CERTIFICATIONS

Qualified Trust Service Provider (QTSP) under eIDAS

certSIGN has successfully passed the eIDAS-compliance audit (EU Regulation 910/2014), is recognized as a Qualified Trust Service Provider (QTSP) and is included in the European Trusted List with a number of services compliant with the European legislation

· Qualified certificates for electronic signature; 

· Qualified certificates for electronic seal; 

· Qualified SSL EV certificates for website authentication; 

· Qualified electronic time stamp. 

Check certSIGN in European Trusted List of Trust Service Providers HERE!

Qualified Signature and Seal Creation Device (QSCD) under eIDAS

Since May 2019, certSIGN is the first company in Romania and one of the few at European level to provide qualified remote signature certified as QSCD in accordance with the eIDAS Regulation.

Following a successful audit conducted by the Secure Information Technology Center in Austria (A-SIT), the certSIGN "Paperless" Remote Qualified Electronic Signature and Remote Electronic Seal system has been certified as Qualified Signature and Seal Creation Device.

Check certSIGN’s QSCD certification HERE!

National certifications

Legislative acts issued by the Romanian Ministry of Communications and Information Society (MCSI) and the Ministry for Transport, Infrastructure & Communications (MT) regarding certSIGN’s accreditation as Qualified Trust Service Provider for the following services:

· Qualified certificates for electronic signature (MCSI Regulation no. 948/2019)

· Qualified certificates for electronic seal (MCSI Regulation no. 949/2019)

· Qualified SSL EV certificates for website authentication (MT Regulation no. 151/2019)

· Qualified electronic time stamp (MCSI Regulation no. 950/2019).

Check MCSI and MT Regulations regarding certSIGN’s qualified trust services HERE!

WebTrust for CA

Another important recognition received by certSIGN as a Qualified Trust Service Provider is the WebTrust for CA audit compliance:

· Standard Audit - certSIGN - Webtrust CA Report 2019 

· BR Audit - certSIGN - Webtrust CA SSL Report 2019 

· EV SSL Audit - certSIGN - Webtrust CA SSL EV Report 2019 

Check certSIGN’s 2019 Webtrust CA Audit Reports HERE!

PSD2

certSIGN is a Qualified Trust Service Provider (QTSP) and provides PSD2-specific Qualified Seal and Web Server Authentication Certificates (for test and production phases) for Financial Institutions (Account Servicing Payment Service Providers - ASPSP) and Third-Party Financial Service Providers (TPP) that meet the eIDAS and PSD2 requirements.

certSIGN issues certificates as specified in the „PSD2 Regulatory Technical Standards (RTS) for strong customer authentication and common and secure open standards of communication”, according to the ETSI TS 119 495 standard.

certSIGN is currently the only Romanian provider listed in the EU Trusted List as a Qualified Trust Service Provider authorized to issue QWACs and QSEALs and among the few European QTSPs issuing PSD2 compliant certificates.

Check certSIGN in the list of QTSPs supplying PSD2 compliant Qualified certificates HERE!

NATO-approved PKI applications

certSAFE and shellSAFE PKI applications developed by certSIGN are accredited for the protection of classified information and included in the:

· NATO Catalogue (NIAPC - NATO Information Assurance Product Catalogue);

· INFOSEC National Catalog with packages, products and protection profiles published by the Romanian National Security Agency (ORNISS).

Check certSAFE & shellSAFE in NIAPC HERE & in INFOSEC HERE!
 

CSIRT Services - Accredited Trusted Introducer

Operating its own security operations center (SOC) and providing Managed Security Services (MSSP), certSIGN has a strong knowledge on the cyber environment and cyber security solutions working with various clients from industry and public administration. 

certSIGN offers Cyber security consultancy services and development of highly secure and resilient information systems both to conduct daily business and to protect the critical systems of key customers from national defense and homeland security, banking and telecom. 

certSIGN CyberSecurity Business Unit (and CSIRT team, formalized as UTI CERT) was established in June 2014 and began accreditation procedures for the Trusted Introducer (TI) program in January 2015. Since February 2015, UTI CERT is an TI accredited team.

Check certSIGN’s TF-CSIRT Trusted Introducer accreditation HERE!

Participation in standardization committees

ETSI (European Telecommunications Standards Institute) - certSIGN contributes to the development of IT and telecommunications standards, as an official member of the European Telecommunications Standardization Institute (ETSI). Our company is included in the standardization work of TC ESI (Electronic Signatures and Infrastructures) and TC Cyber (Cybersecurity) technical committees.

Check the ETSI membership of certSIGN HERE!

CSC (Cloud Signature Consortium) – certSIGN is one of the CSC member organizations committed to building a new standard for cloud-based digital signatures that will support web and mobile applications and comply with the most demanding electronic signature regulations in the world. The goal is to provide a common technical specification that will make solutions interoperable and suitable for uniform adoption in the global market.

Check the CSC membership of certSIGN HERE!

Involvement in international working groups

OBE (Open Banking Europe) – certSIGN, as QTSP, is part of the international working group Open Banking Europe, a PRETA initiative launched in June 2017 with the aim of fostering innovation, competition and efficiency to increase consumer choice and enhance security for online payments in the EU. Open Banking Europe brings market players together to turn regulatory requirements into operational reality. To this end, OBE is working on providing the industry with PSD2 directory services.

Check the OBE membership of certSIGN HERE!

CORTE (Confederation of Organisations in Road Transport Enforcement CORTE) – certSIGN is part of the Confederation of Organisations in Road Transport Enforcement (CORTE), one of the largest and most knowledgeable road transport platforms at international level. CORTE is a non-profit organization established to bring together national transport authorities from European and non EU countries having a responsibility and interest in the field of road transport, road security and road safety. National authorities in CORTE collaborate with transport associations and the transport industry.

Check the CORTE membership of certSIGN HERE!