
- Turnkey PKI solution to obtain TSP eIDAS certification
- It meets all the numerous and rigorous technical and process requirements necessary to obtain QTSP status
- Includes certification authority (CA), the primary component of a public key infrastructure (PKI)
- The PKI includes the hardware, software, policies, procedures, and processes required to ensure that a signer is the one who claims to be
- HSM Certified Common Criteria EAL4+ and FIPS 140-2 Level 3
- Physically separate CA root and subCA management
- Time to market “agile”
The eIDAS regulation of the European Community 910/2014 has created a wide digital market for trust services for electronic transactions, assigning to the Trust Service Provider a primary role in this market.
Trust Service Providers are responsible for ensuring electronic identification of signatories and services using strong mechanisms for authentication, digital certificates, and electronic signatures. eIDAS defines how trust service providers should provide authentication and non-repudiating services and how they should be regulated and recognized in all EU member states.

As of 1 July 2016, individuals, businesses and public administrations are able to carry out convenient, secure and legally valid electronic transactions across EU borders. European Union rules on electronic signatures, electronic seals, time stamps, certified electronic delivery services and website authentication, as well as electronic documents apply directly in the 28 Member States.
PrimeCert TSP helps customers become TSPs by enabling them to meet TSP eIDAS certification requirements and get to market faster.
PrimeCert TSP is a turnkey solution to start your Public Key Infrastructure (PKI) business eIDAS compliant combining hardware, software, structures, personnel, policies and processes to create, manage, store, distribute and revoke digital certificates, providing a simple, redundant, highly reliable, scalable and highly secure solution for device and user authentication.

PrimeCert TSP is a fully manageable service offering that enables organizations to build and manage their PKI infrastructure on their own or through the full or partial assistance of itAgile for digital certificate management and take advantage of the best practices and high availability of a PKI platform designed and managed by security experts for digital certificate lifecycle management.
Based on a proven and highly reliable infrastructure, PrimeCert TSP reduces time to market, the costs and complexities associated with creating and managing a PKI and gives organizations the ability to focus on delivering solutions, rather than infrastructure.
The PrimeCert TSP solution includes a certification authority (CA), the primary component of a public key infrastructure (PKI) that is responsible for creating a trusted hierarchical chain. The CA releases the digital credentials used to certify the identity of the users.
PrimeCert TSP reduces the burden of planning, creating, and maintaining a PKI, while allowing companies to maintain internal control over the issuance, suspension, and revocation of digital certificates.
The PrimeCert TSP customer must still get eIDAS certification, but all the “pieces” of the certification puzzle are in place.
Main Features
- A certification authority (CA) that releases the digital credentials used to certify the identity of users.
- COMMON Criteria Level 4 and FIPS 140-2 Level 3 certified HSM.
- Collaborative project to ensure high levels of operational security.
- Certified infrastructure/processes in accordance with the requirements specified in the eIDAS Regulation (EU) No. 910/2014 for qualified fiduciary service providers.
- compliant with the standards:
I ETSI EN 319 401
II ETSI EN 319 411-1
III ETSI EN 319 411-2
IV ETSI EN 319 412 (sections 1, 2, 3, 5) - A set of components (hardware, software, structures, people, policies, and processes) designed to meet all the many rigorous technical requirements required to achieve the TSP status dictated by eIDAS standards.
- Security pre-assessment to minimize interactions with the assessor on the security issue.
- Advice for completing the necessary documentation to meet all eIDAS obligations.
- Advice and training on the job throughout the evaluation period by the CAB (compliance assessment body) https://ec.europa.eu/futurium/en/system/files/ged/list_of_eidas_accredited_cabs-2019-03-19_0.pdf in order to obtain the CAR (Compliance Assessment Report).
- Support and technical support 8×5 or 24×7 with PKI professionals; continuous updates of the PKI solution/infrastructure and professional support for any type of request.
- Total or partial assistance of itAgile for the management of the system (to be listed at the end of the evaluation period by the CAB)
- New versions and updates for the software.
- Hardware support for the PKI.
- Included RA services.
- Fully digital processes (“bye bye paper”)