Customer stories

Swisscom – Becoming eIDAS compliant and migrating from RSA to EJBCA Enterprise

swisscom logga
EJBCA Telecom

Banks need to be at the forefront of enterprise cybersecurity. They represent a top target for attackers and the threat of financial losses, regulatory consequences, and reputational damage has spurred the banking industry to innovate and accelerate the field of cybersecurity. In Germany, a lot of that innovation is happening at Bank-Verlag.

Bank-Verlag is a wholly owned subsidiary of the Association of German Banks, servicing private banks in Germany in the areas of IT security, electronic banking, cashless payments and regulatory compliance. In addition to actively participating in the development of security standards and safety procedures, Bank-Verlag develops and operates several secure services for German banks, including white-labelled online banking services, secure management of PSD2-requests, fraud detection systems and more. The latest addition to Bank-Verlag’s state-of-the-art security service portfolio is an eIDAS-compliant trust service for electronic transactions, such as remote signatures and seals as well as PSD2 certificates (QWAC and QSEAL). When designing the service, Bank-Verla

Swisscom is the largest IT/telecom company in Switzerland, providing internet access, mobile communication, TV, cloud, IoT and more. Swisscom’s Public Key Infrastructure (PKI) was the first one in Switzerland in 2005, and today their digital certificate services is an integral part of their business in which their PKI solution and its attributes are essential.

With Swisscom’s RSA Digital Certificate Solutions reaching end of life and support ending, Swisscom needed a PKI migration and consolidation. Since stakes and complexities are high whenever you migrate and/or consolidate an enterprise PKI infrastructure, a proven and capable partner that could fulfill all their needs was critical. Another central need for Swisscom was to be able to make their All-in Signing Service eIDAS compliant.

Since the implementation of PrimeKey EJBCA Enterprise, Swisscom can now offer eIDAS- and legally compliant electronic signature and time-stamping services for service providers, public authorities and companies, all across the EU.

Alongside successfully becoming a Trust Service Provider (TSP), there were also benefits in regard to Swisscom’s PKI migration and consolidation. Swisscom has pinpointed that the set-up of the Certificate Authority (CA) is more structured than before and therefore easier to maintain – making their internal processes more effective.

g did not only need to consider eIDAS-compliance and adherence to the highest security standards; the service also needed to be flexible enough to support the varying needs of different banks. Although the requirements were tough, not only from a security perspective, but also regarding flexibility and configurability, Bank-Verlag managed them successfully.

Bank-Verlag partnered with PrimeKey, placing PrimeKey’s PKI Appliance at the heart of their eIDAS-compliant trust service and to extend their knowledge and experience. The ready-to-use appliance proved powerful enough to address all Certificate Authority-related needs, while being adaptable enough to support specific use-cases and customer needs.

The ease of use of the PrimeKey PKI Appliance significantly reduced development complexity for Bank-Verlag, ensuring quick time-to-market while minimizing risk and development resources.

Peter Amrhyn, Team Leader Engineering, Swisscom

“The capabilities and compliances were no surprise – very transparent solution. You see what you do, and it makes sense. From a trust service providers perspective, you need that transparency.”

With EJBCA Enterprise making Swisscom an eIDAS compliant Trust Service Provider, Swisscom sees business opportunities ahead in both their B2B and B2C context. The new CA from PrimeKey enables Swisscom to improve and streamline their customers’ digital processes while following regulatory demands, all according to the initial critical needs that Swisscom set out to fulfil.

Products used for this customer

Learn more about the products that helped this customer to a successful solution: 

EJBCA® Enterprise

Complete public key infrastructure (PKI) and certificate management

Becoming an eIDAS (Q)TSP

Enable eIDAS compliance and electronic signatures