Trust service providers (TSPs) that provide certificates for electronic signatures and seals and the associated services are subject to extensive statutory and technical requirements.

As an accredited testing and certification body, TÜViT supports trust service providers, from the planning of their services to the necessary tests and certification.


Certifications for providers of services such as electronic signatures or seals

Services such as electronic signatures or seals can be considered within the framework of an independent test, and various trust service providers can then integrate them into their services in a modular manner. The provider receives a corresponding test report, which indicates the conformity of their services to the specifications of a certain standard. The certification then typically takes place together with the trust service that utilizes the module with the service.

As modular services, virtually all sub-processes of a trust service can be considered separately and covered by their own test report – they are thus ready for use by trust service providers.

Typical services include

  • identification services such as electronic signatures and seals, archiving services
  • call center services

Our approach

As a testing and certification basis, we utilize national statutory requirements (e.g. the German Digital Signature Act), European legal standards (eIDAS) or exclusively technical and organizational requirements (ETSI, WebTrust for CA).

Our IT security experts apply an agile approach during the project, test and certification. You thus have the opportunity after each concluded phase, whether in the project or during the audits, to consult our experts. This allows the risk of unprofitable investments to be reduced.  

During the test for a qualified trust service, for example, the following standards would apply to the preparation of certificates for electronic signatures or seals in accordance with eIDAS:

  • legal standards: eIDAS or local legislation, e.g. the Trust Services Act etc.
  • ETSI standards (- ETSI EN 319,411-2 and associated) or permitted alternative standards.

An eIDAS and ETSI certification can subsequently take place.

Our services at a glance

  •   conduct of workshops, one-day or multi-day
    • overview of test requirements and joint evaluation of the sub-requirements relevant to you
    • coordination of your detailed questions on standard requirements, on tests and certifications
  • project support according our agile approach
    • review of the PKI concept
    • gap analysis of documents or processes implemented
  • pre-audits
    • review of your documentation (typically of the certification practice statement, CPS) to check it fulfils standard requirements
    • review of your service implementation on-site
    • documentation of any outstanding issues
  • on-site audit to review the processes and technical systems implemented
    • assessment of organizational, technical, physical or structural security measures
  • issue of an audit report (e.g. an eIDAS conformity assessment report)
  • if all criteria are fulfilled, a certificate is issued and published on the TÜViT website

Your benefits at a glance

  • minimizing unprofitable investments through agile approach
  • cost reduction through gap analysis
  • targeted project implementation regarding your budget, schedule and standard specifications
  • for tests under eIDAS: Conformity assessment report
    • as a prerequisite for approval as a qualified trust service provider, and
    • for presentation to the responsible regulatory body
  • verification that legislation and legal requirements are fulfilled, where these derive from the corresponding requirements
  • verification that your security measures are applied in a targeted, effective and sustainable manner
  • audit and certification by the market leader: e.g. TÜViT has issued over 350 certificates under the German Digital Signature Act and eIDAS, and 150 for PKIs using other criteria, e.g. ETSI

TÜViT has been testing trust services and their products for 15 years.

Peter Kania

Sales & Account Manager eID & Trust Services

+49 201 8999-513
Fax : +49 201 8999-555

Matthias Wiedenhorst

Head of Certification Division Trust Service Provider

+49 201 8999-536
Fax : +49 201 8999-555

Further services

Website Authentication

Website Authentication

Servers and websites available on the internet must be clearly attributed to their operators if users are to trust them. The secure identification of websites and server systems on the internet takes place using electronic certificates.
Read more
Validation Services for Electronic Signatures, Seals and Timestamps

Validation Services for Electronic Signatures, Seals and Timestamps

Validation services are indispensable for assessing the correctness and integrity of electronically signed, sealed and timestamped documents. They review certificates in real time and ensure transparency.
Read more
Electronic Archives and Archiving Services

Electronic Archives and Archiving Services

Documents that are electronically signed or marked with a timestamp are subject to ageing, just like their hard copy counterparts. If the certificates or mathematical algorithms used there are no longer up to date, this results in them losing their value as evidence.
Read more
Electronic Identification (eID)

Electronic Identification (eID)

Electronic identification systems have the great advantage that they save companies time and expense, and significantly simplify communication for customers – provided that the systems work securely and that they are trustworthy.
Read more