Remote Signing – An irreversible trend
Since the COVID-19 pandemic, the need for remote work, online shopping, and digital communication has skyrocketed. As a result, the demand for secure digital signatures has grown exponentially. Remote Signing has emerged as a game-changer, transforming the way we sign and manage electronic documents. Digital signing with USB Token is no longer an optimal choice Digital signatures, akin to personal signatures or company seals, hold legal weight and significantly enhance efficiency. However, USB token-based digital signatures have several drawbacks, including limited compatibility, device dependency, and lack of mobility and scalability. Remote signing is the perfect alternative Remote Signing offers a superior solution, providing efficient, flexible, and secure electronic transactions. Unlike traditional methods, the private key for Remote Signing is securely stored in a service provider’s data center. Nevertheless, activation processes are rigorous, ensuring that even the service provider cannot activate or sign on behalf of the customer. In addition, Remote Signing offers numerous advantages, such as: Sign anytime, anywhere Remote Signing allows users to sign documents anytime, anywhere, without relying on physical devices like USB tokens or SIM cards. Users can sign directly on any mobile device, such as laptops, smartphones, or tablets. High security Remote Signing provides an exceptionally high level of security and reliability. The mechanism ensures that only the authorized user can activate and use the digital signature. Even the service provider cannot intervene in the activation or signing process without the customer’s authorization. Moreover, seamless integration with timestamping and long-term validation technologies (LTV, LTANS) enables the detection of any changes to the document, maximizing data integrity and preventing fraud and forgery in electronic transactions. Batch and bulk signing Users can sign multiple documents simultaneously through automated processes, eliminating the need for manual signing of each page. Easy integration with advanced digital signature technologies SavyintTimestamp, long-term validation, and long-term archiving (LTV, LTANS) can be easily integrated into this model. SAVYINT is proud to be the first trusted service provider in Vietnam to comply with the eIDAS regulation for remote signing services, setting the highest standard for security, reliability, and confidentiality in electronic transactions. This means that SAVYINT’ remote signing services are widely recognized in 27 European Union countries and are the first to provide a full range of services, from basic digital signatures to advanced and long-term validation signatures. In October 2021, we were granted a license by the Ministry of Information and Communications to provide remote signing services and became the only entity to fully comply with all mandatory technical standards and advanced digital signature standards, including long-term validation (AdES) as stipulated in Circular 16/2019/TT-BTTTT on remote signing models. QTSP Remote Signing – The perfect solution for individuals and businesses for electronic document signing. Contact SAVYINT today to own a quality remote signing solution!
TrustCA Remote Signing – A breakthrough in the digital signature “race”
With the digital transformation wave sweeping across all industries, the application of digital signatures in electronic transactions has become more urgent than ever. However, the traditional USB token method has become one of the causes of inconvenience for organizations and individuals. USB tokens are no longer a suitable digital signing method While USB token-based digital signatures are still widely used and meet the basic digital signing needs of many organizations, as the number of documents to be signed increases, the demand for digital signing also increases significantly, along with higher requirements for signing speed, convenience, security, and reliability. In this case, USB tokens have many inconveniences: TrustCA Remote Signing – A leap forward in the digital signature race Pioneering research and development in digital signature systems, SAVIS is one of the first units to be granted a license by the Ministry of Information and Communications to provide digital signature certification services under the remote signing model in October 2021, called TrustCA Remote Signing. Now, with TrustCA Remote Signing, users do not need to carry a computer or USB with them when signing documents, but can easily sign directly on their mobile phones or tablets. Another plus of remote signing is that users can sign multiple documents at the same time in a dynamic process, batch signing without having to manually sign each page. Convenient, fast and minimizing risks, TrustCA Remote Signing commits to superior security levels with a mechanism to ensure: the key pair is under the sole control of the user, only the user can activate the signing key, and the service provider cannot interfere in this process. At the same time, TrustCA Remote Signing can be integrated with TrustCA Timestamp and long-term validation signature technologies (LTV, LTANS), helping to prevent fraud and forgery to the highest degree in electronic transactions. Integrity is affirmed when any changes to the document after the signing time. Along with the EU QTSP certification for digital signature services and electronic seals under the remote signing model, SAVYINT’s TrustCA Remote Signing is widely recognized in 27 countries of the European Union, promoting cross-border electronic transactions between Vietnamese organizations and businesses and EU partners. In particular, TrustCA Remote Signing is more user-friendly for individuals thanks to its flexibility, low cost, ease of use, and signing operations. This promotes the digitization of documents and contracts signed between individuals and individuals, individuals and organizations – a bottleneck that USB tokens have not been able to solve. TrustCA Remote Signing has created a powerful leap forward in the digital signature race, digitizing processes, authentication, and electronic document storage. Contact SAVYINT today for detailed advice on services and solutions!
