man sitting looking at mobile phone

Digital Signature Solutions for Enterprises and Trust Services Providers

Boost the digitalization of public and private services, greatly improve user and citizen's digital experience and fight against identity fraud with Digital Signature solutions.

Entrust Datacard's technology and expertise in digital signatures was acquired through large-scale projects for enterprises, governments, and Trust Services Providers. We can help you deploy digital signature services and adapt the digital signature processes to local regulations.

Regions currently supported: EMEA, LATAM

Contactar a Ventas

Case Study: ANTEL

Entrust Datacard's TrustedX solution enables ANTEL, Uruguay’s state-owned telecommunications company, to build digital identity and signing infrastructure.

woman digitally signing looking at desktop with tablet and stylus

TrustedX Electronic Signatures: Integrate and automate digital signatures into your applications

TrustedX Electronic Signatures is an on-premises signing platform for Enterprises and Trust Services Providers, providing a complete range of web services for integrating digital signatures into applications. It is designed to centrally incorporate digital signature operations in accordance with the standards of ETSI CAdES, XAdES and PAdES.


man sitting and looking at mobile phone smiling

TrustedX eIDAS: Provide tokenless digital signature capabilities for individuals

TrustedX eIDAS is an on-premises solution for Trust Services Providers, for the deployment of a legally compliant cloud-based signing service, easily accessible through a Web API. Signing keys are centrally protected within an HSM, and document signatures are approved remotely by users from their device, without the need for a hardware or software token.


Asistencia técnica

Respalde su sistema

Obtenga descargas, documentación y apoyo para sus productos de emisión de tarjetas por demanda:

¿Necesita más ayuda?

Para obtener asistencia inmediata, Entrust Datacard cuenta con centros de atención al cliente, disponibles para atender a los clientes en las regiones de América, EMEA y Asia Pacífico.


Beneficios mensurables

TrustedX Electronic Signatures

E-Signature Platform for Automated Processes


  • Integrate document signing and verification into your applications
  • Leverage semantic interpretation of signatures
  • Maintain strong compliance and auditing levels
  • Centralize your key and policy management for document signatures

The Automatic Signing Server incorporates functions that provide a set of security and trust mechanisms as services that can be used with different integration strategies:

  • SOAP/WS: Using the OASIS DSS standard as an access protocol for web services
  • REST/WS, SOAP/WS: Using the TrustedX integration gateway, which supports configuring traffic and data processing with an XML pipeline language
  • Java SDK: For easy integration of electronic signature services in native Java applications

Technical Specifications

  • Format: Software appliance (please contact us to learn more about supported hardware or virtual machines)
  • Event monitoring: Simple Network Management Protocol (SNMP)
  • Security services: OASIS WS-Security, DSS (Digital Signature Service) and SAML, SOAP, and SSL/TLS
  • Signature generation standards: PKCS#7, CMS, CAdES (ETSI TS 103 173), XML-DSig, XAdES (ETSI TS 103 171), signature for PDF documents (IETF), PAdES (ETSI TS 103 172) and S/MIME
  • Signature validation and augmentation standards: PKCS#7, CMS, CAdES (ETSI TS 103 173 and ETSI EN 319 122), XML-DSig, XAdES (ETSI TS 103 171 and ETSI EN 319 132), signature for PDF documents (IETF), PAdES (ETSI TS 103 172 and ETSI EN 319 142), and S/MIME
  • Encryption standards: PKCS#7, CMS, XML-Enc, and S/MIME
  • Digital timestamping support: IETF RFC 3161 and RFC 5816 compatible servers
  • Certificate validation support: Using CRLs, IETF OCSP compatible servers and customized mechanisms (OCSP is required for LTV signatures)
  • Database and directory access: Oracle, Microsoft SQL Server, PostgreSQL and MySQL, LDAP directory access protocol
  • Authentication and authorization: Native authentication methods based on passwords and digital certificates. Password validation can be delegated to LDAP/AD
  • HSM support: PKCS#11 devices approved by Entrust Datacard (a license is required for the HSM connector)
  • Network file systems supported: SMB/CIFS and NFS

TrustedX eIDAS

Remote Signing for Individuals


  • Provide advanced and qualified signatures as defined by eIDAS
  • Globally accepted signing standards
  • Remove the key management burden from your users
  • Ensure adequate authentication for each type of digital signatures

The Remote Signing Server acts as a server-based signature provider, allowing users to authenticate in order to activate their keys and authorize the signature of documents or document hashes.

Technical Specifications

  • Format: Virtual or hardware appliance. Hardware appliance is required for the Signature Activation Module. Contact us for more information about supported hardware or virtual machines.
  • Signature Activation Module (SAM): TrustedX eIDAS v4.2 implements a SAM conforming to CEN EN 419 241-2: Protection Profile for QSCD for Server Signing.
  • Authentication standards: OASIS SAML 2.0 and OAuth 2.0/OpenID Connect.
  • Native authentication methods: Passwords, digital certificates, SMS/email OTP, TrustedX Mobile ID.
  • Extending authenticators: Integration with Entrust Datacard‘s IntelliTrust or IdentityGuard products, or with third-party IdP using the provided SAML 2.0 connector or a custom connector.
  • Authentication classification: eIDAS’s levels of assurance (LoA), NIST’s authenticator assurance levels (AALs), ITU-T X.1254, ISO/IEC 29115.
  • Electronic signature standards: PAdES (ETSI TS 103 172 and ETSI EN 319 142), XAdES (ETSI TS 103 171 and ETSI EN 319 132), CAdES (ETSI TS 103 173 and ETSI EN 319 122), RSA PKCS#1 and Cloud Signature Consortium/ETSI TS 119 432.
  • External TSA and OCSPs: Entrust Datacard’s TSA and OCSP products or IETF TSA and IETF OCSP compatible servers to create LTV signatures with extended lifetime up to TSA certificate validity.
  • External PKI services: Entrust Datacard’s PKI or third-party PKI using the provided mechanism of custom connectors.
  • HSM support: nShield Connect+ and nShield Connect XC. The available functions may vary depending on the model chosen (nShield Connect XC is required for the SAM).
  • Event monitoring: Simple Network Management Protocol (SNMP). Syslog and raw format for processing with an external SIEM.
  • Database systems: Oracle, Microsoft SQL Server, and PostgreSQL. Consult us for other databases support.
  • SMS/Email gateway: An SMS Gateway and/or SMTP server is required for OTP methods.

Implementing digital signatures with Entrust Datacard TrustedX eIDAS

eIDAS-compliant digital signature capabilities without any key management for users