Qualified local mass sealing
for legal entities
documents by legal entities such as join-stock companies,
limited-liability companies and public institutions.
It is a solution based on trust, which guarantees integrity
and authenticity of the data sources it is connected with.
Finance and insurances
The highest level of assurance: the origin of the document is digitally confirmed
Guarantee of the documents’ integrity
Support of documents’ digitalisation processes: scanning and archiving
Acts as a durable medium for future reference
PSD2 requires the use of QSeal in order to confirm and guarantee the integrity of data
Automated processes in the DMS and EPR systems for more efficient business accounting, sales, customer service and HR
Automated and legally binding B2B and B2C electronic communication
Lowering the costs and saving time when processing documents and files
Improving the circulation of documents
Electronic documents are becoming legally binding and valid
Signing and timestamping tax declarations
Electronic confirmation that various applications and documents have been received
Improvement of processes for higher efficiency
Reliability and integrity of medical documentation
Safe document exchange with internal, as well as external operators
Long-term security of the stored documents
Easier administrative flow due to improved workflow
Usage options of qualified electronic seal
Mass documentation e.g. notifications, bank statements, policies etc.
Official notifications and certificates
Patients’ hospital records and discharge papers
Legal documents (e.g. legal acts)
Authentication when gaining the access to financial services in accordance with the new EU regulation regarding PSD2 payment services
Official company documents (financial reports, fiats, statutes)
Contracts and commercial offers
Electronic invoices, bills, order and delivery confirmations
Electronic correspondence (smart scanning with document integrity confirmation)
PKCS#7, PDF & PDF/A, XAdES, EDI, LTA, ERS, timestamp
Long-term document archiving
Binding power and integrity of signed documents
Supporting popular standards such as LTANS / ERS
Re-signing and timestamping
Full audit and access log
QSeal for SmartCard and QSCD
both desktop- and server-based. The process includes the use
of a single cryptographic card with a reader.
multiple documents (mass sealing) server-based software can be used.
This software uses hardware security module (HSM) as QSCD.
Local QSeal with QSCD
Seal qualified on a cryptographic card (SmartCard) or on a high efficiency QSCD
The seal is stored by the legal entity being its owner in a specially secured server room
Remote QSeal with QSCD
Qualified seal delivered as a service in a public or corporate cloud
Qualified seal remains under the sole control of the document signee
EU law and the electronic seal
eIDAS – the EU regulation (1999/93/WE) regulates electronic identification and trust services in regard to online transactions, standardises norms of the security of electronic interactions between citizens, enterprises and public institutions all over the European Union.
Thanks to the eIDAS regulation, electronic documents signed with qualified seal are treated equally as documents signed by hand.
In November 2018, ENISA, the European Union Agency for Cybersecurity, has published and Assessment of Standards related to eIDAS Recommendations to support the technical implementation of the eIDAS Regulation. §4.3.2 states clearly that “This Protection Profile can be perfectly applied for devices that are not managed by a TSP.
A device certified against this PP may be used by users that wish to store they signing keys remotely, as it would be the case e.g. for a legal person implementing a QSCD to issue qualified seals.“
In March 2019, CEN TS 419 221-6 which specifies “Conditions for use of EN 419221-5 as a qualified electronic signature or seal creation device“ was published.
This technical specification provides a clear basis for acceptance of EN 419221-5 certified devices for use as a qualified signature creation device or a qualified electronic seal creation device under Regulation 910/2014 even if not operated by a qualified TSP. In other words, the legal owner of a qualified seal can use a QSCD locally, usually on premise, for high performant local sealing of documents.
Legal aspects and certification
eIDAS requires a certified Qualified Signature (or Seal) Creation Devices (QSCD) using qualified certificates for the generation of electronic signatures and seals. Our solution is based on Utimaco’s CP5 Common Criteria Protection Profile PP EN 419 221-5 certified QSCD.
Apart from introducing electronic signatures and timestamps, the eIDAS regulation also introduced the procedure of electronic sealing, registering of electronic receptions/deliveries, as well as validation and conservation seals and signatures.
Legal validity and binding
The aim of all the solutions mentioned above is providing maximum security of electronic transactions carried out online, as well as giving them the same binding legal power as if they were signed on paper.
Why is the QSeal
in accordance with eIDAS?
A Qualified Electronic Seal guarantees authenticity and integrity of documents in B2B and B2C transactions.
A Qualified Electronic Seal is assigned to a specific legal entity, it is the digital confirmation. It works as a digital version of a traditional company seal stamp.
Thanks to proper certification of Qualified Signature Creation Devices (QSCD) a Qualified Electronic Seal for mass and local sealing can be stored either by the seal owner or certified Trust Services Provider.