03 Sep

CDC Arkhineo, the first French company to obtain dual eIDAS qualification

CDC Arkhinéo, achieves yet another milestone in the field of digital trust services.

CDC Arkhinéo, a wholly-owned subsidiary of Caisse des Dépôts and a trusted third party archiver, is the first company to be recognised as a Qualified Trust Service Provider (QTSP) on the European list of trusted service providers, in accordance with the eIDAS Regulation. The eIDAS Regulation of 23 July 2014 aims at building trust in electronic transactions on the internal market. Thanks to this qualification, CDC Arkhinéo’s complementary services on qualified electronic signatures are now valid in all European Union countries.

The company provides the following qualified trust services:

• validation of qualified electronic signatures (QES), ensuring the legal security of a QES by providing proof of validation by a qualified third party (CDC Arkhinéo): for each signed archive consulted, we will have the certainty - beyond the lifespan of the certificate, which is limited to 2 or 3 years - that the signature was valid at the time it was applied;

• preservation of qualified electronic signatures (QES), allowing us to improve the reliability and sustainability of QES beyond their technological validity period: for each archived QES, CDC Arkhinéo undertakes to ensure its integrity, conservation and legal admissibility over the long term; this service protects the algorithms used for electronic signatures from becoming obsolete or being compromised.

Recognition as a Qualified Trust Service Provider offers the highest level of trust and sustainability, conferring legal probatory value at the European level for electronically signed and archived documents, as opposed to an internal solution unable to provide such guarantees.

This qualification is the latest in a series of certifications already obtained by CDC Arkhinéo (ISO 27001 and NF 461, Label France Cybersécurité, hosting for personal health data accreditation), further consolidating its requirements in terms of protecting and securing the data entrusted by its clients and partners.

The aim of the eIDAS Regulation, which took effect in 2016, is to harmonise European regulations on electronic signatures and to build trust in electronic transactions, with the goal of creating a single digital market in Europe. It establishes a single European legal framework for electronic identification and trust services.

“Obtaining eIDAS qualification is additional proof of our ability to secure archived electronic data in accordance with GDPR and to enhance the trust and satisfaction of our clients and partners all across Europe. These trust services are also very useful for advanced electronic signatures, in that they strengthen the solidity of proof in terms of the signature’s validity; the validation policy may be different, but the process is the same. It also ensures the quality and security of the services we provide,” explained Charles du BOULLAY, Chairman of CDC Arkhinéo.


dowload the PDF