The eIDAS Regulation on electronic identification and trust services for electronic transactions in the internal market is a milestone as it provides a predictable regulatory environment for electronic identification and trust services. It was established in EU Regulation № 910/2014 of 23 July 2014, which repeals Directive 1999/93/EC.
eIDAS determined standards for which electronic signatures, qualified digital certificates, electronic seals, timestamps and other proof for authentication mechanisms enable electronic transactions with the same legal standing as transactions performed on paper.
Provisions to trusts services are applicable directly in the 28 Member States since 1th of July 2016.
What is new?
The main changes introduced by eIDAS are the following:
- The eIDAS laid down a new legal and technical framework of remote qualified electronic signature.
- The eIDAS introduced the conformity assessment terminology in order to grant the fulfilment of the requirements for the qualified trust service providers in all Member States specified by eIDAS.
- New standards and regulations have been introduced in the electronic signature and other trust services area.
Commission Implementing Decision 2016/650, laid down standards for the security assessment of qualified signature and seal creation devices (QSCD) pursuant to Articles 30(3) and 39(2) of the Regulation. The Commission Implementing Decision 2016/650 specified the mandatory standards for the certification of QSCDs where the creation data is held in an entirely but not necessarily exclusively user-managed environment (e.g. smart cards, USB tokens) and - because the protection profiles/standards have not yet been defined for remote qualified electronic signatures (e.g HSM, signatory server) - laid down the framework for an alternative certification process.
What can CCLab offer? How can we be at your service?
Conformity assessment according to eIDAS for qualified trust service providers all over in the European Union.
Common Criteria Evaluation for qualified signature and seal creation devices (both client and server side) according to Commission Implementing Decision 2016/650.
Common Criteria Evaluation of the software environment of remote electronic qualified signature according to Commission Implementing Decision 2016/650.
The conformity assessment - in order to ensure the compliance of qualified trust service providers and the services they provide the requirements set out in eIDAS - should be carried out by a conformity assessment body and the resulting conformity assessment reports should be submitted by the qualified trust service providers to the supervisory body.
Are you looking for more? Contact us