Digital Signatures Blog

CoSign by ARX to be Qualified as SSCD

CoSign is expected to be formally declared as an SSCD (Secure Signature Creation Device)

ARX (Algorithmic Research), the leading global provider of standard digital signature solutions, is currently undergoing Common Criteria EAL4+ certification for CoSign, its flagship product, at the IMQ laboratory in Italy under the supervision of OCSI, the Italian information security certification organization. This Common Criteria certification is expected to result in CoSign being declared as SSCD (Secure Signature Creation Device) certified.

ARX has continuously advocated for the creation of a comprehensive system for electronic transactions to address the fact that the existing 1999 EU Directive for Electronic Signatures does not provide an exact definition of the SSCD. A process is currently underway to replace the existing directive with  pan-European regulations that will add remote signatures and Trusted Services Providers to the SSCD definition.

The Security Target developed for the CoSign Common Criteria evaluation (and approved by OCSI in Italy) is aligned with the recently written TS 14167-5 Standard, which defines the requirements for a trustworthy, server-signing system. Consequently, once the new standard and regulation are certified and enacted, CoSign will be recognized as an approved SSCD throughout Europe.

The Italian regulator announced that only products that have already undergone Common Criteria or those that began this process within the past year can serve as remote signing products during the interim period before mid-2014.

“We are pleased that CoSign meets these criteria and that the process currently underway in Italy has opened the door for dozens of local installations. We are eagerly looking forward to the enactment of the new pan-European directive, which will enable our server-based digital signature solution to be declared SSCD-certified throughout Europe,” said Ezer Farhi, VP of R&D, ARX.