Safelayer develops solutions whose security excellence is evaluated by independent bodies. All Safelayer products obtain, among others, CC certification, the most representative of the sector.
Common Criteria (CC) is an international standard (ISO/IEC 15408) that defines criteria for assessing the security of IT products and/or systems.The CC certificate is the benchmark adopted by the ICT sector to provide the necessary and sufficient guarantees for quality and reliability. Safelayer products have the following levels of assurance:
- KeyOne PKI 4.0 (CA/XRA/VA) and KeyOne ePassport (CSCA/CVCA/DV) 4.0 with a CC EAL4+ (ALC_FLR.2) guarantee level in compliance with the security level 3 CIMC Protection Profile ("Certificate Issuing and Management Component", NIST). For more information: http://oc.ccn.cni.es/
- KeyOne 3.0 with a CC EAL4+ (ALC_FLR.2) guarantee level in compliance with the security level 3 CIMC Protection Profile ("Certificate Issuing and Management Component", NIST). For more information: https://oc.ccn.cni.es
- TrustedX 3.0 with a CC EAL4+ (ALC_FLR.2) guarantee level in compliance with the USA Government "US Government Family of Protection Profiles. Public Key-Enabled Applications For Basic Robustness Environments", USMC (United States Marine Corps). For more information: https://oc.ccn.cni.es
ISO 9001 regulations are international rules and guidelines for managing quality systems. Since their initial publication in 1987, they have achieved global recognition as the basis for establishing quality management systems.
Safelayer certifies its Quality Management System using the ISO standards. Safelayer currently has the ISO 9001:2008 certification stamp of quality for the design and development of security software and consulting and training services for integrating identity and trust management solutions.
The UNE 166002 "R&D&I Management: R&D&I Management System Requirements" standard sets out guidelines for effectively organizing and managing research, development and innovation activities based on tools such as the early identification of opportunities for technological evolution or the creativity maximisation applied to all company activities. The result is a highly effective and efficient R&D&I management system that guarantees excellence in the companies certified with this standard.
Safelayer has taken part since 2007 in the XAdES Remote Plugtest interoperability tests organized by the European Telecommunications Standards Institute (ETSI). The company also participated in the precursor to these tests run by the Next Generation Electronic Commerce Promotion Council of Japan (ECOM).
The Plugtest is organized by the European Telecommunications Standards Institute (ETSI) and represents an opportunity for developers of software products and services that implement the XAdES standard to demonstrate the quality of their solutions and implementations. In the 2011 edition, TrustedX's PAdES support was tested.