Bank-Verlag – Launching an eIDAS-compliant trust center for the German banking industry
Banks need to be at the forefront of enterprise cybersecurity. They represent a top target for attackers and the threat of financial losses, regulatory consequences, and reputational damage has spurred the banking industry to innovate and accelerate the field of cybersecurity. In Germany, a lot of that innovation is happening at Bank-Verlag.
Bank-Verlag is a wholly owned subsidiary of the Association of German Banks, servicing private banks in Germany in the areas of IT security, electronic banking, cashless payments and regulatory compliance. In addition to actively participating in the development of security standards and safety procedures, Bank-Verlag develops and operates several secure services for German banks, including white-labelled online banking services, secure management of PSD2-requests, fraud detection systems and more. The latest addition to Bank-Verlag’s state-of-the-art security service portfolio is an eIDAS-compliant trust service for electronic transactions, such as remote signatures and seals as well as PSD2 certificates (QWAC and QSEAL). When designing the service, Bank-Verlag did not only need to consider eIDAS-compliance and adherence to the highest security standards; the service also needed to be flexible enough to support the varying needs of different banks. Although the requirements were tough, not only from a security perspective, but also regarding flexibility and configurability, Bank-Verlag managed them successfully.
Bank-Verlag partnered with PrimeKey, placing PrimeKey’s PKI Appliance at the heart of their eIDAS-compliant trust service and to extend their knowledge and experience. The ready-to-use appliance proved powerful enough to address all Certificate Authority-related needs, while being adaptable enough to support specific use-cases and customer needs.
The ease of use of the PrimeKey PKI Appliance significantly reduced development complexity for Bank-Verlag, ensuring quick time-to-market while minimizing risk and development resources.
Alexander Esser, Head of eIDAS Trust Service, Bank-Verlag
“PrimeKey has a product that keeps its promises – it really is PKI-in-a-box, ready to use and easy to use. It helped us significantly reduce the complexity of becoming a qualified eIDAS trust service provider.”
Germany’s Federal Network Agency (BNetzA) recently certified Bank-Verlag as a qualified trust service provider, enabling Bank-Verlag to create qualified electronic seals and the associated qualified certificates in accordance with the eIDAS regulation. Soon to come is the certification for qualified electronic signatures. For Bank-Verlag, the qualified eIDAS trust service is a strategic investment that provides opportunities to grow their customer base beyond financial institutions. Based on PrimeKey PKI Appliance, Bank-Verlag can rest assured that their PKI infrastructure will be flexible and scalable enough to support future needs and use-cases.
Products used for this customer
Learn more about the products that helped this customer to a successful solution:
EJBCA® Enterprise
Complete public key infrastructure (PKI) and certificate management
EJBCA® Hardware Appliance
Turn-key PKI hardware and software solution with integrated HSM