The effectiveness of the security measures and the user's sole control are ensured through the Signature Activation Module (SAM), especially when trusted service providers (referred to as remote signing entities) handle private keys on behalf of users. Adhering to SAM is a mandatory requirement according to the eIDAS regulation for the provision of advanced or qualified remote signing services.
The SAM has successfully attained Common Criteria EAL 4+ certification v1.0 (Evaluation Assurance Level EAL 4 augmented by AVA_VAN.5 and ALC_FLR.3 based on ISO/IEC 18045:2008) meeting the requirements of the Protection Profile for QSCD for Server Signing (NEN EN 419241-2) with strict conformance. The underlying CM (Crypto Module) is a Qualified Signature and Seal Creation Device (QSCD) under eIDAS.
For ThrivoSign Remote Signing Solution Demo Server, click here!