• All the power of the new HSM for qualified signature, integrated with the usability of DocuSign
  • Certificate Common Criteria EAL4+
  • eIDAS compliant
  • New HW
  • New SW
  • With built-in backup features
  • Scalable up to millions of users

All the power and security of the new signature server, evolution of CoSign, integrated with the agility and usability of DocuSign.

Docusign Signature Appliance

On September 21st, 2016 they were issued from OCSIthe Certificate and the Certificate of Conformity for the product “CoSign v8.2 at the guarantee level EAL4 + (AVA_VAN.5, ALC_FLR.1, ATE_DPT.2)” of the company DocuSign, marketed as DSA – DocuSign Signature Appliance.

With the definitive entry into force of EU Regulation no. 910/2014, eIDAS, the “CoSign v8.2” device, is certified Safe Device for the creation of electronic signatures (SSCD), and is it also considered a Device for the creation of qualified electronic signatures (QSCD) within eIDAS.
The Certification Report, which has international validity, was issued by OCSI at the end of the re-evaluation of the previous CoSign v7.5 version already certified by the OCSI in October 2015 (Certificate no. 4/15), following some modifications made to the product by the Arx manufacturer, acquired by DocuSign
Let’s see, in extreme synthesis and in practice, the changes made:

new hardware

  • more powerful (for an increase in performance up to 5 times faster);
  • smaller;
  • with two removable power supplies;
  • look & feel completely revisited;

new software

can also be used on current hardware, so in reality they are TWO certifications in ONE. Certified Products:

  1. SW8.2 with HW8.0;
  2. and SW8.2 with HW7.0 (already used with CoSign ver. 7.1 and 7.5);
  • ad hoc configuration for “e-Seals” without the use of the OTP, which can therefore be automated;
  • backup functionality;
  • in case of high availability configuration with two devices in business continuity cluster you can sign / seal with the second device (alternate) in case of temporary failover of the first;
  • use of a single OTP to make more signatures within a session that is always attributable to the same signer;
  • can also be used with non-Windows operating systems (via the WS-REST interface);
  • scalable to millions of users.

The evaluation and certification process involved, as in the past, the Computer Security Assessment laboratory of IMQ – Istituto Italiano del Marchio di Qualità which has successfully completed all the expected hardware and software security tests.