The Digitalist Team
October 9, 2020

Trident v2.1 has earned Common Criteria EAL4+ security certification in exceptionally short time


min reading time

This common criteria re-evaluation project of i4p-Informatika Ltd. was successfully completed thanks to professional cooperation between the client's developer team and CCLab's qualified evaluators.

The most recent versions of i4p's TRIDENT HSM and TRIDENT SAM (Signature Activation Module) have received their updated Common Criteria EAL 4+ certification. These devices have been improved in response to customer feedback and they now offer even more flexibility and ease-of-integration, as well as improved high-availability clustering options.

i4p is the first and only vendor to have attained certification against both the Protection Profile for Cryptographic Module for Trust Services (EN 419221-5) and for Server Signing (EN 419241-2). On top of that, our clients' solution is eIDAS-listed as a QSCD (Qualified Signature and Seal Creation Device). Therefore, this is the only one-vendor solution that already complies with the coming update in eIDAS regulation that will mandate not only the use of a QSCD for advanced and qualified remote signature & seals, but also a CC-certified SAM. It is also one of only 3 CC-certified SAM solutions in total, but again, TRIDENT RSS (HSM + SAM) is the only complete solution that was developed by one and the same development team.

Complex process, professional support

“In the case of safety certificates, the certification is valid only for the specific product version that has been tested by a laboratory under the control of the supervisory authority during the certification process. Each time a new version is released, the developer of the product is obliged to complete a similar certification process. This is a complex yet extremely important procedure, since this ensures our customers that the solution meets the stringent requirements. We are proud that we could obtain the certificate for Trident HSM v2.1 in a very short time, and we are especially pleased that we completed this process with a Hungarian partner, namely the independent information security laboratory CCLab”, said Zsolt Rózsahegyi, CEO of i4p.

“This re-evaluation project, which was successfully completed within only 4 months, wasn’t the first joint project with i4p-Informatika Ltd. Thanks to the well-prepared documents of the developers and the quick consideration of our observations during the evaluation process, we were able to complete the EAL4+ level compliance assessment by the expected deadline, within a good timeframe”, said Gábor Hornyák, CCLab Ltd’s Head of Laboratory.

The Common Criteria EAL4+ security certificate of i4p can be found here.