QTSP and Remote Signing bring great competitive advantages to Vietnamese Financial – Banking organizations
With QTSP certification for remote signing models, HSM digital signatures, and electronic authentication services provided by a QTSP in Vietnam, digital signatures and electronic certificates will be widely recognized in all 27 EU countries. This will bring a great advantage to domestic organizations and businesses, especially in the finance and banking sector. QTSP and the challenge of secure electronic authentication in transactions One of the most difficult challenges in the digital finance and economy is the process of secure electronic identification and authentication in transactions. Previously, banks operated their own specialized CA systems for parties to register for services. However, this system quickly became overloaded when third parties or multiple financial institutions registered and authenticated each other, leading to an increasingly complex and difficult-to-control identity database, not ensuring interoperability according to an international standard for system security operations. This issue contradicts the purpose of expanding the digital finance ecosystem of the Payment Services Directive 2 (PSD2) and, more recently, the Open Banking strategy of countries worldwide, hindering the development of the financial market in particular and the digital transformation of the economy and society in general. To solve this difficulty for banks and financial institutions, the Common Technical Standards (RTS) for the Payment Services Directive 2 (PSD2) issued by the European Banking Authority (EBA) has accepted the use of qualified electronic signatures (QES) and qualified electronic seals (QSeal) issued by a Qualified Trust Service Provider (QTSP) for the identification and authentication process under the Open Banking model. This opens up a trusted, legal, and widely recognized authentication method for banks and financial institutions participating in the global digital economy. The eIDAS regulation applies QTSP certification as the highest standard of security, reliability, and confidentiality in electronic transactions. Currently, only QES qualified electronic signatures for individuals and QSeal qualified electronic seals for organizations provided by a Qualified Trust Service Provider (QTSP) are recognized throughout the EU with the same legal effect as handwritten signatures or seals without the need for any other assessment or explanation procedures. Without using the electronic identification and authentication services of a QTSP, organizations participating in the digital financial market cannot perform electronic authentication processes with regulatory authorities. Failure to comply with the QTSP’s assured identification and authentication service standards will lead to numerous potential risks for organizations participating in the digital finance and economy: In addition, the financial market is one of the most sensitive markets to constant security risks and the risk of document forgery. Along with the Payment Services Directive 2 (PSD2), the Open Banking strategy in Europe also allows the trusted services of QTSPs to be the only method to ensure trust between payment service providers, customers, and financial institutions. Competitive advantages of Vietnamese financial institutions and banks from QTSP and remote signing models In July 2021, SAVYINT officially became the first trusted QTSP service provider for digital signatures, electronic seals, remote signing models, and HSM digital signatures in Vietnam, in accordance with EU eIDAS regulations. This means that all 27 European countries fully recognize the digital signature and electronic seal services provided by SAVYINT under the remote signing model. Operating under the SCAL2 security authentication mechanism, the system ensures that only the signer has the right to activate the signing key stored securely on the HSM encryption device, uniquely controlling the signing key, and fully complying with the requirements for the SAM module with CC EAL4+ certification with EN 419 241-2. This will open up opportunities for Vietnamese organizations and businesses to conquer the European market, promote the development of cross-border electronic transactions and e-commerce, and enter the common playground of Vietnam with EU partners in the context of the Vietnam-EU Comprehensive Partnership Agreement and the EVFTA. For providers of electronic payment and transaction services such as financial institutions and banks, having a QTSP in Vietnam will help solve a major bottleneck in the digital finance ecosystem, digital banking, and open banking, aiming to expand the market and integrate into the international arena. This is the unification and interconnection in the process of secure electronic identification and authentication, creating a synchronized electronic transaction market according to a common technical standard, reducing congestion and transaction interruptions due to rejections by the parties involved. Quick application and full utilization of the advantages of electronic authentication and digital signature services from a trusted QTSP service provider will help financial institutions and banks modernize and comprehensively digitize electronic transactions, promote e-commerce, build digital banking and open banking systems, and aim to attract more new customers, new markets, and increase revenue and profits. Connect with SAVYINT now to get advice on specialized solutions for developing Digital Banking and Open Banking!
