Skip to content

eIDAS (remote signatures and seals)

Hand hält Smartphone mit digitalem Dokument und Signatur-Symbol.

Under the seal of security: becoming a qualified trust service provider (VDA) for remote signatures and seals

As a provider of remote signatures and seals, you make a decisive contribution to improving the user-friendliness of electronic signatures and thus simplifying paperless signature processes. The be-all and end-all when creating electronic (remote) signatures: a trustworthy environment. In order to prove this objectively and be officially listed as a qualified trust service provider (VDA), you must fulfil certain requirements set out in the eIDAS Regulation.

We support you on your way to qualification status: from testing your service to conformity assessment (certification) or re-certification, we can provide you with the eIDAS package. In addition, we offer you workshops or make you an eIDAS.PROFESSIONAL as part of our specific training programme.

Request a customised quote now

Target group for certification of trust service providers for remote signatures and seals

Our offer is aimed at a wide range of organisations involved in the secure, legally binding distribution and use of digital seals:

  • Companies that already operate a qualified electronic trust service for remote signatures & seals or are planning to set one up
  • Providers of digital identity services, certification services or trust services within the meaning of the eIDAS Regulation

The advantages of certification at a glance

  • Authorisation as a qualified trust service provider: You objectively prove that you fulfil the requirements of the eIDAS Regulation.
  • European recognition: You will be included in the EU Trusted Service List (TSL).
  • Access to the European Single Market: Your service can be used throughout the EU in a legally binding manner.
  • Transparent GAP analysis: We identify optimisation potential in your current implementation.
  • Training & expertise: With our training, your employees become your company's own eIDAS.PROFESSIONALs.

Your path to becoming a certified trust service provider for remote signatures and seals

This is how we support you holistically:

Training & Qualification

  • eIDAS.PROFESSIONAL training for your employees

Concept & preparation

  • Overview of the legal requirements for trust services, including the relevant eIDAS requirements, relevant ETSI standards and evaluation of these requirements in the respective context
  • Explanation of the meaning of the Trust Service Practice Statement (TSPS) and introduction to the TÜV NORD certification programme, including normative and legal requirements, interpretations and other relevant aspects
  • Workshops and preliminary audits to identify non-conformities and potential for improvement through status analyses of the PKI or trust service and GAP analysis of existing documentation and processes

Testing & conformity assessment

Audit of your implementation based on the eIDAS Regulation, including

  • Article 28 & 29:Qualified certificates for electronic signatures; requirements for qualified electronic signature creation devices
  • Articles 38 & 39:Qualified certificates for electronic seals; Qualified electronic seal creation devices

Application of the following ETSI standards:

  • ETSI EN 319 401: Electronic signatures and infrastructures: General requirements for Trust Service Providers
  • ETSI EN 319 411-1: Guidelines and security requirements for trust service providers issuing certificates; Part 1: General requirements
  • ETSI EN 319 411-2: Guidelines and security requirements for trust service providers issuing certificates; Part 2: Requirements for trust service providers issuing qualified EU certificates

Certification & re-certification

  • Conformity assessment and certification
  • Support for inclusion in the EU Trusted Service List

FAQ – Frequently asked questions about trust service providers for remote signatures and seals

An electronic signature or an electronic seal can be generated remotely without a smartcard, for example via a mobile device such as a smartphone or tablet. This service can only be provided by a qualified trust service provider in order to ensure a high level of security for the user when creating the signature/seal.

The key material for signature/seal creation is stored in certified qualified signature or seal creation devices, QSCDs for short, which are operated by trust service providers. Triggering the remote signature/seal requires successful two-factor authentication, whereby the two factors come from two of the following three categories:

  • Knowledge, e.g. a password,
  • Possession, e.g. a smartphone to which a transaction code (one-time password) is sent,
  • Biometric features.

The corresponding means of authentication must be in the sole possession of the user.

A qualified trust service provider (TSP) offers electronic signature or seal services that fulfil the requirements of the eIDAS Regulation. It is listed in the EU Trusted Service List (TSL) and is authorised to provide qualified electronic signatures or seals that are legally recognised throughout the EU.

Only qualified providers may offer qualified remote signatures and seals. These offer the highest level of trust within the meaning of the eIDAS Regulation and are necessary for many business-critical, legally binding digital transactions - especially in the EU single market.

The eIDAS Regulation (EU No. 910/2014) standardises how electronic identification and trust services are to be used in a legally valid manner throughout Europe. It defines the requirements for providers, processes, signature and seal creation and technical systems.

The Trust Service Practice Statement (TSPS) documents the operational, organisational and security-related measures of a trust service provider. It is a central test document as part of the conformity assessment and must comply with the requirements of eIDAS and the ETSI standards.

A specific training format for employees of trust service providers. It provides practical knowledge about eIDAS requirements, technical basics, security concepts and operational implementation.

- Signature: linked to a natural person

- Seal: is assigned to a legal entity (e.g. company, public authority)

Both variants can be provided as remote signatures or remote seals - a qualified technical infrastructure is required.

Why are we a strong partner for you

We support you with in-depth expertise in the field of electronic seals, trust services and conformity assessment - from the initial idea to successful certification. Our experts know the regulatory requirements of the eIDAS Regulation and relevant ETSI standards in detail. With practical workshops, individual training courses (e.g. on eIDAS.PROFESSIONAL) and sound advice, we ensure that your trust service is legally compliant, secure and recognised throughout Europe. Trust in our experience - for maximum security, integrity and authenticity of your digital documents.

Expertise

Our experienced experts have already successfully implemented more than 500 PKI projects of various sizes, some of them transnational.

Industry experience

Thanks to our many years of experience in a wide variety of sectors, we are able to serve companies in a wide range of industries.

Everything from a single source

We provide you with the eIDAS all-round package: from training and workshops to planning support and audits through to conformity assessment (certification).

Sie haben Fragen? Wir helfen gerne!

Additional services

Hand stempelt Dokument, daneben schwebende Symbole von Dokumenten mit Häkchen.

Electronic seals

Become a qualified trust service provider (VDA) for electronic seals: We support you in planning your service(s), carry out tests according to eIDAS & ETSI and accompany you on your way to conformity assessment.
Read more
Hände tippen auf Laptop, umgeben von schwebenden Dokumentensymbolen.

Remote signatures & remote seals

A trustworthy environment is the be-all and end-all when creating electronic remote signatures. To prove this objectively and be officially listed as a VDA, you must fulfil the requirements of the eIDAS Regulation.
Read more

Website authentication

Are you in the process of setting up or developing a qualified trust service for the creation of website certificates and would like to demonstrate compliance with the requirements of the eIDAS Regulation? Then you've come to the right (IT) address!
Read more