TryTRY
BuyBUY
  • newsletter
  • contact
  • corporate
  • careers
Utimaco
de
TRYour free HSM simulator
BUYget a quote
  • home
  • solutions
  • products
  • services
  • blog
  • downloads
  • partners
  • company

Next event

24/Mar - 25/Mar | Webinar

The Path for Cloudifying Payment HSMs

Utimaco Portal

Here you will find everything you need as a partner and customerLogin required

  • home
  • solutions
    • industries
      • banking and financial services
        • acquirer
        • card scheme
        • issuer
        • hsm-as-a-service
      • government
        • federal government
      • cloud
        • cloud-based innovation
        • multi-cloud agility
      • connected car (V2V)
      • automotive solutions
      • road infrastructure (V2I), toll collection & ITS
      • industrial IoT & manufacturing
      • energy & utilities
      • lottery & gaming
      • media & entertainment
      • telecommunications
    • applications
      • authentication
      • blockchain
      • code signing
      • database encryption
      • document signing
      • key injection
      • post-quantum crypto agility
      • public key infrastructure (PKI)
        • EJBCA
      • random number generator (RNG)
    • compliance
      • certifications & approvals
        • Common Criteria (CC)
        • FIPS 140-2
      • compliance & standardization
        • FISMA, FedRAMP, and FICAM
        • Certificate Policy of the Smart Metering PKI
        • eIDAS
        • GDPR
        • PCI DSS
        • Privacy Shield
  • products
    • general purpose HSM
      • SecurityServer Se Gen2
      • SecurityServer CSe
      • Block-safe
      • CryptoServer CP5 (eIDAS & CC)
      • CryptoServer Cloud
      • TimestampServer
      • Q-safe
    • payment HSM
      • Atalla AT1000
      • PaymentServer Se Gen2
      • PaymentServer CSe
      • Secure Configuration Assistance (SCA)
      • QuickStart Services
      • u.cloud – Atalla PaymentHSMaaS
      • u.trust 360
    • key management
      • Enterprise Key Management
    • Software Development Kit (SDK)
      • CryptoServer SDK
      • CryptoScript SDK
    • HSM simulators
      • Block-safe HSM simulator
      • CryptoServer CP5 simulator (eIDAS & CC)
      • SecurityServer simulator
      • Q-safe HSM simulator
    • form factor
      • LAN appliance
      • PCIe card
      • cloud, “HSM as a Service”
    • KeyBRIDGE
      • KeyBRIDGE POI
      • KeyBRIDGE RKD
      • KeyBRIDGE eKMS
      • TokenBRIDGE™
    • u.trust Anchor
      • u.trust Anchor CSAR
      • u.trust Anchor High Performance HSM
  • services
    • consultancy
      • PQC consultancy
    • support
    • managed services
      • Key Exchange & Escrow Service (KEES™)
    • professional services
    • Utimaco Academy
  • blog
  • downloads
    • brochures
    • data sheets
    • case studies
    • white papers
    • webinars
    • e-books
      • PQC for Dummies e-book
      • HSM for Dummies e-book
    • Utimaco Portal
      • integration guides
      • knowledge base
  • partners
    • Partner Program
      • technology partner
    • Partner Locator
  • company
    • about Utimaco
      • legal
      • terms & conditions
      • privacy
        • cookie-policy
    • locations
    • news
      • newsletter
    • events
    • contact
    • careers
    • investors
    • utimaco management
    • business ethics
    • memberships and certifications
    • engagement in research
  • home
  • solutions
    • industries
      • banking and financial services
        • acquirer
        • card scheme
        • issuer
        • hsm-as-a-service
      • government
        • federal government
      • cloud
        • cloud-based innovation
        • multi-cloud agility
      • connected car (V2V)
      • automotive solutions
      • road infrastructure (V2I), toll collection & ITS
      • industrial IoT & manufacturing
      • energy & utilities
      • lottery & gaming
      • media & entertainment
      • telecommunications
    • applications
      • authentication
      • blockchain
      • code signing
      • database encryption
      • document signing
      • key injection
      • post-quantum crypto agility
      • public key infrastructure (PKI)
        • EJBCA
      • random number generator (RNG)
    • compliance
      • certifications & approvals
        • Common Criteria (CC)
        • FIPS 140-2
      • compliance & standardization
        • FISMA, FedRAMP, and FICAM
        • Certificate Policy of the Smart Metering PKI
        • eIDAS
        • GDPR
        • PCI DSS
        • Privacy Shield
  • products
    • general purpose HSM
      • SecurityServer Se Gen2
      • SecurityServer CSe
      • Block-safe
      • CryptoServer CP5 (eIDAS & CC)
      • CryptoServer Cloud
      • TimestampServer
      • Q-safe
    • payment HSM
      • Atalla AT1000
      • PaymentServer Se Gen2
      • PaymentServer CSe
      • Secure Configuration Assistance (SCA)
      • QuickStart Services
      • u.cloud – Atalla PaymentHSMaaS
      • u.trust 360
    • key management
      • Enterprise Key Management
    • Software Development Kit (SDK)
      • CryptoServer SDK
      • CryptoScript SDK
    • HSM simulators
      • Block-safe HSM simulator
      • CryptoServer CP5 simulator (eIDAS & CC)
      • SecurityServer simulator
      • Q-safe HSM simulator
    • form factor
      • LAN appliance
      • PCIe card
      • cloud, “HSM as a Service”
    • KeyBRIDGE
      • KeyBRIDGE POI
      • KeyBRIDGE RKD
      • KeyBRIDGE eKMS
      • TokenBRIDGE™
    • u.trust Anchor
      • u.trust Anchor CSAR
      • u.trust Anchor High Performance HSM
  • services
    • consultancy
      • PQC consultancy
    • support
    • managed services
      • Key Exchange & Escrow Service (KEES™)
    • professional services
    • Utimaco Academy
  • blog
  • downloads
    • brochures
    • data sheets
    • case studies
    • white papers
    • webinars
    • e-books
      • PQC for Dummies e-book
      • HSM for Dummies e-book
    • Utimaco Portal
      • integration guides
      • knowledge base
  • partners
    • Partner Program
      • technology partner
    • Partner Locator
  • company
    • about Utimaco
      • legal
      • terms & conditions
      • privacy
        • cookie-policy
    • locations
    • news
      • newsletter
    • events
    • contact
    • careers
    • investors
    • utimaco management
    • business ethics
    • memberships and certifications
    • engagement in research