QTSP certification– Differentiation of digital signing service according to Remote Signing model from a QTSP according to EU eIDAS regulations
QTSP certification – Distinguishing Remote Signing Services from a Trusted Service Provider under the EU eIDAS Regulations. QTSP certification is one of the most important certifications under the European Union’s eIDAS Regulation on electronic identification and trust services. It lays the foundation for legalizing electronic contracts, documents and certificates signed between Vietnamese individuals and organizations and their EU partners. Remote signing services provided by a QTSP offer numerous advantages. QTSP certification Regulation 910/2014 of the European Union (also known as the eIDAS Regulation) is the most comprehensive legal framework for electronic signatures, electronic seals, electronic timestamps, electronic delivery, and website authentication. Accordingly, eIDAS recognizes the legal validity of trusted services and electronic documents, enabling the cross-border use of trusted services, electronic signatures, electronic seals, and electronic timestamps among all EU member states. European individuals, organizations, and authorities cannot refuse the evidentiary value of evidence solely because it is in electronic form. To build trust among organizations and individuals in the European common market, the eIDAS Regulation mandates the Qualified Trust Service Provider (QTSP) certification as the highest standard for security, reliability, and confidentiality in electronic transactions. Currently, only Qualified Electronic Signatures (QES) for individuals and Qualified Electronic Seals (QSeal) for organizations, provided by QTSPs, are recognized throughout the EU with the same legal effect as handwritten signatures or organizational seals, without requiring any further evaluation or explanation. To become a Qualified Trust Service Provider (QTSP), organizations must undergo rigorous audits and assessments by the national Supervisory Body (SB) from the preparation phase to post-assessment monitoring and service maintenance. Full compliance with all eIDAS requirements is mandatory before providing services. To maintain trust, QTSPs are required to undergo compliance assessments by EU Conformity Assessment Bodies (CABs) at least every two years. The distinctiveness of Remote Signing services from a QTSP under EU eIDAS regulations – TrustCA Qualified Remote Signing In July 2021, SAVIS officially became the first Vietnamese QTSP providing remote signing, electronic seal, and HSM-based digital signature services, in compliance with EU eIDAS regulations. This means that all 27 EU countries fully recognize the remote signing and electronic seal services provided by SAVIS. Operating under the SCAL2 security authentication mechanism, the system ensures that only the signer can activate the private key securely stored on the HSM device, providing sole control over the key. It fully complies with the SAM Module requirements and holds a CC EAL4+ certificate with EN 419 241-2. Compared to Vietnamese regulations such as Decree 130/2018/ND-CP and Circular 16/2019/TT-BTTTT, SAVIS is fully capable of providing remote signing services, meeting all mandatory technical standards for electronic authentication and digital signature services. Furthermore, SAVIS surpasses these standards by adhering to the highest levels of the eIDAS Regulation and ISO/IEC 27001 in terms of management, operation, and system security. In 2024, SAVIS GROUP established SAVYINT with the mission of globalization. Therefore, digital signature services of SAVIS and SAVYINT are widely accepted not only in Vietnam but also in the EU for cross-border trade. For providers of electronic payment and transaction services, such as financial institutions and banks, the presence of a Vietnamese QTSP will address a major bottleneck in the digital finance ecosystem. It will facilitate market expansion and international integration by ensuring a unified