PKI infrastructure for qualified electronic signing
Chancellery of the National Council of the Slovak Republic
Certified Remote Sign
System for Electronic Signature as a Service
Qualified electronic signature from anywhere and on any device
Read more
Electronic signature, seal and time stamp. All in one on your servers.
A convenient solution for electronic document operations, built inside your infrastructure, which meets EU certifications.
Certification
The system is certified for creating the highest level of electronic signatures according to the European eIDAS Regulation.
Value added
An organization can become a signature provider for other organizations (subordinate authorities, branches, customers…).
Security
The system is built inside the organization, no documents leave its internal perimeter.
Electronic signature as a service – secure and according to eIDAS
More and more organizations prefer to create electronic signatures as a remote service (sending a document to an external system). This eliminates the use of devices with a stored certificate (smart card), the signature is available from anywhere, it also works in a mobile phone and allows central management of all certificates.
The problem is the highest level of signature, the so-called qualified electronic signature. This is regulated by the European eIDAS Regulation and must meet the SCAL2 inspection assurance level.
Another issue is security. This means that the document must be sent outside the organization and then received back.
Our Remote Sign system solves both of these problems. It is installed directly inside the organization as an on-premise, including all the necessary components.
System architecture
Key usage scenarios
- Qualified electronic signature of documents from anywhere (according to the eIDAS regulation)
- Qualified electronic seal from anywhere (similar to an electronic signature for legal entities)
- Issuance of a qualified time stamp (proves the specific time of the document’s creation, e.g. accounting documents)
- Possibility of integration with existing applications or filing service
- The organization itself can be an electronic signature provider for subordinate or external entities
User first
From the user’s point of view, working with the document is as easy as possible. Signing takes place in the web interface, where the required file is loaded. Signature authorization is performed in the ProID mobile application or using an assigned chip card. The ProID app is freely available for both Android and iOS. Documents can also be signed directly from your mobile phone.
Certified SAM module for secure cryptographic operations
Our SAM module has undergone rigorous certification and is placed on the EU Trusted List – Qualified Signature and Seal Creation Device (QSCD) Monet+ ProID SAM for remote electronic signing and sealing
The core of our solution is our own, certified SAM (Signature Activation Module). It performs several important functions:
- Generates a signing key
- Activates the signing key inside the cryptographic module
- Creates a signature on behalf of the signer
- Verifies that Signature Activation Data (SAD) authorization is correct
Standalone Signer Server
Signer Server is a standalone component that creates different kinds and formats of electronic signatures. It is located between the user who wants to sign the document and the physical server where the cryptographic keys are stored. To electronically sign a document, the Signer Server asks the physical server (SAM module) for a certificate for the signer. It then creates electronic signatures in the required formats (according to EN 319 102-1).
SAM module diagram
Our projects
Learn more
PKI system and smart cards for employee authentication
Czech Social Security Administration
Are you interested in our solution? Contact us