Home / solutions / compliance / compliance & standardization / eIDAS

eIDAS

On July 1st 2016, the electronic identification and trust services regulation, more commonly known as eIDAS, replaced the 17-year old eSignature Directive 1999/93/EC and became directly applicable in 28 EU member states. As an HSM manufacturer, Utimaco is at the forefront of defining related technical requirements and achieves conformity with eIDAS requirements.

Utimaco compliance

eIDAS – EU regulation on electronic identification and trust services

Hardware Security Modules as Root of Trust for trust service providers

The eIDAS regulation is meant to boost economic growth by encouraging trust in the digital world and the European digital single market. Transparency and the highest security standards are at the basis of creating such a trusted environment. As an HSM manufacturer, Utimaco is at the forefront of defining the related security requirements. The CryptoServer Se-Series Gen2 achieves conformity with eIDAS via a Common Criteria certification acc. EN 419221-5.

Listen to Alexander Eßer from Bank-Verlag speak about Bank-Verlag as a Trust Service Provider (TSP), regulatory requirements set forward by eIDAS to offer qualified signatures and the role of cryptography and Utimaco HSMs.

Challenges addressed by eIDAS

Adopted in July 2016, EU Regulation N°910/2014 on electronic identification (eID) and trust services (eTS) set a milestone for access to public services and secure online transactions across EU state borders. At the core of the so-called eIDAS regulation, electronic interactions between citizens, businesses (especially SMEs) and public authorities shall be facilitated. Major challenges that the regulation addresses mainly derive from trust services previously regulated on a national level. The preceding EU eSignature Directive focused on certificates for electronic signatures only. This created systems with numerous differences in compliance requirements, legal status and validity of trust services.

Electronic trust services across borders consist of [acc. eIDAS Art. 3 (16)]:

  • “the creation, verification, and validation of electronic signatures, electronic seals or electronic timestamps, electronic registered delivery services and certificates related to these services, or
  • the creation, verification and validation of certificates for website authentication, or
  • the preservation of electronic signatures, seals or certificates related to these services.”

For the future, common technical standards, as well as data protection and privacy standards are key to ensuring a transparent and sufficiently secure environment for online transactions across borders.

The role of a Hardware Security Module for trust service providers

For the secure execution of their operations and services, trust service providers can rely on cryptographic modules to be used as qualified electronic signature creation devices, such as smart cards or Hardware Security Modules (HSMs). “Conformity of qualified electronic signature creation devices with [EU] requirements […] shall be certified by appropriate public or private bodies designated by Member States” (acc. eIDAS Art. 30 & 31).