and interoperable secure electronic identification and authentication process. This will create a synchronized electronic transaction market based on a common technical standard, reducing congestion and transaction disruptions caused by disputes between parties. Rapid adoption and full utilization of electronic authentication and digital signature services from a QTSP will enable organizations to modernize and fully digitize their electronic transactions, boost e-commerce, and build digital banking and open banking systems. This will attract new customers and markets, driving revenue and profit growth. Additionally, the shift to remote signing will provide an advanced digital signature solution, allowing users to sign documents anytime, anywhere, on any device with superior security and reliability, without the need to worry about storing key storage devices or finding suitable connection ports. Comparing SAVYINT digital signature service and other public digital signature services in Vietnam Criteria SAVYINT – Qualified Remote Signing &TrustCA Timestamp Other Public Digital Signature Service Providers Ensuring the security, reliability, and non-repudiation of digital signatures in electronic transactions Applying Advanced Electronic Signatures (AdES) with non-repudiation electronic timestamps to create reliable evidence of the timestamp of the formation of electronic transactions/documents.Supporting Longterm Validation (LTV) technology, which allows for the verification of the validity of digital signatures after 10, 20, or even indefinitely, without relying on the certificate’s lifecycle or service provider. Applying Basic Signatures without timestamps, there is no reliable evidence of the date and time of the formation of the electronic document/ transaction. The signing time can be modified, forged, disputed, repudiated, or subject to legal disputes without any protective evidence. Digital signatures fully comply with the technical specifications in Circular 06/2015/TT-BTTTT, requiring a key length of 2048 bits or more and the RSA algorithm with the SHA-256 hash function. Digital signatures that do not comply with the technical specifications stipulated in Circular 06/2015/TT-BTTTT, such as having a key length less than 2048 bits or using the compromised SHA-1 hash algorithm, pose a risk of undetectable forgery. Such digital signatures are no longer secure for electronic transactions. Ensuring document authenticity for 10, 20 years or even permanently, depending on specific regulations or the purpose of storing signed electronic documents Applying Advanced Electronic Signatures (AdES) and Qualified Electronic Signatures (QES) with electronic timestamps and Longterm Validation (LTV) technology to create reliable and verifiable evidence of the signature’s validity at the time of signing. The validity of the digital signature is independent of the validity of the individual or legal entity’s certificate, and can be independently verified for 10, 20 years, or even permanently. Therefore, users benefit from the highest level of security: no dependence on service providers, no need to maintain certificates, and no need to re-sign electronic documents. Applying Basic Signatures, which depend on the certificate’s lifecycle. Once the certificate expires, the signed document
Remote Signing – The future of digital signature
With new demands and changing user habits requiring more flexible and mobile digital transformation tools such as electronic document signing, the Remote Signing model and HSM-based signing are gradually replacing traditional USB token-based signing methods. USB token-based signing is becoming obsolete Digital signature services play a crucial role in digital transformation and are the first essential tool that organizations and individuals must equip themselves with in the digitalization process. However, the currently popular USB token-based signing methods have many significant drawbacks such as poor compatibility, dependence