Trust services are normally provided for remuneration and consist of the following electronic services:
Data in electronic form, which are attached to or logically associated with other data in electronic form and which is used by the signatory to sign.
Types of electronic signature:
- A qualified electronic signature is an advanced electronic signature, that is created by a qualified electronic signature creation device (QSCD), and is legally equivalent to a handwritten signature. It is based on a qualified certificate for electronic signatures, which is issued by a qualified trust service provider.
- An advanced electronic signature is an electronic signature which meets the following requirements:
- It is uniquely linked to the signatory and is capable of identifying the signatory.
- The private key which created it, is under the sole control of the signatory.
- It is linked to the data signed therewith in such a way that any subsequent change in the data is detectable.
- The signatory can only be a natural person.
- A qualified electronic signature is recognized as having the equivalent legal effect of a handwritten signature in all Member States.
In the digital world, a qualified electronic seal serves the same function as the seal of legal persons. It enjoys the presumption of integrity and of correctness of the origin of the data to which the qualified electronic seal is linked.
An electronic time stamp confirms that an electronic document had a specific form and content at a particular point in time.
A service that makes it possible to transmit data to third parties by electronic means and provides evidence relating to the handling of the transmitted data, including proof of sending and receiving the data, and that protects transmitted data against the risk of loss, theft, damage or any unauthorized alterations.
A certificate that makes it possible to authenticate a website and links the website to the natural/legal person to whom the certificate is issued.
A qualified validation service confirms the validity of a qualified electronic signature or seal and delivers the result of the validation process to relying parties in an automated manner, signed with the advanced electronic signature or advanced electronic seal of the provider.
It makes it possible to preserve the evidential value of electronic documents which bear a qualified electronic signature or seal, even if, for example, the encryption algorithms used for the creation of said signature or seal are no longer considered secure.
EETT carries out the tasks and responsibilities of the national supervisory body of trust services (Regulation (ΕU) No. 910/2014 of the European Parliament and of the Council of 23 July 2014). EETT supervises the qualified trust service providers established in Greece (Law 4070/2012, Article 12, paragraph 1, point (y), in force), keeps a registry of trust service providers established in Greece, qualified and non-qualified (see below), and establishes, maintains and publishes the National Trusted List, in addition to informing the European Commission accordingly.
The Regulation (EU) No. 910/2014 on electronic identification and trust services, also known as the eIDAS Regulation, specifies the obligations, security requirements and supervisory framework of trust service providers, depending on whether they provide qualified or non-qualified trust services.
The European Commission publishes the Trusted Lists of Member States. In addition, it has issued Implementing Regulations on trust services. Providers who wish to achieve qualified provider status must meet specific requirements. Qualified trust services provided by qualified trust service providers are recognized across the EU, irrespective of the Member State in which the provider is established. Qualified trust service providers are audited at their own expense at least every 24 months by a conformity assessment body to confirm they comply with the requirements laid down in the eIDAS Regulation. Afterwards, Conformity Assessment Reports are submitted to EETT for approval.
More specific issues about trust services and the obligations of providers established in Greece are laid down in the Regulation on the provision of trust services issued by EETT.