BRUSSELS, Belgium – 3 June 2025 – The Cloud Signature Consortium (CSC), a global nonprofit dedicated to developing open standards for cloud-based digital trust services and promoting worldwide interoperability, announced the release of its “CSC Industry Market Report 2025 – The Cloud Signature Market: An EU & Global Perspective.” This comprehensive report, compiled by Obserwatorium.biz and NIMBUS on behalf of the CSC, provides an in-depth overview of electronic signature solutions and the evolving digital trust ecosystem worldwide, highlighting the impact of diverse legal frameworks and technologies on secure, cross-border digital interactions.

As e-signatures become increasingly essential in both public and private sectors, the report emphasizes the growing need for adaptable, standards-based solutions to meet regulatory demands and user expectations. The report analyzes the technical spectrum of e-signatures, ranging from traditional certificates on physical devices to cloud-based signatures that enable remote onboarding. It explores the pivotal role of cloud signatures in assuring cybersecurity, ensuring non-repudiation, and providing robust legal validation for modern digital interactions.

The report draws on original market research, including surveys and in-depth interviews with key market players from regions worldwide. These findings offer unique insights from practitioners who face the challenges, opportunities, and implications of implementing trust services every day. This approach highlights broad industry trends as well as the specific nuances of local markets and operational practices.

“This report underscores the critical importance of global interoperability in the digital trust ecosystem,” said Viky Manaila, President of the Cloud Signature Consortium. “As the world becomes increasingly interconnected, the ability to seamlessly and securely exchange digital signatures across borders is essential for fostering international commerce and collaboration. CSC’s mission to promote worldwide interoperability has never been more critical as businesses and governments accelerate their digital transformation.”

“The CSC Industry Market Report 2025 provides a comprehensive overview of the global cloud-based electronic signature market, with insights from both Europe and beyond. It examines the latest technologies, legal standards, and the rising role of cloud signatures in cybersecurity and regulatory compliance. What truly sets this report apart is the market research—surveys and interviews with industry leaders worldwide. Their input helped us capture global trends, local challenges, and opportunities. The result is a fact-based, practical view of the market’s current state and future directions.” said Miłosz Brakoniecki, co-founder and board member of Obserwatorium.biz.

Download the full report for free at: https://cloudsignatureconsortium.org/csc-industry-market-report-2025-the-cloud-signature-market-an-eu-global-perspective/

Join our Online Live Launch on June 10th from 2-2:30 PM CET:
https://zoom.us/meeting/register/AbkIA4RXRhmXbBexncAikg  

About the Cloud Signature Consortium (CSC)

The Cloud Signature Consortium (CSC) is a global nonprofit association dedicated to developing open standards for cloud-based digital trust services and promoting worldwide interoperability. The CSC envisions a future where digital signatures are universally trusted and easily accessible, enabling secure and seamless digital interactions across borders and industries.Contact: Benita Lipps | info@cloudsignatureconsortium.org

This report has been compiled by Obserwatorium.biz and NIMBUS on behalf of the Cloud Signature Consortium (CSC), a global nonprofit dedicated to developing open standards for cloud-based digital trust services and promoting worldwide interoperability. It provides a comprehensive overview of electronic signature solutions and the evolving digital trust ecosystem worldwide, highlighting how diverse legal frameworks and technologies—from smartcards to cloud-based signatures—are shaping secure, cross-border digital interactions.

As e-signatures become essential in both public and private services, the report emphasizes the growing need for adaptable, standards-based solutions to meet regulatory demands and user expectations.

Download the full report to explore how countries and organizations can leverage cloud-based trust services to drive secure digital transformation.

Cape Town, South Africa – April 2025 – The Cloud Signature Consortium (CSC) is pleased to announce the election of Johannes Leser to its Executive Board, following the Annual General Meeting held during the CSC Cape Town Summit.

Johannes joins the Board as the representative of IDnow, bringing valuable expertise in digital identity, remote signing, and trust services. His appointment reflects a continued commitment to strengthening the Consortium’s leadership and advancing secure, interoperable solutions across Europe and beyond.

With this addition, the CSC Executive Board continues to represent a diverse and dynamic group of leaders working together to shape the future of digital trust.

