Sole Control Assurance Level (SCAL#2)

The signing keys are employed with a high level of certainty, ensuring exclusive control by the signer. The authorized signer's utilization of their key for signing is rigorously enforced through the signature activation module, utilizing signature activation data provided by the signer through a signature activation protocol. This protocol facilitates the use of the corresponding signing key to sign specific documents.

SCAL2 enhances the assurance of exclusive control by mandating the implementation of signature activation code within the Hardware Security Module (HSM), known as the signature activation module. This code attains certification at the same security level as the HSM's general cryptographic functions. The signature activation data securely traverses from the signer's device to the HSM, employing the signature activation protocol in a protected manner. This ensures that the user's signing keys remain safeguarded, even in the event of a compromise to the Trusted Service Provider's (TSP) server signing application.

Compliance with SCAL#2 authorization is crucial for ThrivoSign Remote Signing Solution to uphold stringent security measures and regulatory standards. By adhering to SCAL#2, we ensure robust access controls, authentication protocols, and data protection mechanisms, bolstering the security of digital signatures and fostering trust with users and regulatory entities