Technologies

What is a Signature Activation Module?

Definition: A Signature Activation Module is an additional security element that is implemented into signing services for the purpose of providing remote signing or sealing functionality.

Explanation

Signature Activation Modules explained

Remote signature activation refers to the process of activating or generating a digital signature using a cryptographic key that is stored or managed remotely, typically in a secure environment. This method allows users to create digital signatures without having to physically hold the private key required for signing. For this purpose, remote signing applications require a Signature Application Module (SAM) to authorize a signature or operation.

Remote signature activation offers several advantages, including enhanced security by keeping the private key isolated from the user's device, centralized key management, and the ability to enforce stronger access controls and auditing mechanisms. It is frequently used for purposes requiring strong security and regulatory compliance, such as financial transactions, legal requirements, and government applications.

The remote signature activation process involves the following steps:

  • Key Generation: A cryptographic key pair consisting of a private key and a corresponding public key is authorized and generated. The private key is securely stored in a remote location
  • Signature Activation Request: The user initiates a signature activation request from their local device, such as a computer or a mobile device, and returns the signed data back to the signing application
  • Authentication and Authorization: Verifies the user's identity and ensures that the user has the necessary authorization to activate a digital signature.
  • Signature Generation: Once the user's identity is authenticated and authorized, a signature is generated using the stored private key. The data to be signed is sent to the remote location, where the signature is generated and returned to the user
  • Signature Verification: The generated digital signature can then be used to verify the authenticity and integrity of the signed data. The corresponding public key, which is often widely available, is used to verify the signature. In turn, the origin and authenticity of the signature requests are verified.

Generation and storage of Qualified electronic signatures and seals (QES) and remote signing capabilities are achieved by utilizing certified Hardware Security Modules for this purpose - a ‘trusted’ computing device that provides extra security for sensitive data. A signature activation module is an additional security component that is integrated into a signing service that adheres to the remote signing requirements defined by CEN and ETSI as part of the eIDAS regulation.

Signature Activation Modules provide a scalable and reliable service, supplying a mechanism for securely authenticating and performing signatures. They are typically used by organizations to implement and deliver remote digital signature services to application providers and end users.

Solutions

Solutions

Test
Solution

Secure Digital Transformation
Government & Public Sector
Solution

Data Privacy & Compliance
Insurance Sector
Solution

Secure Digital Transformation
Manufacturing & IoT
Solution

Transition to Digital Manufacturing
Cloud-stored Data Security in the Government & Public Sector
Solution

Cloud HSMs and compliance
Blog posts

Blog posts

blog-qualified-signature-creation-devices-qscd
Blog post

Qualified Signature Creation Devices (QSCD) under eIDAS – The example of the Bank-Verlag Signature Activation Module (SAM)
blog-local-vs-remote-signing
Blog post

Local vs. remote signing and sealing according to eIDAS
a girl is holding a phone
Blog post

Understanding the Role of Hardware Security Modules in Digital Signing
Related products

Related products

CC Protect
Firmware

CC eIDAS
hsm-software-development-kit-sdk
Accessory

CryptoServer SDK

Contact us

We look forward to answering your questions.

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.
You have selected two different types of downloads, so you need to submit different forms which you can select via the two tabs.

Your download request(s):

    By submitting below form you will receive links for your selected downloads.

    Your download request(s):

      For this type of documents, your e-mail address needs to be verified. You will receive the links for your selected downloads via e-mail after submitting below form.

      Your collection of download requests is empty. Visit our Downloads section and select from resources such as data sheets, white papers, webinar recordings and much more. 

      Downloads

       

      How can we help you futher?