaSouth KoreaSpainSri LankaSudanSudan, SouthSurinameSwazilandSwedenSwitzerlandSyriaTaiwanTajikistanTanzaniaThailandTimor-LesteTogoTongaTrinidad and TobagoTunisiaTurkeyTurkmenistanTuvaluUgandaUkraineUnited Arab EmiratesUnited KingdomUnited StatesUruguayUzbekistanVanuatuVatican CityVenezuelaVietnamVirgin Islands, BritishVirgin Islands, U.S.YemenZambiaZimbabweRegionMessageInformation storage and cookies* I Accept I accept that PrimeKey stores my information, and I accept cookies for analysis and business identification. Read more about cookies and privacy policy here.CAPTCHA This iframe contains the logic required to handle Ajax powered Gravity Forms.
eIDAS is truly a long-term vision and a journey aimed to bring great benefits to citizens, government, businesses and society at large ENISA Trust Services Forum and CA Day 2019 – My reflections from the events and the eIDAS evolution. [...]
Digitalization is based on security and open standards There are lots of practical lessons to learn from various countries who have implemented a digital society in different ways. [...]
PSD2 is another step towards a digital single market in the EU. PSD2 – creating both opportunities and to-do’s