The 2014 EU Regulation on “electronic identification and trust services for electronic transactions in the internal market” (eIDAS) adopted by the European Parliament on 3 April 2014 aims to enhance and broaden the scope of Directive 1999/93/EC of the European Parliament and of the Council, which will be repealed as of 1 July 2016.
This new Regulation aims to improve the trust in electronic transactions in the European Union by providing a framework for regulating the secure interactions taking place between businesses, citizens, public authorities and private organizations.
The eIDAS Regulation contributes to the single digital market by creating the right conditions for the mutual recognition of cross-border online services emphasizing, in particular, secure electronic authentication and identification, trust services and the interoperability of eGovernment services between EU member states.
Safelayer's PKI platform, KeyOne, is a credential management solution for citizens (eID citizen) and corporate environments. Based on PKI (public key infrastructure) technology, KeyOne is a proven solution that provides digital certificate management functions with the maximum security and trust. It facilitates compliance with the European Committee for Standardization's (CEN) Security Requirements for Trustworthy Systems Managing Certificates for Electronic Signatures CWA 14167-1 (*), is Common Criteria EAL4+ certified and facilitates adaptation to the requirements for CSPs issuing recognized certificates (Annexes I, III and IV of the eIDAS Regulation).
Safelayer's MobileID solution provides an authentication method for mobile devices based on certificates that facilitates compliance with the provisions on authentication set out in the eIDAS framework. KeyOne's solution also enables managing the registration of the certificates for iPhone and Android mobile devices, which enhances access-control security for corporate resources.
On the other hand, TrustedX is a trust services suite that facilitates compliance with the eIDAS European regulatory framework, and, therefore, the resulting legislation passed in member states, for eSignature generation and verification services. TrustedX is based on PKI technology and digital certificates, which means that as well as the electronic signature, it also supports deploying other typical security services, including strong authentication and data encryption. The TrustedX platform manages signature processes in the client and on the server, both concepts provided for in the eIDAS Regulation.
One of the pillars of the eIDAS Regulation is the authentication process. Safelayer's Adaptive Authentication solution is in line with the eIDAS Regulation and supports combining different authentication methods to provide the right balance between security, cost and ease-of-use in each case. This solution uses different factors in each case depending on system parameters, the context and user behavior.
(*) CWA 14167-1: Security Requirements for Trustworthy Systems Managing Certificates for Electronic Signatures — Part 1: System Security Requirements