Qualified Certificate for Electronic Seals (QSealCs)

Required by PSD2, made easy with GlobalSign

Get a Quote

Why you need Qualified Electronic Seals for eIDAS and PSD2 compliance

The eIDAS regulation introduced Electronic Seals as a solution for legal entities, allowing them to protect the authenticity and integrity of electronic documents and data. An electronic seal is based on the same technology as an electronic signature, and a Qualified Electronic Seal is verified with qualified certificate – this means the owner of the seal has been vetted and verified rigorously to provide a strong level of digital trust.

“Seal” communications and enable secure message exchange for PSD2

For PSD2, financial organizations and third-party providers are required to prove the origin, authenticity, and integrity of data entering their systems through the use of Qualified Web Certificates (QWACs) and Qualified Electronic Seals (QSealCs). Not only do these certificates meet the guidelines for Common and Secure Communications but they also support non-repudiation in instances where there is suspected fraud or other issues requiring investigation and resolution.

QSealCs specifically allow stamping of evidence, including all data and transaction requests and confirmations. This “seals” relevant information in any given communication, which in turn protects the authenticity and integrity of the data. With this method, information can easily be used as evidence in disputes, since the certificate confirms the identity of the creator was and proves that the information was not changed since it was originally created.

Not sure what certificate you need?

Both QWACs and QSealCs are recommended for full PSD2 compliance, and there are different options depending on use cases. This decision tree will help you understand the various certificate types and how they can be applied for maximum security and compliance.

  QWAC QSeal
Where is it used? Identifies end points, protects data during communication Identifies origin of document or data and makes it tamperproof in communication and storage
Security features Confidentiality, authentication, and integrity Authentication and integrity
Security features applicable to Data in transit Data at rest, data in transit
Does it provide legal evidential value for transactions? No Yes, under eIDAS

Using seals for secure document signing under eIDAS

Using a qualified certificate for your electronic seal allows users to validate the identity of the subject of the certificate, as well as prove the integrity of the sealed data. The electronic seal provides strong evidence, capable of having legal effect, that given data is originated by the entity identified in the certificate.

Unlike qualified signatures, qualified electronic seals are issued only in the name of organizations or other corporate bodies, and:

  • Assure clients and stakeholders with the highest-level security measures.
  • Establish compliance with the latest legislative regulation contexts across the EU.
  • Ensures your infrastructure and operations are properly configured at all times.

Note: This offering is only available to organizations with a VAT number.

Qualified electronic seals are available to organizations through GlobalSign’s token-based deployment. In keeping with eIDAS requirements, each signing identity is verified and issued a qualified certificate stored on a qualified signature creation device (the token).

Have questions? We have answers!

Reach out today and one of our Qualified Service experts will be in touch soon.

Request a Quote

Find out everything you need to know about the PSD2 EU law.

Download The Complete Guide to PSD2 eBook and make sure you have the certificates you need to meet compliance and avoid costly fines.

Download Now

PSD2-iPad-Mockup.png

Get more information about Qualified Seals!

Still have questions? Fill out the form below and get started on your compliance journey today