For Trust Service Providers supporting advanced electronic signatures, there has been a certain gap between EU-eIDAS compliance and different software/OS behaviour when it comes to validating digital PDF signatures. Error-free advanced signatures were not always completely recognized as such! A gap that GLOBALTRUST® can close as the only Trust Service Provider in Austria. As of now, we are listed at the software giant Adobe® as a member of the AATL (Adobe Approved Trusted List). This means for you that our digital signature certificates are among the most trusted worldwide and that you can securely sign your documents with Adobe® . Also, advanced PDF signatures created with a GLOBALTRUST® product can now be validated via Adobe regardless of the operating system.

Instantly valid advanced PDF signatures: This is what many have been waiting for!

Not only in Austria do we have an absolutely unique selling point as a Trust Service Provider by joining the AATL – there are not many providers in the rest of Europe that are listed by Adobe. This makes our digital signatures interesting for a wide range of customers – for companies as well as for the e-government sector. We are well prepared to respond to your inquiries.

Electronic signatures: A good investment for companies and government agencies!

Basically, electronic signatures are a valuable investment for any organization, because they …

  • eliminate cost-intensive media discontinuities
  • enable secure data exchange between companies
  • fulfill legal and compliance requirements, and
  • initiate far-reaching process automation.

In short, electronic signatures help minimize error rates, reduce throughput times and increase efficiency. For case studies, click here.

Adobe® and advanced signatures

Adobe® was the only U.S. vendor that had already recognized eIDAS compliance in its Acrobat and Reader products and validated qualified signatures (QES) after checking the European Trust List (EUTL). While users of eIDAS-qualified signatures therefore did not have to worry about correct signature validation, a certain gap remained for advanced signatures, for example in the huge area of e-billing and e-government.

Ever since, it was possible to verify advanced signatures using the Microsoft trust list, which is integrated in Adobe products. However, this did not always work reliably recently due to individual user constellations and led to the popular PDF software behaving in contradiction to legal compliance and confusing recipients with an alleged invalidity of the signature!

“Uncertainty among user has often led to further request. Manual checks with tools such as those provided by the Republic of Austria or the EU Commission did little to improve the situation. This has led to some reluctance to use advanced signatures, even though they offer significant advantages over qualified signatures: They can be fully automated and are thus suitable for the highest signature throughput. Many users are also unaware that advanced signatures are just as legally secure as qualified signatures in the vast majority of everyday business situations.”

Dr. Hans G. Zeger, managing director e-commerce monitoring gmbh (GLOBALTRUST®)

Advanced instead of qualified PDF signatures

Advanced PDF signatures created with a GLOBALTRUST® product can now be validated via Adobe® regardless of the operating system. This closes a gap between legislation and software/OS behavior. And: Qualified signatures no longer have to be used unless they are mandatory.

AATL-compliant signatures require enhanced security measures

The signature key must be managed on a password-protected hardware signature creation device that is certified to at least FIPS-140-2 Level 2. This requirement calls for two-factor authentication (2FA), which is proof of a user’s identity using a combination of two different, independent factors – which provides additional securit,y because the certificate’s private signature key cannot be exported from the hardware, preventing various key compromise scenarios.

Key security? Check!

In addition to tried-and-tested solutions such as USB tokens and smart cards, HSM systems – whether in-house or cloud-based – are of course supported. Using appropriately certified Key Management Systems (KMS) such as Azure Key Vault, AWS KMS or Google Cloud KMS is also possible. We are happy to find the right solution together.

If you are interested in our digital signature solutions, we would be happy to advise you in more detail during a personal meeting.

Download datasheet SIGNATURE

Download data sheet TRUST2GO

 

Read more about TRUST2GO

Read more about SIGNATURE

Any questions left? Get in touch with us and let’s find the right solution for you.

You could also like…
Certificate authentication for traders in the European electricity market

Certificate authentication for traders in the European electricity market

Companies that cooperate with international energy suppliers on the European electricity and gas market need certificates for reliable identification for their traders and all employees involved in energy trading. GLOBALTRUST® is listed with the relevant platforms and provides a suitable tool for the mandatory...

read more
5 good reasons for implementing qualified electronic signatures

5 good reasons for implementing qualified electronic signatures

"Do we really need electronic signatures? What a waste!" It still sounds like this and similar in many companies when it comes to the topic of e-signatures. Does this sound familiar, or are the advantages of digital signatures already known in your company? Read here what the e-signature - or more precisely, the...

read more