Gemalto is now part of the Thales Group, find out more.
연락처

eIDAS Regulation

EU Flag Banner - eIDAS Regulation

 

What is eIDAS?

eIDAS is the European Regulation for the electronic identification and trust services for electronic transactions.  The new Regulation on Electronic Identification and Trust Services for Electronic Transactions in the Internal Market (referred to as the eIDAS - electronic IDentification and Authentication Services) was published as  Regulation (EU) No 910/2014 on 28 August 2014. Most of its provisions took effect July 1, 2016, and repeals the existing eSignatures Directive. 

Because it is a regulation and not merely a directive (as was predecessor eSignatures), eIDAS is not open to interpretation and represents European Union law.  eIDAS was developed to ensure the ability to safely conduct electronic transactions online when dealing with businesses or public services, allowing both the signatory and the recipient a higher level of convenience and security. 

What is regulated?

eIDAS mandates two primary codes of practice

Interoperability of government issued ID: this section of the eIDAS mandates EU Member States to mutually recognize each other’s electronic identification (eID) systems when accessing online services.  This cross-border recognition makes eID from any EU Member State interoperable between all other Member States. Although this is a mandate for the public sector, the private sector will follow suit if it indeed proves to make business transactions easier, faster and cheaper and truly opens up business opportunities across borders.

Single Digital Market:  While the eSignatures directive guaranteed the admissibility of electronic signatures, eIDAS will go a step further in defining and providing requirements associated with Trust Services to ensure the security of electronic transactions.  With eIDAS, Electronic Trust Services (eTS), including electronic signatures, electronic seals, time stamps, electronic registered delivery service and website authentication, will work across borders and will have the same legal status as paper-based processes.  The goal here is to increase confidence in the safety and reliability of digital transactions, which will lead to growing adoption and usage. 

eIDAS and Electronic Signature

eIDAS recognizes electronic signatures as legally binding and identifies different levels of electronic signature.

  • Electronic Signatures—are basic signatures in electronic form.  With eIDAS, eSignatures are recognized legally and can’t be denied legal acceptance because they are digital.
  • Advanced Electronic Signatures (AdES)—require a higher level of security typically met with certificate-based digital IDs.  AdES must be uniquely linked to the signatory, can authenticate the signer and the document, and enable the verification of the integrity of the signed agreement.
  • Qualified Electronic Signatures (QES)—also must be uniquely linked to the signatory, but are further required to be based on qualified certificates.  Qualified certificates can only be issued by a certificate authority (CA) accredited and supervised by authorities designated by EU Member States. Qualified certificates must also be stored on a qualified signature creation device (QSCD), such as a USB token, smart card or a cloud-based hardware security module (HSM). In order to provide qualified eSignature services, a trust service provider must be granted qualified status.

How to Prove Digital Signature Compliance with eIDAS

Common Criteria is an international set of guidelines and specifications for evaluating information security products, specifically to ensure they meet an agreed-upon security standard for government deployments.  Common Criteria (CC) certification is a pre-requisite for qualified digital signatures under the eIDAS Regulation. 

  • Gemalto’s IDPrime MD 840 and IDPrime MD 3840 smart cards are both CC EAL5+ / PP Java Card certified for the Java platform and CC EAL5+ / PP QSCD certified for the combination of Java platform plus PKI applet. The CC EAL5+ / PP QSCD certification is based on the Protection Profiles EN 419211 part 1 to 6, as mandated by eIDAS Regulation.

 

eIDAS Resources

eIDAS Regulation – Fact Sheet

eIDAS Regulation – Fact Sheet

A very important part of eIDAS is to regulate electronic signature and ensure safe transactions online. By providing qualified electronic signature, Trust Service Providers allow both signatory and recipient a higher level of convenience and security. Use this guide to understand and navigate the regulation goals and benefits.

Get the Facts on the eIDAS Regulation

eIDAS Regulation Reference Guide

요청 정보

 

당사의 제품에 관심을 보여주셔서 감사합니다. 해당 항목들을 기재해주시면 Gemalto 에 대한 상세 자료나 Gemalto 전문가가 연락드리겠습니다.

 

개인 정보

* 이메일 주소:  
* 이름:  
* 성:  
* 회사:  
* 전화:  
* 국가:  
* State (US Only):  
* Province (Canada/Australia Only):  
* 시:  
내용:  
 

우리의 개인정보 보호 준칙에 기술되는 있는 바와 같이 다운로드를 클릭함은 젬알토로부터 이메일 수신을 동의한 것으로 인정됩니다.