In order to ensure transparency and veracity of the electronically signed, sealed and time-stamped documents, a detailed validation of the services to ensure compliance with the regulating standards is highly essential.
TRAIBCERT, an accredited testing and certification body, support trust service providers in the planning or further development of their services, as well as in the testing and even certification under eIDAS, ETSI regulations. Our solution is based on services for creation and verification of documents with electronic signature or seal including time stamp which covers a wide range of standard formats including support for long-term formats of the extended electronic signature (AdES) pursuant to existing standards and regulations.
The major aspect behind the verification and validation of the E-Signature, seals & Timestamps is to secure communications and protect the individual. For an electronic document and its transfer to be trusted, the:
- dentity of the sender and recipient must be established,
- Integrity of the communication itself guaranteed,
- Level of assurance determined as specified by the applicable trust protection and security regulations.
Adding a trusted timestamp to code or an electronic signature provides a digital seal of data integrity and a trusted date and time of when the transaction took place.
TRAIBCERT, as a testing and certification body, utilizes national statutory requirements and regulation and checks for its compliance. During the test for a qualified trust service certification phase, IT security experts from TRAIBCERT follow a systematic approach to ensure compliance with the national and international standards towards the preparation of certificates for electronic signatures or seals. The major advantage for our clients is the availability of constant consultation with our experts after each concluded phase, whether in the project or during the audits.
The major objectives of our Validation services in accordance to the eIDAS-Regulationare to ensure the following requirements that:
- they are provided by one or more qualified trust service provider(s);
- they ensure with a high level of confidence the identification of the sender;
- they ensure the identification of the addressee before the delivery of the data;
- the sending and receiving of data is secured by an advanced electronic signature or an advanced electronic seal of a qualified trust service provider in such a manner as to preclude the possibility of the data being changed undetectably;
- any change of the data needed for the purpose of sending or receiving the data is clearly indicated to the sender and addressee of the data;
- the date and time of sending, receiving and any change of data are indicated by a qualified electronic time stamp.”
Traibcert's Trust Services Validation service helps organizations to reduce potential liability associated with time-sensitive transactions by providing a long term validation and non-repudiation of the time and date the transaction took place using standards-based implementation that is easily recognizable and compatible. Thereby, recipients of the document can verify when the document or code was digitally or electronically signed, as well as verify that the document or code was not altered after the date the timestamp vouches for.
TRAIBCERT’s Route to Certification
TRAIBCERT, being an independent testing and certification body follows a unique and a systematic approach towards enabling our clients get certified for their service successfully. Our approach at a glance:
Conducting periodic discussions
- For better understanding of the service structure and areas of improvement required
- be clear about the test requirements and the possible modifications that needs to be implemented,for compliance
- to ensure everyone at the organization level understand the requirements and the resulting benefits of certification
Support project from scratch including
- Assessment of the Public Key Infrastructure (PKI) concept that is to be implemented
- Identification of possible areas of enhancements to be applied to process and documents via thorough gap analysis
Preliminary-audits by TRAIBCERT’s IT experts to
- Ensure process’s compliance and fulfillment with that of the regulating standards
- Detailed review of your certification practice statement and supporting documentation
- Assessment of the service implementation procedure on-site
- Identify, document and consult for improvements of any outstanding issues to fulfill standard’s requirements
On-site audit to review the processes and technical systems implemented
- assessment of organizational, technical, physical or structural security measures
- issue of an audit report (e.g. an eIDAS conformity assessment report)
- At the end of the assessment, if the industry leading experts and auditors from TRAIBCERT successfully identify that all criteria in relation to the standards and regulations are fulfilled, a certificate will be issued assuring our client’s compliance with the Trust Service standards.
At the end of the assessment, if the industry leading experts and auditors from TRAIBCERT successfully identify that all criteria in relation to the standards and regulations are fulfilled, a certificate will be issued assuring our client’s compliance with the Trust Service standards.
Key Aspects of OurValidation Services
- Support for relational databases for audit and metadata administration purposes – Oracle, MS SQL Server, MySQL
- Support for standard interfaces and protocols
- Strict separation of roles assuring separation of infrastructure administration from the actual security mechanisms
Integration of services of trustworthy third parties (internal and external) – certification authorities, validation authorities, time stamp providers
The TRAIBCERT Advantage
With TRAIBCERT as a partner for all your Trust Service validation and certification needs the key benefits which we will offer for you to enjoy are:
- Minimize unprofitable investments through our systematic approach
- Cost reduction through effective gap analysis
- Targeted project implementation regarding your budget, schedule and standard specifications
- Detailed assessments report for conformity under eIDAS regulation
- Prerequisite for approval as a qualified trust service provider andfor presentation to the responsible regulatory body
- Verify that legislation and legal requirements are fulfilled, where these derive from the corresponding requirements
- Assess that your security measures are applied in a targeted, effective and sustainable manner
- Audit and Certification by a trusted partner