on device connection ports, lack of mobility and flexibility, and unsuitability for organizations with large signing needs or those requiring simultaneous signing of multiple electronic documents. Meanwhile, technology and pandemic-related lockdowns have required people to work remotely, handle business, and interact with customers anytime, anywhere, on any device. A critical solution for signing electronic contracts, transactions, and documents, such as digital signatures, seems to be lagging behind the new requirements. Moreover, USB tokens or smart cards have low security levels, no longer meet the standards of many countries, and are at risk of being phased out in the near future. Remote signing is the future of digital signature Switching to the Remote Signing model and HSM-based signing will be a reasonable alternative and will become increasingly popular. Only remote signing can enable users to sign anytime, anywhere, on any device with superior reliability and security, without worrying about storing key storage devices or finding suitable connection ports. Remote signing models also allow for the development of high-speed digital signature systems, capable of simultaneously signing multiple documents and papers through automated processes, completely eliminating time-consuming manual page-by-page signing. Advanced signature forms such as timestamped signatures and signatures using long-term validation (LTV) technology can also be easily integrated into this remote signing model. SAVYINT – The first Qualified Trust Service Provider (QTSP) for digital signatures and electronic seals following the Remote Signing model in Vietnam With QTSP certification for providing remote signing services in accordance with EU eIDAS regulations, SAVYINT’s digital signature and electronic seal services will be widely recognized in the 27 member states of the European Union. Moreover, in compliance with Vietnamese law such as Decree 130/2018/ND-CP and Circular 16/2019/TT-BTTTT on the list of mandatory technical standards applicable to digital signatures and electronic authentication services using mobile device signing and remote signing models, SAVYINT fully complies with and exceeds the requirements for system management, operation, and security. Equipped with a SAM module that meets CC EAL4+ certification with EN 419 241-2, SAVYINT’s remote signing system ensures the highest level of security for users’ signing keys stored on secure HSM devices compliant with EN 419 221-5, which resists attacks using the advanced SCAL2 authentication mechanism. Therefore, we have the full capacity to provide remote signing services in both Vietnam and the European Union. By using SAVYINT’s digital signature services, organizations and businesses will have a significant competitive advantage when signing with European partners, promoting the development of cross-border electronic transactions and e-commerce, especially in the context of the pandemic hindering traditional trade. In addition, SAVYINT/TrustCA is also the first and only provider of timestamping services in Vietnam with TrustCA Timestamp. With these conditions, SAVYINT’s digital signature and electronic authentication services can provide the highest level of protection against fraud and forgery in electronic transactions, ensure legal validity for electronic storage, validate documents long-term and reliably even after the digital certificate expires, and completely replace paper documents, eliminating the need for daily printing and archiving. Furthermore, we have been and are providing an ecosystem of technological solutions for electronic documents and transactions with outstanding features that comply with both Vietnamese regulations and international standards, which no other provider in Vietnam can match from eContract, SAVYINT Paperless, SAVYINT eKYC electronic identification, to electronic digitization and archiving – SAVYINT eArchive,… Contact us now for the fastest product and service consultation!
