eID Authentication methods in e-Finance and e-Payment services - Current practices and Recommendations
This report collects the results of a survey launched by ENISA (European Network and Information Security Agency). The main purpose of the survey has been to collect information about the electronic IDentity and Authentication Systems (eIDAS) used…
Digital Identity: Leveraging the SSI Concept to Build Trust
The maintenance of continuity in social life, businesses and administration has accelerated the reflection on the possibility of a need for such decentralised electronic identity. This report explores the potential of self-sovereign identity (SSI)…
Annual Incident Analysis Report for the Trust Service Providers
This report provides an analysis and evaluation of the incident reporting procedure in the EU under the Article 19 of the eIDAS Regulation (2014/910/EC). Considering the fact that only the second half of 2016 was applicable and moreover that this…
Annual Report Trust Services Security Incidents 2017
The Annual report Trust Services security incidents 2017 marks the 1st full year of annual reporting about significant security incidents in the EU's trust services sector. The legal framework for this incident reporting process is Article 19 of the…
Security framework for Trust Service Providers - Technical guidelines on trust services
Article 19, which is the main focus of this document, of the eIDAS Regulation, states that Trust Service Providers have to demonstrate due diligence, in relation to the identification of risks and adoption of appropriate security practices, and…
Conformity assessment of Trust Service Providers - Technical guidelines on trust services
Through this document, ENISA is supporting both Trust Service Providers and Conformity Assessment
Bodies in the audit activities by presenting the auditing framework. It aims at helping Trust Service
Providers fulfil the requirements defined by the…
Technical guideline for Incident Reporting
This document describes a framework for security incident reporting based on the requirements set by article 19 of the eIDAS regulation. It is being developed on a consensus basis between the experts of the working group formed by ENISA and it is…
Guidelines on Termination of Qualified Trust Services
This document proposes guidelines to SB and (Q)TSP aimed at facilitating the implementation of the provisions related to trust services of the eIDAS Regulation in the area of termination of trust services. Termination of QTS is addressed here in…
Recommendations for Qualified Trust Service Providers based on Standards
This document provides recommendations to help qualified trust service providers and auditors understand the expected mapping between these requirements/obligations and reference numbers of standards, as well as practical recommendations for their…
Trust Services Security Incidents 2020 - Annual Report
Article 19 of the eIDAS regulation sets out the security requirements for the trust service providers (TSPs) and introduces mandatory security breach reporting for trust service providers (TSPs) in the EU. This report provides an aggregated overview…