Entrust has announced that it has successfully completed Common Criteria evaluation of its Remote Qualified Signature Creation Device (QSCD), to build an eIDAS-compliant solution that combines nShield Hardware Security Modules (HSMs) and the Entrust Signature Activation Module (SAM).
With publication of the final certification expected in March 2022, this solution provides a highly secure platform for the creation of qualified cloud signature and seal services. This enables Trust Service Providers (TSPs) the capability to provide eIDAS-compliant remote signing for their customers. As organizations globally are rapidly seeking ways to enable digital workflows that meet the highest standards for confidence, trust, and compliance, the new Entrust solution delivers easy application integration in a scalable architecture that can cater to different capacity demands. Furthermore, the Remote Signing Solution integrates and supports external identity providers and doesn’t require any changes to an organization’s signing application structure.
The Entrust SAM is a crucial security component of an eIDAS-compliant digital signing service: it ensures that signers keep sole control of their signing keys. The Entrust SAM runs in the tamper-protected environment of the QSCD enabled by the already Common Criteria certified Entrust nShield Connect XC or Solo XC. All signature requests to the nShield XC HSMs go through the SAM first, where it verifies and authorises the signing process.
“The Entrust SAM software on top of the highly reliable nShield HSM has enabled us to build a cloud signature platform fully compliant with eIDAS and national requirements, allowing our development teams to focus on added value and not product certification,” said Pere Barba, CTO at Vintegris.
“We have developed an integration with Entrust SAM and nShield HSM with our remote signing solution that together forms the Type II QSCD. In collaboration with the Entrust team, we have achieved great results with the overall performance. We are excited about its flexibility and transparency. The remote signing solution can be deployed by anyone interested in advanced or qualified infrastructure,” added Roman Cinkais, CEO of 3Key Company.
“Entrust offers a broad portfolio of certified products and services that help enterprises, government institutions, and qualified trust service providers to quickly deploy compliant services,” said Willem-Jan Bruin, Director of Business Development at Entrust. “The nShield XC HSMs have completed the Common Criteria EAL4+ certification to establish a strong root of trust that anchors the security for signing and sealing applications. In addition, the Entrust SAM has achieved eIDAS QSCD certification (CEN EN 419 241-2) in combination with the nShield Connect XC and nShield Solo XC HSMs. The completion of the Common Criteria evaluation for the QSCD builds on this foundation to ensure full regulatory compliance.”
The Entrust Remote QSCD is a logical step in Entrust’s long-term strategy to serve TSPs and Signing System Integrators globally. Through developments like this, Entrust continues to invest in its portfolio, services, and partners, enabling the digital transformation, and protecting the identity and critical data of people, enterprises, governments and (IoT) devices.