Skip to content

eID, trust services & PKI – testing & certification

Trust is good, security is better: testing and certification of your service or product

Qualified electronic trust services such as signatures, seals and time stamps create the prerequisites for fully digitalised official and business processes. Secure and legally recognised procedures are crucial for trustworthy processing.

As a trust service provider (VDA), you must therefore prove that you comply with the eIDAS Regulation, the Europe-wide regulations for the areas of "electronic identification (eID)" and "electronic trust services", and that you implement the underlying technical and organisational standards (ETSI, CEN). The legal framework is supplemented by certain national legal requirements, such as the Trust Services Act in Germany. In order to be included as a trust service provider on the European eIDAS Trusted Service List (TSL), it is necessary to submit a conformity assessment report from an accredited conformity assessment body (e.g. TÜV NORD) to the responsible national supervisory authority.

As a conformity assessment body, we offer you a wide range of services, from testing to certification in accordance with eIDAS, ETSI or the Technical Guidelines of the German Federal Office for Information Security (BSI).

Request a personalised quote

Target group for certification

Our services are aimed at a wide range of organisations. These include

  • Organisations that already operate a qualified electronic seal service or are planning to set up a qualified electronic seal service
  • Providers of digital identity services, certification services or trust services within the meaning of the eIDAS Regulation

The advantages of certification at a glance

  • Training: In our practical training sessions, we teach you and your team the basics and current requirements relating to eIDAS & ETSI.
  • Workshops: We prepare you specifically for eIDAS or ETSI certification - including process structure, documentation requirements and best practices.
  • Project support: We provide technical and organisational support for your eID and trust service projects - with a focus on an eIDAS and BSI-compliant infrastructure.
  • Objective assessment of security level: We use detailed analyses to assess the identification processes you use and categorise the current security level in a comprehensible manner.
  • Certification and conformity assessment with added value: Our experts comprehensively check your processes and documents in accordance with eIDAS, ETSI and the BSI's technical guidelines - and accompany you all the way to successful proof of conformity.

Your path to becoming a certified service provider in the field of electronic identification (eID) and trust services

This is how we support you holistically:

Training & Qualification

  • eIDAS.PROFESSIONAL training for your employees

Concept & preparation

  • Overview of the legal requirements for trust services, including the relevant eIDAS requirements, relevant ETSI standards and evaluation of these requirements in the respective context
  • Explanation of the meaning of the Trust Service Practice Statement (TSPS) and introduction to the TÜV NORD certification programme, including normative and legal requirements, interpretations and other relevant aspects
  • Workshops and preliminary audits to identify non-conformities and potential for improvement through status analyses of the PKI or trust service and GAP analysis of existing documentation and processes

Testing & conformity assessment

We test according to these standards

  • eIDAS: The eIDAS regulation contains binding, Europe-wide regulations for signatures and the provision of trust services.
  • ETSI: We use ETSI standards for testing & certification of trust services, in particular ETSI EN 319 401, ETSI EN 319 411-1/2 & ETSI EN 319 421.
  • BSI technical guidelines: BSI TR-03145 contains general requirements for trust centres that operate a Certification Authority (CA) with a "high" security level.
  • (Draft) CP for the European C-ITS trust model based on PKI: Contains concrete specifications for the provision of C-ITS solutions & describes the minimum requirements for the interoperability of C-ITS.

Certification & re-certification

  • Conformity assessment and certification
  • Support for inclusion in the EU Trusted Service List

Why we are a strong partner for you

  • 25 years of experience in IT security testing and certification
  • One of the first eIDAS/ETSI accredited conformity assessment bodies
  • Over 500 PKI projects of various sizes, some of them transnational, completed
  • We are active worldwide
  • Our certificates are internationally recognised and increase your competitive advantage
  • Our certificates show that your services are state of the art
  • Targeted project realisation in line with your budget, schedule and standards requirements

Frequently asked questions about electronic identification (eID) and trust services

Qualified trust services are digital services such as electronic signatures, seals or time stamps that fulfil high security and legal requirements. They enable legally binding, fully digital processes in public authorities and companies.

Trust service providers (TSPs) that want to provide qualified electronic services - e.g. signature or seal providers - require eIDAS certification. This is a prerequisite for inclusion in the EU Trusted Service List (TSL).

The eIDAS Regulation is an EU-wide binding legal framework for electronic identification procedures (eID) and trust services. Among other things, it regulates requirements for signatures, seals, time stamps and other trust-building services.

This depends on the scope of the project and the level of preparation. An initial consultation helps with a realistic assessment of the time frame and resources.

Yes - our certificates are internationally valid and strengthen your position in the EU market.

Other topics and news that may interest you

Hände tippen auf einer Laptop-Tastatur, umgeben von schwebenden digitalen Ordner- und Dokumentensymbolen.

Document management

With an audit & certification according to the PK-DML, you fulfil the legal requirements for the capture, processing & archiving of documents
Learn more
Geschäftspersonen in Besprechung mit Laptops und digitalen Datenvisualisierungen.

Our next eIDAS.PROFESSIONAL training course

Become an eIDAS.PROFESSIONAL now & register for the next training course
Learn more

Do you have any questions? We are happy to help!