Qualified Certificates for Website Authentication and Electronic Seals
The PSD2 Regulatory Technical Standards (RTS) lists specific security measures that financial institutions and payment service providers (PSPs) need to comply with under the law. One core principle is common and secure communication between all parties involved. All transactions must take place over secured channels and ensure authenticity and integrity of the data.
Qualified certificates for website authentication (QWAC) and qualified certificates for electronic seals (QSealC) are specifically prescribed by the RTS for authentication purposes, especially because they meet the data integrity and encryption requirements. In addition, the EBA (European Banking Authority) recommends using both certificates in parallel to comply with these RTS measures. This ensures:
- PSPs can identify themselves to financial institutions - both QWAC and QSealC authenticate the parties using the certificates
- Secure encryption for communications between all parties ensures confidentiality and integrity - QWAC uses SSL/TLS to encrypt sessions and protect data in transit
- All data actually came from the PSP identified in the certificate - QSealC identifies where the data came from and protects it from tampering
Request a Quote for QWAC and QSealC for PSD2
GlobalSign has been helping companies deploy certificate solutions for over 25 years and we’re here to help. Talk to us about how our qualified certificates can help you meet PSD2 compliance.
By requesting a quote, a GlobalSign Product Specialist will contact you.
- GlobalSign is a Qualified Trust Service Provider
- Create qualified electronic signatures and seals
- Multiple deployment options for advanced electronic signatures and seals