Delivering on the eIDAS vision eIDAS (electronic IDentification, Authentication and trust Services) is an EU regulation (EU N°910/2014) on electronic identification and trust services for electronic transactions across the European Union. It was adopted in 2014, took effect in 2016 and provides a predictable regulatory environment to enable secure and seamless electronic interactions between businesses, citizens and public authorities across the digital European single market. The aim of eIDAS is to spur digital growth within the EU. By creating standards for electronic signatures, qualified digital certificates, electronic seals, timestamps and other proof for authentication mechanisms, eIDAS enable electronic transactions with the same legal standing as transactions performed on paper.
The benefits of eIDAS include: Cutting out paperwork and hassle when carrying out cross-border transactions between agencies, business and private citizens. Making cross-border electronic transactions more secure and trustworthy, while reducing privacy concerns. Decreasing red tape for businesses, meaning overheads can be reduced and profits increased. Increasing flexibility and convenience of government services, while at the same time enabling government agencies to digitize and automate processes. Enabling citizens and enterprises accessing online tax service cross Europe by use of her national eID.
Two core concepts The eIDAS vision centers around two core concepts, the first one being interoperability; member states are required under eIDAS to create a common framework that will recognize eIDs from other member states, while ensuring its authenticity and security. This is key in allowing citizens and companies to easily do business across borders. The second is transparency; eIDAS provides a clear and accessible list of trusted services that may be used within the centralized signing framework. This allows security stakeholders the ability to engage in dialogue about the best technologies and tools for securing digital signatures for the whole European single market. The eIDAS regulation has created an internal market area for trust services within Europe. Trust service providers (TSPs) are the companies or organization, that provides third-party trust services in the form of cert issuance, signatures and authentication. The eIDAS regulation specifies the requirements that any public TSP operating within the EU must meet, ensuring the entire EU is operating using the same set of standards for certificate trustworthiness. eIDAS also introduces the concept of qualification for TSPs, where all TSPs across the EU must adhere to some basic requirements which are audited periodically at least every 24 month.
Becoming a Trust Service Provider As of today, not all standards regarding eIDAS compliance for TSPs are finalized. However, the European Telecommunications Standards Institute (ETSI) has established a set of standards for certificate generation and time-stamping services. While compliance with these standards are not mandated under eIDAS, the supervisory bodies of many EU countries recommend them and eIDAS recognize them as best practices for TSPs. The ETSI standards come a long way in defining what is needed to become a TSP. However, there are currently no vendors providing complete and validated technical solutions for TSPs. The road to becoming a TSP can be long and complex, driving significant costs and prolonging time to market. In addition, the periodic auditing mandated by eIDAS put further requirements on the solution to ensure compliance over time. PrimeKey’s Public Key Infrastructure and Certificate Management solutions goes a long way in reducing the complexity of becoming an eIDAS compliant TSP. Specifically the PrimeKey PKI Appliance – providing issuance, registration and validation services within the eIDAS context – is a proven solution to cost-efficiently establish core TSP capabilities.
Benefits of PrimeKey PKI Appliance for eIDAS Trust Service Providers PrimeKey is one of the world’s leading companies for PKI solutions, having developed successful technologies such as EJBCA Enterprise, SignServer Enterprise and PrimeKey PKI Appliance. The PrimeKey PKI Appliance offers an easy and secure way of establishing the core capabilities of an eIDAS compliant TSP. The capabilities provided include: Certificate Issuance Registration Point Validation Service High availability clustering Integrated Hardware Security Module (HSM) The PrimeKey PKI Appliance offers an easy and secure way of establishing an enterprise PKI system, without the hassles of elaborate installation procedures. For an eIDAS TSP, the benefits include reduced solution complexity, reducing costs of maintenance and strong integration capabilities, based on open standards.
