Do you offer specialised services that are integrated as sub-processes in a trust service and need (renewed) proof that they meet the security requirements of the eIDAS Regulation? We carry out the necessary eIDAS and ETSI tests for you, prepare a comprehensive conformity assessment report and accompany you all the way to successful certification. Following this, you can obtain certification from your competent supervisory authority - in Germany, the Federal Network Agency (BNetzA).
Are you still at the beginning of your service and want to optimise your technical infrastructure? We will provide you with competent support and help you with IT-secure implementation. We also offer workshops or provide you with insights into the world of eIDAS & ETSI as part of our exclusive eIDAS.PROFESSIONAL training programme.
Our offer is aimed at a wide range of organisations involved in the secure, legally binding distribution and use of trust service components:
This is how we support you holistically:
Training & Qualification
Concept & preparation
Testing & conformity assessment
Audit of your implementation based on the eIDAS Regulation, including
Application of the following ETSI standards:
Certification & re-certification
Certain sub-processes of a trust service can be outsourced. This is particularly useful if there are specialised service providers on the market in this context. A widespread example is identification services offered by so-called identification service providers and integrated into the process landscape of trust service providers.
One established identification service is the video identification process. This procedure is a legally authorised procedure for establishing identity. Consumers who use this procedure require a valid identification document (passport or ID card), a stable internet connection and a webcam on their smartphone, tablet, laptop or computer. The identity is checked and confirmed by a call agent using a video chat.
In addition to applications for qualified certificates, video identification is also used when opening bank accounts or concluding loan agreements.
As the component is also part of the scope of the eIDAS conformity assessment and the security of a trust service depends largely on its components, the eIDAS Regulation also requires proof of conformity here. This is the only way to ensure that outsourced sub-processes - such as the identification service - also fulfil the requirements.
A trust service is a service within the meaning of the eIDAS Regulation, e.g. for signatures or seal services. A component is a sub-service - such as an identification service - that is integrated into the processes of a trust service provider. This component can be offered independently by the trust service provider or operated by a specialised provider or company.
Yes, this is even a common use case - e.g. for identification services that are operated independently by a third party and used by various qualified trust service providers. The prerequisite is that the component is certified and fully compliant.
No. The EU Trusted List (EUTL) only lists qualified trust service providers (TSPs) and their qualified trust services - e.g. qualified electronic signatures, seals or time stamps .
Identification services are not listed separately in the EUTL, even if they are certified. If the identification service provider wants to offer its services independently in the European market for connection to a VDA, this must be demonstrably eIDAS-compliant. The other option is an eIDAS conformity assessment of a trust service provider including the trust service component used.