Cryptomathic - Experts & Thought Leaders

The Federal Public Service Policy and Support (BOSA), a key component of Belgium’s federal administration, with support from Cryptomathic, a global pioneer in data security and cryptography, has successfully launched one of Europe’s first digital identity wallets. In line with the European Digital Identity Framework Regulation, eIDAS 2.0, the Federal Government of Belgium has launched MyGov.be, a single app providing access to a wide range of digital public services, information and official documents. Sensitive data access and storage Shifting to a mobile device for sensitive data access and storage creates security challenges Citizens of Belgium can activate the app with their eID, communicate with the government services and securely store all kinds of official documents issued by the government. This feature will be gradually enhanced so that, in the future, citizens will be able to store their identity card, driving licence and certificates. Shifting to a mobile device for sensitive data access and storage creates security challenges, with a complex threat model and a significant increase in attack vectors. Given the high value of digital assets stored in the wallet, and the huge amount of material damage that could result from any vulnerability, ensuring a high level of protection against a variety of attacks is vital. Reinforcing mobile app security Cryptomathic’s Mobile App Security Core (MASC) is used by BOSA to ensure the highest levels of security, protection and privacy for the app. MASC is a tamper-proof security software development kit (SDK) comprising multiple layers of mutually reinforcing mobile app security components, including secure communication through device binding. In over ten years of providing a secure mobile core SDK, Cryptomathic has protected over 100 million+ apps, with zero recorded incidents. MASC is a tamper-proof security SDK comprising multiple layers of mutually reinforcing mobile app Guillaume Forget, EVP of eSignatures and Mobile Security at Cryptomathic added: “As an EU citizen, I’m excited by the prospect of having my own digital identity wallet. As a cybersecurity veteran, I’m also acutely aware of the security threats these wallets pose. That’s why the security underpinning these wallets must achieve the highest levels of security assurance." Implementing security and privacy protections Forget added: “This is where Cryptomathic innovates and excels. MASC doesn’t just provide a wrap-around shield, or a security add-on, it provides true in-app security that frustrated hackers have described as ‘watertight’. Belgium has set the standard for other EU states by implementing security and privacy protections of the highest order, also ensuring that even the state cannot access the information on citizens’ phones without user acceptance.” The digital identity wallet is currently available for citizens of Belgium to download via all major app stores on their smartphones. To find out more about complying with regulations and keeping data secure, visit the Cryptomathic website.

Cryptomathic, a global pioneer in data security and encryption, and Utimaco, one of the most trusted names in global IT security, have strengthened their partnership to provide complete solutions in cryptographic key management, eSignatures and payments issuance and authorisation. The enhanced partnership will deliver closer alignment between Cryptomathic’s industry-pioneering security software and Utimaco’s hardware security modules (HSMs), boosting security and business readiness for the threats of a post-quantum world. Concurrent management of HSMs In key management, Cryptomathic’s CrystalKey 360 – an all-in-one solution for managing cryptographic keys and HSMs through a single web-based application – will work in lockstep with Utimaco’s u.trust general purpose HSM. This will deliver joint customers unparalleled, industry-pioneering support, true crypto-agility and post-quantum computing (PQC) readiness. CrystalKey 360 is HSM agnostic and feeds concurrent control of HSMs from multiple suppliers CrystalKey 360 is HSM agnostic and provides concurrent management of HSMs from multiple suppliers, so Utimaco customers can be confident of a smooth transition from their incumbent HSM supplier to the market-pioneering u.trust general purpose HSM. eIDAS regulation As part of the partnership, Utimaco’s CryptoServer General Purpose HSM CC eIDAS version, combined with Cryptomathic’s Signer, has been jointly certified to offer the highest level of legal certainty under the eIDAS regulation. Customers will benefit from a certified Qualified Signature/Seal Creation Device, which makes it easy to demonstrate compliance as the devices and software are certified together. In addition, technical standards enable interoperability, making the solution simple to integrate with anything from national ID schemes to legacy technology. The recent addition of e-sealing capability means that joint customers can use electronic seals to prove the integrity and origin of documents like invoices, government documents, or product manuals. Utimaco’s AT1000 payment HSMs The strengthened alliance also boosts support for issuers as they move from on-premise solutions Finally, Cryptomathic’s modular payment platform for issuers now seamlessly integrates with Utimaco’s AT1000 payment HSMs, offering joint customers the ability to manage all issuer jobs from a single point of access. This includes management and issuance of payment cards (including virtual cards for wallets), advanced PIN management functionality (including ‘PIN select’ or ‘PIN change’ on mobile), highly scalable transaction authorisation and an EMV® compliant Certificate Authority for private payment schemes. The strengthened partnership also boosts support for issuers as they move from on-premise solutions to the cloud. Moving through a hybrid model, joint customers will be able to modernise their payment setup without risking PCI compliance or negatively impacting the customer experience. Cryptomathic’s cryptographic security solutions Cryptomathic’s Chief Revenue Officer, Anna Russell, explained: “As the scale of digital threats continues to grow every day, it is more important than ever to protect sensitive digital assets. By bringing together Cryptomathic and Utimaco’s jointly-held, industry-pioneering expertise in security solutions, we are making it easier than ever for enterprises to streamline and future-proof their security operations.” "Cryptomathic and Utimaco have been working together successfully for many years,” said Scott Kemish, Vice President of Channel Sales and Partnerships at Utimaco. “We are happy to build on and strengthen this relationship in the context of our new u.nity partner program, to maximise partners’ business and drive growth, while providing the highest level of security for our joint customers.” Further details on Cryptomathic’s cryptographic security solutions are available on its website.