Segregation of duties and access control Registration authority with role-based access control and approval mechanisms Support for smart card protected crypto token activation Cryptographically protected audit log, recording all security events
Cryptographic controls Built in FIPS 140-2 level 3 certified HSM Reset-to-factory defaults mechanism including secure key zeroization Common criteria EAL 4+ certified components
Physical and environmental security, operational security Built in backup and restore functionality SNMP monitoring Support for 2 and 3 node cluster setups offering fail-over or high-availability Dual Gigabit Ethernet ports with separation of management and application networks Redundant, field-replaceable power supply Easy to use update mechanism for firmware and application software
Network Security SNMP monitoring Dual Gigabit Ethernet ports with separation of management and application networks
Compliance Registration Authority with role-based access control and approval mechanisms Support for operating multiple, independent PKI hierarchies within one installation Built in backup and restore functionality
PrimeKey’s role in the eIDAS community Enabling a broad adoption of digital signatures in Europe will take more than regulation. Delivering on the eIDAS vision requires a community of different actors, including trust service providers and technology providers, working together to support the eIDAS requirements. As one of the world’s leading companies for PKI solutions, PrimeKey is committed to working together with customers, technology partners and regulatory bodies in driving the adoption of digital signatures across Europe.
Fill in your contact information below and we will get in touch with you. Name*Email* Your locationYour locationAfghanistanAlbaniaAlgeriaAmerican SamoaAndorraAngolaAntigua and BarbudaArgentinaArmeniaAustraliaAustriaAzerbaijanBahamasBahrainBangladeshBarbadosBelarusBelgiumBelizeBeninBermudaBhutanBoliviaBosnia and HerzegovinaBotswanaBrazilBruneiBulgariaBurkina FasoBurundiCambodiaCameroonCanadaCape VerdeCayman IslandsCentral African RepublicChadChileChinaColombiaComorosCongo, Democratic Republic of theCongo, Republic of theCosta RicaCôte d'IvoireCroatiaCubaCuraçaoCyprusCzech RepublicDenmarkDjiboutiDominicaDominican RepublicEast TimorEcuadorEgyptEl SalvadorEquatorial GuineaEritreaEstoniaEthiopiaFaroe IslandsFijiFinlandFranceFrench PolynesiaGabonGambiaGeorgiaGermanyGhanaGreeceGreenlandGrenadaGuamGuatemalaGuineaGuinea-BissauGuyanaHaitiHondurasHong KongHungaryIcelandIndiaIndonesiaIranIraqIrelandIsraelItalyJamaicaJapanJordanKazakhstanKenyaKiribatiNorth KoreaSouth KoreaKosovoKuwaitKyrgyzstanLaosLatviaLebanonLesothoLiberiaLibyaLiechtensteinLithuaniaLuxembourgMacedoniaMadagascarMalawiMalaysiaMaldivesMaliMaltaMarshall IslandsMauritaniaMauritiusMexicoMicronesiaMoldovaMonacoMongoliaMontenegroMoroccoMozambiqueMyanmarNamibiaNauruNepalNetherlandsNew ZealandNicaraguaNigerNigeriaNorthern Mariana IslandsNorwayOmanPakistanPalauPalestine, State ofPanamaPapua New GuineaParaguayPeruPhilippinesPolandPortugalPuerto RicoQatarRomaniaRussiaRwandaSaint Kitts and NevisSaint LuciaSaint Vincent and the GrenadinesSamoaSan MarinoSao Tome and PrincipeSaudi ArabiaSenegalSerbiaSeychellesSierra LeoneSingaporeSint MaartenSlovakiaSloveniaSolomon IslandsSomaliaSouth AfricaSpainSri LankaSudanSudan, SouthSurinameSwazilandSwedenSwitzerlandSyriaTaiwanTajikistanTanzaniaThailandTogoTongaTrinidad and TobagoTunisiaTurkeyTurkmenistanTuvaluUgandaUkraineUnited Arab EmiratesUnited KingdomUnited StatesUruguayUzbekistanVanuatuVatican CityVenezuelaVietnamVirgin Islands, BritishVirgin Islands, U.S.YemenZambiaZimbabweMessageInformation storage and cookies* I Accept I accept that PrimeKey stores my information, and I accept cookies for analysis and business identification. Read more about cookies and privacy policy here. This iframe contains the logic required to handle Ajax powered Gravity Forms.
Digitalization is based on security and open standards There is lots of practical lessons to learn from various countries who have implemented a digital society in different ways. [...]