next generation e-identity and trust services

European Commission Working group on remote eID for KYC/AML/CDD 28 September 2018

Qualified status and registered for:

Qualified Certificates for Qualified E-signatures Qualified Certificates for Qualified E-seals Qualified Time Stamps Qualified Validation Qualified Certificates Website Authentication Qualified Registered Delivery Service* Qualified Preservation*

Non-qualified services:

Electronic Identification Remote Signature/Seal Creation

eIDAS QTSP

About us

Who are we?

What do financial institutions need to go fully digital?

3

Remote Identification Remote Signing of Docs

• To remotely identify the client • To identify natural & legal persons • Accessible by everyone • Accessible from anywhere • AML/KYC compliant • Non-depending of national laws • Fast on-boarding • Great UX

• Sign self declared statements (PeP, source of funds)

• Digitally sign contracts • Digitally sign and accept GTC • Sign other docs - payment orders,

declarations, etc. • Sign also by the bank • Multiple signatures

Other Remote Services

Go digital

• Registered delivery of documents • Proof about time in digital world • Preservation and instant access to

comply with consumer protection in distant financial services

• Authorize digitally other persons to act as proxies

• 2FA password-less login • Others to make digital transformation

legal

Solution

Remote issuing of qualified certificates for e-signatures

Qualified registered e-delivery Remote e-identification

4

ONE APP TO RULE THEM ALL ...

all remote from mobile at anytime

from anywhere by anyone

Remote issuing of qualified certificates for e-seals

Remote e-signing and e-sealing

Qualified time-stamping

Qualified preservation*

E-proxy register*

About us

How it works?On-boarding

any device

web - choice of service

Yes - eID requestalready a client?

No

OnboardingStep 1 Step 2 Step 3 Step 4 Step 5

bank

ID?

ID?

sms w/ link to download app

Remote Automated E-identification

6

Client downloads the application ( free of charge).

Creates a PIN/PUK codes.

Client scans the ID d o c u m e n t s . U p o n recognition, the ID is automatically checked.

A u t o m a t e d A I , m a c h i n e - l e a r n i n g biometrical liveliness analysis of the face is m a d e a g a i n s t d o c u m e n t d a t a . A l t e r n a t i v e l y , a n operator identification u p o n i n t e r v i e w i n g takes place.

Key pair generated on a HSM. Qualified certificate for a qualified e-signature is remotely used.

DONE ONCE IN LESS THEN A MINUTE

for issuance of qualified certificates for e-signatures and e-seals

Step 1 Step 2 Step 3 Step 4 Step 5

Not a client of Evrotrust

How it works?On-boarding

any device

web - choice of service

Yes - eID requestalready a client?

bank

ID?

ID? attest ID

confirms

How it works?On-boarding

any device

web - choice of service

request to sign

bank

confirms signingremotely signs

sends signeddocs back

createsdocs

sends to sign

IDSign

Six Services - One Click

Remotely issued a qualified certificates for e-signature

Qualified e-delivered

Remotely e-identified

9

One Click

Remotely signed

Qualified time-stamped

Qualified preserved*

6Services

Activated

Advantages

10

Compliance

eIDAS

Certified for eIDAS qualified trust services - EN 319411-1/2. Certified qualified remote signature

creation device (HSM). Certified Remote video-identification system - Art.24(1) (d)

eIDAS - Trust ServicesCertified for GDPR compliance - ISO 27001:2013

General Data Protection Regulation (GDPR)

Compliant with 5th AML Directive - art.13 (1) The identification of persons may rest on electronic identification and trust services

according to Regulation 910/2014

Anti-Money Laundering (AML)2FA model for strong customer authentication, based on combined biometry. E-Seal profiles of certificates meeting the PSD2 requirements

Payment Services Directive 2 (PSD2)

eID

Consumers protection (CP)Providing access to contracts and GT before

entering in contractual relations in distant financial services and long-term retention

and instant access of docs for 10 years

eID scheme meets the requirements of Art.7-9 of eIDAS and of Implementing

Regulation 2015/1502 - with assurance level “high”. Ready for notification in BG

eID Scheme - eIDAS

Other Industry Standards CertificationISO 9001: 2015 ISO 27001: 2013 ISO 22301: 2012 ISO 20000-1: 2011

Know Your Customer (KYC)Signing with QeS of self-declaring statements (PeP, Source of funds, etc.) Enhanced KYC through integration with other registers and systems

Advantages

• One Application for eID and Trust Services • Assurance Level - High • Identifies natural persons from 240 jurisdictions • Identifies legal persons from 80 jurisdictions • Device independent • Integration with national registers • Multi Use • Unique UX - one click/show face • Multiple biometrics, not only knowledge • Audit Trail • GDPR compliant • PSD2/KYC/AML/Consumer Protection compliant

11

Pan-European eID Scheme

Way ahead

Thank you!

12

Q&A

bd@evrotrust.com