At this point in time, the definition of the detailed technical requirements is still in progress (see current requirements in the information box below). The Common Criteria Protection Profiles EN 419221-5 “Cryptographic Modules for Trust Services” and EN 419241-2 “Protection Profile for QSCD for Server Signing” – which mandates a cryptographic module certified to EN 419221-5 – play a major role in fulfilling these requirements.

As an HSM manufacturer, Utimaco is at the forefront of

  • defining these technical requirements by participating in the working group CEN TC 224 WG17 and thus
  • achieves conformity with eIDAS requirements.

The Common Criteria certification for Utimaco CryptoServer Se-Series Gen2 acc. EN 419221-5 anticipates the upcoming regulatory changes as well as related partner and customer requirements.

Want to know what eIDAS is, why it is important and understand the timeline of implementation? Take a look at our blog post.

Requirements for qualified electronic signature creation devices [acc. eIDAS Annex II]

  1. Qualified electronic signature creation devices shall ensure, by appropriate technical and procedural means, that at least:
    1. the confidentiality of the electronic signature creation data used for electronic signature creation is reasonably assured;
    2. the electronic signature creation data used for electronic signature creation can practically occur only once;
    3. the electronic signature creation data used for electronic signature creation cannot, with reasonable assurance, be derived and the electronic signature is reliably protected against forgery using currently available technology;
    4. the electronic signature creation data used for electronic signature creation can be reliably protected by the legitimate signatory against use by others.
  2. Qualified electronic signature creation devices shall not alter the data to be signed or prevent such data from being presented to the signatory prior to signing.
  3. Generating or managing electronic signature creation data on behalf of the signatory may only be done by a qualified trust service provider.
  4. Without prejudice to point (d) of point 1, qualified trust service providers managing electronic signature creation data on behalf of the signatory may duplicate the electronic signature creation data only for back-up purposes provided the following requirements are met:
    1. the security of the duplicated datasets must be at the same level as for the original datasets;
    2. the number of duplicated datasets shall not exceed the minimum needed to ensure continuity of the service.
eIDAS infographic

Source: European Commission, eIDAS infographic 2016

 

/ Free CryptoServer CP5 simulator available for evaluation and integration testing!

CryptoServer CP5 simulator (eIDAS & CC)

Free CryptoServer CP5 simulator available for evaluation and integration testing! Register and try our free HSM simulator

Try our free HSM simulator

/ Protecting digital identities for banks, financial institutions, and other digital service providers

Halcom – Protecting Qualified Digital Certificates with Utimaco HSMs

The motivation: protecting digital identities for banks, financial institutions, and other digital service providers. In order to exist in today's digital world, we all need our own digital identity.

Read more

/ The eIDAS-compliant CC-certified Hardware Security Module

Datasheet: Utimaco CryptoServer CP5

The Utimaco CryptoServer CP5 supports Trust Service Providers (TSPs) in fulfilling policy and security requirements defined in various ETSI technical standards (ETSI EN 319 401, EN 319 411, EN 319 421).

More information

Stay on top of our news
Don’t miss out on any Utimaco updates

Subscribe to Utimaco Newsletter

We will keep you posted with news from Utimaco and the industries we protect, as well as information on upcoming events and webinars.

Subscribe now

Partners

Primekey Solutions AB PETA (Thailand) Co., Ltd. Fortiedge Pte Ltd. Thomas-Krenn.AG Cryptomathic A/S PKI Solutions Inc. MTG - Utimaco Hardware Security Modules Partner Astel (UK) Ltd. - Utimaco Hardware Security Modules Partner Perceptus-sp.-z-o.-o. Cryptomathic Inc. Utimaco HSM - InfoGuard Swiss Cyber Security cv cryptovision GmbH PrimeKey Labs GmbH Ascertia - Utimaco Hardware Security Modules Partner Utimaco HSM - QuintessenceLabs Safesoft Kft. intarsys AG Synergy Computers (Pvt.) Ltd. - Utimaco Hardware Security Modules Partner Baas Control s.r.o. E-Sign S.A. Nexus - Utimaco Hardware Security Modules Partner IQuantics Corp Altacom UAB CREAplus Italia S.r.l EUROPEAN DYNAMICS SA. Real security d.o.o. CewTec S.A. Nexus - Utimaco Hardware Security Modules Partner Cogito Group Pty Ltd Abrantix AG CREA plus d.o.o. Cryptomathic GmbH Rohde & Schwarz Cybersecurity GmbH Telegrupp AS Versasec Cyber Armor Pte Ltd Skytech Computing Solutions Limited. - Utimaco Hardware Security Modules Partner AKEA S.A. - Utimaco Hardware Security Modules Partner CEGA Security Throughwave (Thailand) Co.,Ltd - Utimaco Hardware Security Modules Partner JJNet International Co., Limited - Utimaco Hardware Security Modules Partner Clearkey Consulting - Utimaco Hardware Security Modules Partner CertiSur S.A. Encryption Consulting LLC ESYSCO Sp. z o.o. Microexpert Limited Nexus Technology GmbH Secure Source Distribution (M) Sdn Bhd - Utimaco Hardware Security Modules Partner Compumatica secure networks B.V. Utimaco HSM - PTESA_profesionales en transacciones electronicas Envoy Data Corporation - Utimaco Hardware Security Modules Partner MIcrosec MALKOM D.Malińska i Wspólnicy s.j. Macroseguridad SecureMetric Technology Sdn. Bhd. Komar Consulting Inc. - Utimaco Hardware Security Modules Partner Softline Solutions GmbH Fornetix - Utimaco Hardware Security Modules Partner VAR Group SpA - Utimaco Hardware Security Modules Partner Compumatica secure networks GmbH
Find a partner

