eID & Trust Services
Assessment for Trust Service Providers against EU Regulation UE 910/2014
Take this
Take this
Official training of new requirements of eIDAS & ETSI standards
Take this
Qualified trust service providers, services and certified professionals
Take this
Accredited as competent to carry out conformity assessment of a qualified trust service provider & services it provides against the requirements of eIDAS Regulation (EU) 910/2014
General question
The eIDAS Regulation enables the use of electronic identification and trust services (i.e. electronic Signatures, Seals, Time Stamping, Registered electronic delivery and Website authentication) by citizens, businesses & public administrations to access on-line services or manage electronic transactions. It gives:
(1) An "eIDAS" accredited conformity assessment body assesses the conformity of the trust service provider and the qualified trust service it intends to provide with the applicable requirements of the Regulation.
(2) The trust service provider notifies the national supervisory body its intention to become qualified together with the conformity assessment report issued by the conformity assessment body.
The conformity assessment report must prove the compliance with the requirements of the Regulation, and not with standards. Standards might nevertheless be a tool used by trust service providers to demonstrate their compliance with the requirements of the Regulation.
(3) The supervisory body verifies whether or not the trust service provider and the qualified trust service it intends to provide meet the requirements of the Regulation in order to be granted the qualified status.
Upon positive verification, the qualified status is granted and the qualified trust service provider, together with the qualified trust service it provides, are added to the Trusted Lists that are established, published and maintained by Member States (therefore at national level, not at EU level).
Under eIDAS Regulation, national Trusted Lists have a constitutive effect. In other words, a provider / service will be qualified only if it appears in the Trusted Lists.
Consequently, the users (citizens, businesses or public administrations) will benefit from the legal effect associated with a given qualified trust service only if the latter is listed (as qualified) in the Trusted Lists.
From a legal point of view, both qualified and non-qualified trust services benefit from a non-discrimination clause as evidence in Courts. In other words, trust services cannot be discarded by the judge only on the ground that they are electronic.
However, because of the more stringent requirements applicable to qualified trust service providers, qualified trust services provide a stronger specific legal effect than non-qualified ones as well as a higher technical security. Qualified trust services therefore provide higher legal certainty and higher security of electronic transactions.