Click here for more information about our Executive Board and their contributions.

By Margus Pala, Co-founder, eID Easy

Validating the identity of the party signing a document is an essential part of every secure digital signature. At the same time, it is also one of the highest costs and one of the areas with the most friction. However, it does not have to be a ‘high friction’ task because a growing number of users now have some kind of reusable digital identity app (eID) on their phones.

After initial onboarding the eID based identity proofing is significantly easier and faster than biometric passport scanning and selfies. For example, the Estonian government has a “once-only principle”, which means that if you have given your data to the government once then the same data should not be asked again. Similarly, we should not do biometric passport scanning over and over again if we have done it once already. Standards like ETSI 119 461 and WebTrust for Registration Authorities allow using eID-s for identity proofing to issue certificates and it is already used actively for example in Nordics in use cases where risk tolerance is lower. Yet we are still seeing a huge percentage of electronic signatures made in non-interoperable ways where providers are using their own ways of writing the signer information to the PDF that is not automatically processable nor independently verifiable.eID-s can also help with international recognition. If you have your eID from your home country bank, then why not use the same eID to issue certificates from another country and regulation certificate authority. 

There are 200 countries in the world with each having their own regulations. There are regions like the EU, Mercosur (Mercosur is composed of six sovereign member states: Argentina, Bolivia, Brazil, Paraguay, Uruguay and Venezuela (suspended since December 2016); six associated states: Suriname, Guyana, Colombia, Ecuador, Peru and Chile; plus two observer states: Mexico and New Zealand and some others that are already mutually recognizing local Certificate Authorities from member states and many such proposals are in the works. If worldwide mutual recognition is achieved, then it is even more important to make sure that the single eID app that you have would be enough for signing any document no matter where in the world it originates.

If you would like to discuss this further, get in touch with Margus Pala, margus.pala@eideasy.com.

By Mads Henrikveen, Trust Service Manager, Buypass AS

Buypass has recently added support for both Advanced (AdES) and Qualified Electronic Signature (QES) in Buypass Cloud Signature Services (BCSS). BCSS is a set of signing services based on the Cloud Signature Consortium (CSC) framework.

Buypass has supported Advanced Electronic Signature (AdES) in Norway for many years. Utilizing the CSC framework, a new way of providing electronic signatures has emerged that is well suited for remote signatures according to the eIDAS Regulation and the upcoming European Digital Identity Wallet (EUDIW) framework.

The new BCSS Person Signing service is a flexible remote signing service using one-time signing keys and short-term certificates. The Signer authenticates and authorizes the use of the private signing keys by using already existing eID means.

The service is designed according to relevant ETSI/CEN-standards to be compliant with QES as defined in the eIDAS Regulation, resulting in electronic signatures legally equivalent to handwritten signatures all over Europe.

The illustration below shows the main actors (service providers) participating in the service:

The Trust Service Provider (TSP) issuing certificates (CA) and the SSASP are always Buypass. The SCASP may be any signing Customer/Partner of Buypass who provides signing services supporting either QES or AdES. The Identity Proofing Service Provider (IPSP) is a service provider implementing identity proofing using eID means according to ETSI TS 119 461 as a service.

The main benefit of using this service is:

• No need for User/Signer onboarding/enrolment (utilizing existing eID means)
• The signed contents are anonymous – Buypass has no knowledge of the contents
• Any data can be signed, only the hash (DTBS/R) is sent to Buypass
• The signature requestor (the SCASP) can request either Qualified or Advanced Electronic Signatures

Buypass accepts any eID means satisfying eIDAS LoA High or Substantial if they are notified at such assurance levels in EU or in a national scheme. This gives flexibility and makes the signing service interesting for Partners supporting signing of documents across Europe. No long-term relationship between Buypass and the Signer is necessary.

The BCSS Person Signing services has been designed such that Buypass never have access to the document to be signed (only the DTBS/R). The management of documents, user experience and the signature formats are for the signing Partner (the SCASP) to handle.

The illustration below shows the main flows between the actors in the in service:

The Signer contacts a service provider to sign a document (1). BCSS Person Signing service receives a representation of the data to be signed (2), and a request for user authentication (3). When the user has performed an authentication (4), Buypass will validate the authentication (5) and create a signing key (6), issue the signing certificate (7), and generate the signature (8 & 9).  All this will happen “under the bonnet”.  The signature and some metadata are returned to the signature requestor (10).  

