Being the pioneer in Mobile Signature Systems with the Kiuru product family, Methics is the only PKI solution provider in the world which provides three wireless PKI clients i.e SIM card applet, eSIM applet and remote signing smartphone app by using same open standard server products. Today we can happily announce our remote signing solution have been successfully certified for Common Criteria Standards EAL 4+ by EN 419241-2:2019 and ISO 15408.
When using SIM applet user has a natural exclusive control over the SIM card and signing keys in the card. New EU eIDAS regulation (910/2014) enables remote signing, where user’s signing key is securely held under user’s control and signature operations are done in a hardware security module.
The implementation of the sole control in remote signing environment required development of:
i) Signature Activation Module (Kiuru SAM), which enforces authorized signer’s use of its key for signing by using a signature activation protocol (SAP) and
ii) Smartphone app (Alauda PBY) which is a Qualified Signature Creation Devices (QSCD) to manage the protection of user’s signing key and signing process.
These new products enable remote signing, which is compliant with eIDAS standards (EN 419 241-1 and EN 419 241-2). In this way an electronic signature creation data can be managed remotely by a trust service provider on behalf of the signatory. Additionally, it is of great importance to have a certification for the remote signing solution. Therefore, we reached out to one of the top rated certification organization Tayllorcox (auditor) for our Remote-Signing solution audit and certification.
After several months documentation and testing work we had auditing sessions together with the auditor to meet the strict conformance requirements of the Protection Profile for QSCD for Server Signing (EN 419241-2). Today we can happily announce our remote signing solution have been successfully certified for Common Criteria Standards EAL 4+ by EN 419241-2:2019 and ISO 15408.
Nowadays, Methics has already deployed several certified solutions, and our local signing deployments have also been certified in accordance with ETSI TS 102 204.
Feel free to get in touch with us if you want a user-friendly software for your TSP, implement authentication/sign in service, document signing solution, or want to increase your user adoption of PKI services.