Share this page

EMEA

Utimaco IS GmbH
Germanusstraße 4
52080 Aachen
Germany
Phone: + 49 241 1696 200

Americas

Utimaco Inc.
900 E Hamilton Ave., Suite 400
Campbell, CA 95008
USA
Phone: +1 844 UTIMACO

APAC

Utimaco IS Pte Limited
80 Raffles Place,
#32-01, UOB Plaza
Singapore 048624
Phone: +65 6622 5347

Utimaco

  • support
  • corporate
  • careers
  • legal
  • terms & conditions
  • privacy
  • cookie-policy
© 2021
to top
  • home
  • solutions
    • industries
      • banking and financial services
        • acquirer
        • card scheme
        • issuer
        • hsm-as-a-service
      • government
        • federal government
      • cloud
        • cloud-based innovation
        • multi-cloud agility
      • connected car (V2V)
      • automotive solutions
      • road infrastructure (V2I), toll collection & ITS
      • industrial IoT & manufacturing
      • energy & utilities
      • lottery & gaming
      • media & entertainment
      • telecommunications
    • applications
      • authentication
      • blockchain
      • code signing
      • database encryption
      • document signing
      • key injection
      • post-quantum crypto agility
      • public key infrastructure (PKI)
        • EJBCA
      • random number generator (RNG)
    • compliance
      • certifications & approvals
        • Common Criteria (CC)
        • FIPS 140-2
      • compliance & standardization
        • FISMA, FedRAMP, and FICAM
        • Certificate Policy of the Smart Metering PKI
        • eIDAS
        • GDPR
        • PCI DSS
        • Privacy Shield
  • products
    • general purpose HSM
      • SecurityServer Se Gen2
      • SecurityServer CSe
      • Block-safe
      • CryptoServer CP5 (eIDAS & CC)
      • CryptoServer Cloud
      • TimestampServer
      • Q-safe
    • payment HSM
      • Atalla AT1000
      • PaymentServer Se Gen2
      • PaymentServer CSe
      • Secure Configuration Assistance (SCA)
      • QuickStart Services
      • u.cloud – Atalla PaymentHSMaaS
      • u.trust 360
    • key management
      • Enterprise Key Management
    • Software Development Kit (SDK)
      • CryptoServer SDK
      • CryptoScript SDK
    • HSM simulators
      • Block-safe HSM simulator
      • CryptoServer CP5 simulator (eIDAS & CC)
      • SecurityServer simulator
      • Q-safe HSM simulator
    • form factor
      • LAN appliance
      • PCIe card
      • cloud, “HSM as a Service”
    • KeyBRIDGE
      • KeyBRIDGE POI
      • KeyBRIDGE RKD
      • KeyBRIDGE eKMS
      • TokenBRIDGE™
    • u.trust Anchor
      • u.trust Anchor CSAR
      • u.trust Anchor High Performance HSM
  • services
    • consultancy
      • PQC consultancy
    • support
    • managed services
      • Key Exchange & Escrow Service (KEES™)
    • professional services
    • Utimaco Academy
  • blog
  • downloads
    • brochures
    • data sheets
    • case studies
    • white papers
    • webinars
    • e-books
      • PQC for Dummies e-book
      • HSM for Dummies e-book
    • Utimaco Portal
      • integration guides
      • knowledge base
  • partners
    • Partner Program
      • technology partner
    • Partner Locator
  • company
    • about Utimaco
      • legal
      • terms & conditions
      • privacy
        • cookie-policy
    • locations
    • news
      • newsletter
    • events
    • contact
    • careers
    • investors
    • utimaco management
    • business ethics
    • memberships and certifications
    • engagement in research