Digital Signing

Entrust Signature Activation Module

This module is a security element for digital signing services that follows the remote signing standards defined by CEN and ETSI as part of eIDAS regulation.

Entrust SAM achieves QSCD and CC EAL4+ certifications

The Entrust Signature Activation Module has successfully achieved two major certifications, reinforcing its compliance with the highest security standards:

  1. Common Criteria EAL4+ for the Entrust SAM 1.1.1, augmented with ALC_FLR.2 and AVA_VAN.5. View it here.
  2. Qualified Signature Creation Device (QSCD) from A-SIT for the Entrust SAM 1.1.2 together with the Entrust nShield 5 and nShield XC HSM models. View it here.
man and woman in server room looking down at tablet

Security at the heart of signing services

Strengthen your eIDAS-compliant signing services and create a Qualified Signature Creation Device (QSCD) by integrating our Signature Activation Module (SAM) and CC EAL 4+ and FIPS 140-3 certified HSMs with your signing infrastructures.

Download Data Sheet

Entrust Signature Activation Module Benefits

user with checkmark icon

Role segregation

The Entrust SAM acts as a security intermediate between your signing application and the Cryptographic Module (HSM).

key

Key and signature management

The Entrust SAM authorizes key generation, deletion, assignment of key pairs and signature generation in the HSM.

document signing icon

Authenticity checking

The Entrust SAM is configured to only accept signature requests signed by whitelisted Authorization Servers.

folder lock

Security records

The Entrust SAM generates audit records for all security events involved in its operations.

How It Works

General Architecture

The following diagram illustrates the Entrust SAM and nShield HSM in the context of a Remote Signing Service. The implementation described can vary depending on the implementation requirements and existing infrastructure.

SAM general architecture

QSCD and eIDAS Compliance

The concept of QSCD is uniquely tied to eIDAS. It is a mandatory element for the generation of qualified signatures and seals, which have the highest level of legal recognition in the European Union. Without a QSCD, a qualified trust service provider can only generate advanced signatures and seals.

SAM compliance

Entrust Signature Activation Module Resources

Data Sheet

Entrust Signature Activation Module

Security at the heart of your digital signing services

Service Description

Entrust SAM

The Entrust Signature Activation Module (SAM) is used to deploy a server-side endpoint that will be used by the server signing applications to get data signed (a document hash).

Solution Brief

eIDAS-compliant Qualified Signature Creation Device

A future-proof QSCD for qualified signatures and seals under the eIDAS regulation

Blog Post

Why You Need a Root of Trust to be an eIDAS TSP

Read about how the evolving EU regulation on electronic identification and trust services (eIDAS) is establishing the model for legally binding cross-border transactions, not only in Europe, but also across the globe.

Press Release

Entrust Completes CC Evaluation for its New Remote Signing Solution

Entrust enhances Remote Signing Solution upon completion of successful Common Criteria evaluation, enabling eIDAS-certified cloud signing services.

Case Study

3Key Company

Entrust empowers 3Key Company to deliver eIDAS-compliant remote signing solution.

Entrust Signature Activation Module Related Products

Entrust Signature Activation Module Related Products

HSM

Hardware Security Modules (HSMs)

Discover reliable hardware security module solutions that protect cryptographic keys, ensure regulatory compliance, and secure sensitive data across digital environments.
Digital Signing

Entrust Signing Engines

Learn how to improve users' and citizens' digital experience and fight against identity fraud with Digital Signature solutions from Entrust.
PKI

Public Key Infrastructure (PKI)

Find the balance between security and user experience in your digital ecosystem with public key infrastructure software from the world’s leading PKI vendor.