Remote e-signature specialist, Cryptomathic, has partnered with fidentity, an expert in online identity verification, to enable automated identity verification for qualified remote e-signing-the highest level of assurance under European and Swiss law.  Under the European Union’s eIDAS and Switzerland’s ZertES regulations, remote (QES) provide the highest possible level of security and non-repudiation in e-signature services. To perform a QES, the signer’s identity must first be verified. Until now, this has only been possible via cumbersome and slow manual processes in which physical identity documentation, like a passport, is presented and verified either in-person or via a live video call. Such processes reduce the utility of the remote e-signing model and have been a barrier to widespread QES adoption across the two regions. Cryptomathic and fidentity’s partnership Cryptomathic and fidentity’s partnership aims to address this problem head-on, by integrating an automated, digitised and legally compliant identity verification process into the remote QES signing experience.  Thorsten Hau, Founder of fidentity said: “As an expert in digitised and automated online identity verification, fidentity is providing the last piece in the puzzle that will enable remote Qualified Electronic Signatures to become accessible to all. By partnering with Cryptomathic, our intent is to marry the two services together to dramatically enhance the end-to-end signing experience for both providers and end-users, which ultimately will accelerate the uptake of this brilliant enabling technology. A smartphone, a valid ID document and a smile is all it will take to complete a legally binding signature.” Author's quote Cryptomathic and fidentity’s partnership aims to digitise and legally compliant verification process Guillaume Forget, EVP e-Signature and Mobile Security at Cryptomathic said: “The provision of accessible, secure and legally binding remote e-signatures services is crucial to the future of digital transformation. While remote Qualified Electronic Signatures answer this need by delivering maximum security and a high level of legal assurance, the process of obtaining the verified identities required to perform the signature has remained cumbersome and off-putting." He adds, "By uniting fidentity’s digitised and legally assured user experience for identity verification with Cryptomathic’s industry-pioneering Signer solution, we hope to enable faster and more widespread adoption of highly secure remote e-signatures across Europe and Switzerland.” Cryptomathic’s pioneering e-signature solution The partnership will bring together Cryptomathic’s pioneering e-signature solution, Signer, and fidentity’s KPMG-certified identity verification interface, IDENT. Signer is one of the elite few certified remote Qualified Signature Creation Devices available across EU and Swiss jurisdictions. fidentity delivers a seamless online identity verification service, powered by automation and operating in full compliance with the latest Financial Market Supervisory Authority (FINMA), European Telecommunications Standards Institute (ETSI) and eIDAS requirements.