Veridos-NETSET-logo
Contact
Veridos-NETSET-logo

Complete PKI solution

A reliable and scalable solution for securing digital data, documents, and transactions.

Public Key Infrastructure technology (PKI)

test
t
t

PKI technology can be implemented according to different technical standards, the most common ones being X509 PKI and ICAO PKI. While X509 PKI standard is implemented for data protection in many state and private systems, ICAO PKI is almost exclusively used for ID document data protection, but most importantly for Machine Readable Travel Document (MRTD) protection. Both standards play a critical role in enabling secure digital identities and ensuring trust in electronic communications and transactions.

Veridos Netset PKIStar provides a comprehensive set of services for online authentication, digital signature creation, and secure document protection. It delivers a full-featured Public Key Infrastructure (PKI) for issuing and managing X.509 digital certificates, fully aligned with European (eIDAS) and local regulations governing electronic documents and digital signatures. Sensitive cryptographic elements are securely stored on Hardware Security Modules (HSMs), with the system designed to support integration with various HSM types.

PKI Star
Qualified Digital Signature Platform

test
t
t
0

platform

0 +
global implementations
0 +
institutions in Serbia

Qualified X509 digital certificates on a smart card

test
t
t
test
t
t

PKIStar enables complete management of digital certificates and asymmetrical cryptographic keys, which are stored on smart cards. The platform covers the following business processes in issuance and use of electronic certificates on smart cards: 

  • Registration of new clients
  • Creating CSR (Certificate Signing Requests)
  • Netset’s Certificate Authority (StarFish)
  • Optical and electronic personalization of smart cards
  • Netset X509 applet suite
  • Netset X509 middleware (Windows, Linux, MacOS)
  • Printing user PIN numbers in closed envelops
  • Issuing certificates and PIN number unblocking procedures
Complete PKI solution

Cloud ID
Digital signatures in the cloud

test
t
t
The Cloud ID platform enables digitally signing and exchanging trustworthy documents in a way that preserves their legal backing. The platform provides a complete set of trust services, including digital signature, digital seal, document exchange, verification and archiving. The platform is an ideal solution for managing digital contracts, invoices, authorizations, directives, reports and other similar documents. With Cloud ID, you can forget about printing, manually signing and physically transporting documents, making your business processes much more accessible, modern and economical.
The platform enables the management of digital documents and signatures located on the central site of the private cloud provider, which is under the full control of the institution that issues digital certificates. Instead of smart cards, user cryptographic keys are stored in specialized hardware security modules (HSMs) that create digital signatures from a remote location.

The following features are part of the Cloud ID:
  • Remote digital signature
  • Remote digital seal
  • Online verification of digitally signed documents
  • Timestamp operation
  • Visual representation of the digital signature
  • Two-factor authentication
  • Android and iOS mobile app
  • Single Sign On (SSO)

Electronic personalization and applets

test
t
t

ICAO PKI Suite

Netset ICAO PKI Suite is a comprehensive set of components for implementing secure access to sensitive chip data on electronic ID documents. Fully compliant with ICAO and BSI EAC specifications, it supports BAC, SAC, and EAC protocols.

Core Components:

  • CSCA – Country Signing Certificate Authority
  • DS – Document Signer
  • CVCA – Country Verifying Certificate Authority
  • DV / DVCA – Document Verifier
  • IS System – Inspection System with Card HSM
  • TCC – Terminal Control Center
  • SPOC – Single Point of Contact for certificate exchange
  • nPKD – National Public Key Directory

APPLETS & MIDDLEWARES

Veridos Netset started using smart card technology more than two decades ago, primarily to protect electronic identification documents. Since then, our team has developed several generations of JavaCard applets and middleware components for use in a variety of government and business secure information systems.
The most common JavaCard applets and middleware components are:
  • Citizen eIDentification and QES Applet
  • ICAO EAC/SAC ePassport Applet
  • Vehicle Registration License Applet
  • Employee ID Applet
  • eHealth Insurance Applet
  • Public Servant eID Applet
  • Weapon Certificate Applet
  • Weapon Carrying License Applet
  • Military eID Applet
  • CAST (Authentication and Signature) Applet

To smoothly integrate applets in PKI applications, Veridos Netset developed the Trust Edge middleware package. Trust Edge contains support for regular cryptographic functions according to PKCS standards and is implemented as Microsoft CSP (Crypto Service Provider) and PKCS # 11 cryptographic middleware.

Proven Javacard Technology

Veridos Netset offers a portfolio of 10+ JavaCard applets, several of which have been in use for over 15 years and have experienced several generations. The two applets used to implement the eHealth Insurance Card are ROM- coded in collaboration with NXP Semiconductors.

ID Document Management System

← View previous

Complete PKI solution
Complete PKI solution

Classified information exchange

View next →

Scroll to Top