MENU
    1. Services
    2. eID & Trust Services
    3. Website Authentication

Servers and websites available on the internet must be clearly attributed to their operators if users are to trust them. The secure identification of websites and server systems on the internet takes place using electronic certificates.  

As an accredited testing and certification body, TÜViT supports trust service providers, from the planning of their services to the necessary tests and certification.  

 

Our approach

As a testing and certification basis, we utilise national statutory requirements (e.g. the Trust Services Act, VDG), European legal standards (eIDAS), the Baseline Requirements and/or the Extended Validation (EV) guidelines of the CA/Browser Forum, or exclusively technical and organisational requirements (ETSI, WebTrust for CA).  

Our IT security experts apply an agile approach during the project, test and certification. You thus have the opportunity after each concluded phase, whether in the project or during the audits, to consult our experts. This allows the risk of unprofitable investments to be reduced.  

During the test for a qualified trust service, for example, the following standards would apply to the preparation of certificates for website authentication in accordance with eIDAS:

  • Legal standards: eIDAS or local legislation, e.g. the Trust Services Act
  • ETSI standards (ETSI EN 319 411-1, …411-2 and associated) or permitted alternative standards.

An eIDAS and ETSI certification can subsequently take place.

Our services at a glance

  • conduct of training courses and workshops, one-day or multi-day
    • overview of test requirements and joint evaluation of the sub-requirements relevant to you
    • coordination of your detailed questions on standard requirements, on tests and certifications
  • project support
    • review of the PKI concept
    • gap analysis of documents or processes implemented
  • pre-audits
    • we use your documentation (typically of the certification practice statement, CPS) to check whether your website fulfils the defined criteria and standard requirements
    • examination of your service implementation on location at your premises
    • documentation of any outstanding issues
  • on-site audit to review the processes and technical systems implemented
    • assessment of organizational, technical, physical or structural security measures
  • issue of an audit report (e.g. an eIDAS conformity assessment report)
  • if all criteria are fulfilled, a certificate is issued and published on the TÜViT website

Your benefits at a glance

  • targeted project implementation regarding your budget, schedule and standard specifications
  • for tests under eIDAS: Conformity assessment report
    • as a prerequisite for approval as a qualified trust service provider, and
    • for presentation to the responsible regulatory body
  • verification of compliance with legislation and legal requirements, both legal and technical, that derive from the corresponding requirements
  • verification that your security measures are applied in a targeted, effective and sustainable manner

TÜViT ensures secure and trustworthy websites.

Matthias Wiedenhorst

Head of Certification Division Trust Service Provider

+49 201 8999-536
Fax: +49 201 8999-555

m.wiedenhorst@tuvit.de

Karina Lahser

Global Account Management eID and Trust Services

+49 201 8999-522
Fax: +49 201 8999-555

k.lahser@tuvit.de

Further topics

Electronic signatures and seals

Electronic Signatures and Seals

As an accredited testing and certification body, TÜViT supports trust service providers, from the planning of their services to the necessary tests and certification.
Read more
Validation Services for Electronic Signatures, Seals and Timestamps

Validation Services for Electronic Signatures, Seals and Timestamps

Validation services are indispensable for assessing the correctness and integrity of electronically signed, sealed and timestamped documents. They review certificates in real time and ensure transparency.
Read more
Electronic Archives and Archiving Services

Electronic Archives and Archiving Services

Documents that are electronically signed or marked with a timestamp are subject to ageing, just like their hard copy counterparts. If the certificates or mathematical algorithms used there are no longer up to date, this results in them losing their value as evidence.
Read more
Electronic Identification (eID)

Electronic Identification (eID)

Electronic identification systems have the great advantage that they save companies time and expense, and significantly simplify communication for customers – provided that the systems work securely and that they are trustworthy.
Read more
Cookie Settings
We would like to adapt the information on this website and our available services to your needs. For this purpose we use so-called cookies. Please decide which types of cookies you accept when using our website. The types of cookies that we use are described under "Details". Further information can be found in our privacy policy declaration.
Show details