Digital Trust Services and QTSPs: what they are and why to choose them

Electronic trust services, defined by the European eIDAS Regulation, are fundamental to digitalization.

Servizi Fiduciari Qualificati (Qualified Trust Services)

The European eIDAS Regulation has identified and regulated electronic trust services fundamental to digitalization. These services, also known as “trusted services,” can be “qualified” and provided exclusively by authorized providers, the Qualified Trust Service Providers (QTSP).

In this article:

The Transformation from Traditional to Digital Processes

In the past, the authenticity of documents was ensured through handwritten signatures, official stamps, and notarial certifications. With the digitization of businesses, it became necessary to develop technical and technological rules to ensure the same level of reliability in the digital world. This is the foundation of Regulation (EU) No. 910/2014 (eIDAS, electronic IDentification Authentication and Signature), which has been in effect since July 1, 2016. The regulation aims to strengthen trust in electronic transactions by providing a common basis for secure electronic interactions between citizens, businesses, and public authorities. It defines standards to ensure European interoperability of digital services where trust is essential, referred to as “trust services” or “trusted services.”

What are the Qualified Trust Services?

According to the eIDAS Regulation, digital or electronic trust services include:

Electronic or Digital Signature
Electronic Seal
Timestamping
Certified Delivery (SERC)
Website Authentication

The ongoing revision of the eIDAS Regulation (eIDAS 2.0) has added electronic long-term archiving to these trust services. This service, provided by Trust Service Providers (TSPs), gives documents legal evidence and may require additional security measures in some cases.

What are Qualified Trust Services?

Qualified trust services provide greater legal certainty and security for electronic transactions, as well as enhanced technical security. They can only be provided by Qualified Trust Service Providers (QTSPs). The difference between general trust services and qualified trust services lies in the security requirements. QTSPs meet high standards of technological security, are subject to audits, and offer greater legal, technological, and reliability guarantees.

What is a Qualified Trust Service Provider (QTSP)?

A Qualified Trust Service Provider (QTSP) is an entity authorized by a government or regulatory authority to provide trust services with high security standards. A QTSP must meet stringent technological and legal security requirements, undergo regular audits, and possess the necessary certification to offer qualified trust services. The EU maintains an updated list (EU Trusted List of Trust Service Providers) of qualified providers and their services. If an entity is not on this list, it is not permitted to offer qualified trust services.

A QTSP is a trust service provider recognized as a qualified entity by a government or regulatory authority. This status is granted for the provision of services compliant with eIDAS. The EU maintains an updated list (EU Trusted List of Trust Service Providers) of qualified providers and their services. If an entity is not listed, it cannot provide qualified trust services. Legally, both qualified and non-qualified trust services cannot be rejected in court solely for being electronic. However, due to stricter requirements, qualified trust services have a more robust legal effect and offer superior guarantees for electronic transactions.

Why Choose a Qualified Trust Service Provider?

Relying on qualified providers is crucial for enabling a sustainable digital transformation and reducing technical and legal risks. As emphasized by the European Commission, users (citizens, businesses, or public administrations) benefit from the legal effect associated with a qualified trust service only if it is listed as such in the Trusted Lists. Intesa is a Qualified Trust Service Provider, offering a comprehensive range of trust services that adhere to the highest standards of security and regulatory compliance. Trusted and certified technology partners like Intesa are essential for building robust digital ecosystems that are compliant with regulations and scalable according to business needs.

Browse categories

Innovation Market Regulations Smart business Solutions