SAVYINT and ENTRUST Strengthen Collaboration in PKI and Blockchain Development in Vietnam
SAVYINT is a leading provider of best-in-class trusted solutions and services. Its strategic partnership with ENTRUST to develop PKI and Blockchain systems marks significant progress in the quality and product offerings of SAVYINT. Founded in 1969 and headquartered in Minneapolis, Minnesota, USA, ENTRUST employs over 2,500 people globally and is a world leader in secure transaction and trusted authentication technology. In 2020, the company rebranded from Entrust Datacard to ENTRUST Corp., with a focus on secure identities, payments, and data protection. ENTRUST has expanded its offerings through acquisitions, including nCipher for hardware security modules (HSM), HyTrust for data security management, and WorldReach for cloud infrastructure, creating a comprehensive product ecosystem with seamless customer experiences. SAVYINT is one of ENTRUST’s key partners in providing security and digital identity solutions. The collaboration includes the development of ENTRUST’s products such as: During a recent meeting between ENTRUST and SAVYINT, Chris Siah, Director of Digital Security Solutions for ASEAN & China at ENTRUST, emphasized, “ENTRUST’s solutions meet international standards such as eIDAS, GDPR, PSD2, HIPAA, and more. In Southeast Asia, we continue to upgrade our strategic security, encryption, and digital identity solutions to match local market demands and regulations. SAVYINT is a leading brand in Vietnam’s IT sector, and we are confident that this partnership will drive ENTRUST’s further expansion in Vietnam.” Mr. Van Hoang Nguyen – Chairman of the Board of SAVYINT, added, “Post-COVID-19, the market for cross-border digital transactions is primed for growth. The expansion of PKI and Blockchain applications in healthcare, education, and finance is advancing rapidly, driven by the vibrant digital transformation in Vietnam. SAVYINT is the first in Vietnam to achieve QTSP certification for providing electronic signature and remote signing services that comply with the EU’s eIDAS regulations. This is a key competitive advantage as SAVYINT’s services are recognized across 27 European countries. With our strong foundation and ENTRUST’s top-tier products, we look forward to even closer collaboration in the future.” SAVYINT is solidifying its leadership position in the digital signature market, gaining certifications for key services like TrustCA Timestamp and TrustCA Qualified Remote Signing. This partnership between SAVYINT and ENTRUST promises to deliver comprehensive security for digital signature applications, electronic identity and authentication systems, and Blockchain, fully complying with both Vietnamese and global information security regulations.
SAVYINT and Wultra strengthen partnership to develop authentication solution
On April 17, 2024, SAVYINT and Wultra entered into a collaboration to develop and implement authentication and compliance solutions for digital banking and financial services, aligning with Decision 2345/QĐ-NHNN. Accordingly, both parties pledge to collaborate closely in fostering the development of cutting-edge authentication solutions that adhere to the stringent security standards and regulations mandated for clients in the Finance, Banking, Insurance, Securities, Healthcare, Digital Media & Broadcasting and Government sectors. Wultra will provide advanced authentication, identity management, data security, and privacy solutions for SAVYINT’s digital solutions and services, encompassing: SAVYINT’s enterprise customers can now leverage the most cutting-edge authentication platform to enhance end-user experiences, safeguard data privacy and minimize e-commerce transaction risks. In addition to these core offerings, SAVYINT is also focused on accelerating the development of innovative platforms and solutions, including: By seamlessly integrating and developing these solutions, SAVYINT and its partners can achieve comprehensive improvement and enhance their business operations. Mr. Ondrej Kupka – A Wultra representative has emphasized SAVYINT’ position as a crucial strategic partner, citing the company’s comprehensive Digital Signature Solution and Open Banking Platform. The representative stressed that this collaboration will benefit both parties and foster market growth. Wultra’s comprehensive authentication solution fully complies with the legal requirements outlined in Vietnam’s Decision No. 2345/QĐ-NHNN. About SAVYINT SAVYINT is a leading provider of trusted digital products, solutions, and services with deep expertise in PKI systems, digital signature solutions, data encryption/privacy, open banking, blockchain & key management, cybersecurity services and AI and cloud applications… Committed to international standards, SAVYINT delivers top-tier solutions designed to meet the highest security and compliance requirements. Its advanced technical infrastructure supports digital transformation across diverse sectors such as government, healthcare, finance, education, logistics, transportation, telecommunications, and broadcasting. With a strong focus on innovation and security, SAVYINT is a reliable partner for organizations seeking to enhance operational efficiency and data security in the digital era. About Wultra Wultra is a global pioneer in authentication, information security, and data privacy solutions. Wultra serves as a digital financial guardian, empowering banks and fintech companies with modern, easy-to-deploy authentication solutions that elevate customer experiences. As a trusted partner with an open-source, developer-friendly approach, Wultra’s solutions can be implemented in weeks, not months. Wultra has established itself as a leading provider of digital banking security in the Czech Republic. The company is actively expanding its international market strategy.