Products

Electronic signing and identification solutions for all types of organizations.

Electronic Signature

Send out contract in seconds.

Digital Identifying

Remotely verify identities.

Pricing

See and compare various packages and prices.

Integrations

API

Easily integrate Signhost into your own system with our REST API.

Mobile App

Sign and send documents quickly, easily and securely with the Signhost app.

Third-Party Integrations

Find out whether Signhost integrates with the third-party software you currently use.

Documentation

Go to our REST API documentation.

Pricing

Insights

Blog

Read more about digital signatures and e-identification subjects.

FAQ

Find answers to common inquiries about our e-signature and e-identification solutions.

Glossary

Explore key terms related to digital signatures and digital identification.

Company

About us

Signhost is Entrust's cloud signing and identification solution.

Entrust

The global leader in identities, payments, and digital infrastructure.

What is a Qualified Signature Creation Device (QSCD)?

A qualified signature creation device (QSCD) is a device or software that generates cryptographic keys and is used to create a qualified electronic signature (QES) according to the standards set by the eIDAS Regulation in the European Union. It is typically used in electronic transactions and document sharing where it is crucial to maintain the signed content’s integrity and non-repudiation.

Examples of QSCDs

Hardware

Smartcard: Credit card-sized cards that contain a secure chip for storing the private key and performing electronic signature operations.
SIM card: Designed to work in mobile environments, providing secure private key storage for authentication and digital signing.
USB tokens: Small devices that plug into a computer’s USB port specifically designed to securely store private keys used in digital signing.

Software

Cloud-based signature services: Certified cloud environments with QES functionality, ensuring secure signature creation and regulatory adherence through robust key management and compliance features.
Document management systems: Software solutions that manage documents can integrate with QSCDs to provide qualified digital signing features.

Elements of the QSCD

Secure signature creation: A QSCD uses PKI, cryptographic algorithms, and Hardware Security Modules (HSMs) to generate secure digital signatures and ensure their integrity.
Tamper resistance: Under eIDAS, a QSCD must incorporate a tamper-evident design to detect any physical tampering attempts or software-based attacks, triggering unauthorized modification alerts.
Private key protection: A QSCD employs robust methods, such as HSMs, to provide a secure environment for cryptographic operations and protect the private key from unauthorized access, ensuring its confidentiality throughout the process.

How a QSCD works

Signature creation

A QSCD securely generates digital signatures using the stored private key. It uses an encrypted communication channel to form a trusted connection with the system requesting the signature. When a user signs a document, the QSCD creates a unique electronic signature using cryptographic algorithms. This signature is then linked to the document, ensuring its integrity, while the private key never leaves the QSCD, preventing unauthorized access.

The role of qualified trust service providers (QTSPs)

QTSPs play a crucial role in the QSCD ecosystem by issuing and managing the digital certificates that link a user’s identity to their public key. Per eIDAS, only QTSPs are sanctioned to provide qualified certificates for use with a QSCD.

These providers operate under strict regulatory standards to maintain the security and reliability of electronic services, ensuring that the digital signatures created are legally valid within the EU.

Benefits of using a QSCD

Legal assurance: A QSCD provides legal assurance by creating digital signatures that are legally binding and recognized in the EU. This ensures that digital signatures are enforceable in legal contexts, holding the same validity as a wet signature.
Enhanced security: QSCDs offer advanced security features for private key protection and ensuring the integrity of digital signatures. With strong encryption, tamper resistance, and secure key management features, QSCDs minimize the risk of unauthorized access.
Regulatory compliance: Using a QSCD helps businesses comply with strict regulatory requirements, such as those outlined in the eIDAS Regulation. It meets the necessary standards for digital signatures, ensuring compliance with legal and industry requirements.
Operational efficiency: Integrating QSCDs into digital workflows streamlines document signing and approval by providing a secure and efficient method. This reduces administrative burdens and enhances overall productivity.
Fraud prevention: The secure nature of QSCDs helps prevent fraud by ensuring that private keys and digital signatures are protected against unauthorized use. The tamper-evident design reduces the risk of forgery and enhances the overall security of digital transactions.

*Disclaimer: This content does not constitute legal advice. The suitability, enforceability or admissibility of electronic documents will likely depend on many factors such as the country or state where you operate, the country or state where the electronic document will be distributed as well as the type of electronic document involved. Appropriate legal counsel should be consulted to analyze any potential legal implications and questions related to the use of electronic documents.