The signature requestor will then package the signature as needed, typically PAdES, JAdES or similar. The signing certificate is issued by Buypass using a CA registered on the EU Trusted List and accepted by Adobe, thus resulting in full validation in Adobe Acrobat applications. 

The service is well positioned to be used in the eIDAS 2.0 ecosystem around the EUDIW. The service will be explored for this purpose in EUDIW Large Scale Pilots together with our Partners.

The BCSS Person Signing service has been assessed and approved by accredited auditors and the service has been granted qualified status from the national supervisory body.

We’d be delighted to discuss this new service, and opportunities for collaboration with our CSC colleagues. Reach out to Mads Henrikveen, mads.henriksveen@buypass.no, if you would like to know more.

By Bindi Li, Sales VP – Asia, Ascertia

MSC Trustgate, a prominent Certification Authority (CA) based in Malaysia, has been a trusted provider of Public Key Infrastructure (PKI) solutions since 1999. As one of the four CAs in Malaysia certified by the Malaysian Communications and Multimedia Commission (MCMC), MSC Trustgate has the capability to issue and manage digital certificates.

In 2021, the company began collaborating with Ascertia to integrate its services with the Cloud Signature Consortium’s innovative API. This integration facilitates the seamless connection of digital signature solutions with Trust Service Providers (TSPs). This case study delves into why MSC Trustgate selected Ascertia as their digital signing partner.

Rising demand for secure, compliant digital signatures

With Malaysia’s regulatory landscape evolving, the demand for legally recognised and secure digital signatures was on the rise. This change was largely driven by regulations mandating businesses to implement compliant, secure, and legally valid signing solutions.

Additionally, as more organisations shifted to digital workflows, clients increasingly sought digital signing tools that were reliable, secure, and user-friendly. MSC Trustgate recognised the need for a flexible, scalable solution that could meet the diverse requirements of both public and private sector clients while adhering to Malaysian legal frameworks and global standards, including eIDAS.

Key selection criteria: What MSC Trustgate needed in a signing solution

When evaluating digital signature solutions, MSC Trustgate focused on several critical factors. Top of the list was security, as the solution had to offer advanced encryption to ensure robust protection for digital signatures. Equally important was compliance with both local and international regulations to guarantee the solution met all necessary legal requirements.

Integration was another priority. MSC Trustgate needed a solution that could seamlessly integrate with existing systems to avoid disruption to ongoing business operations.

Additionally, a user-friendly interface was essential for encouraging quick adoption across different business sectors. Finally, the ability to receive reliable technical support and a scalable partnership to accommodate future growth were also decisive factors.

After carefully considering various options, MSC Trustgate chose Ascertia’s solution, which met all these criteria while offering a high level of security and ease of use.

The solution: Ascertia’s SigningHub and Cloud Signature Consortium’s API

MSC Trustgate selected Ascertia’s SigningHub along with the Cloud Signature Consortium’s API to address their digital signing needs.

Ascertia’s solution stands out for its seamless integration capabilities, enabling MSC Trustgate to easily connect their digital signature applications with trusted signing services. This collaboration ensures that MSC Trustgate can provide a secure, compliant, and user-friendly signing solution for their clients across multiple industries.

Lo Nyan Tjing, CEO of MSC Trustgate, shared the company’s satisfaction with the partnership:

“Our collaboration with Ascertia has empowered us to offer a secure, reliable, and user-friendly digital signing service. Ascertia’s focus on security and effortless integration has allowed us to deliver trusted digital signature solutions that fully comply with regulatory requirements, while remaining easy to use for our clients.”

Building trust through seamless integration

By partnering with Ascertia, MSC Trustgate has successfully enhanced its digital signing offerings, providing a solution that is secure, compliant, and easy to implement. For organisations looking to improve their digital trust services, Ascertia’s signing solutions offer a proven approach to ensuring secure, legally compliant digital transactions.

If you’re interested in how Ascertia’s digital signing solutions can help your business strengthen security and build greater trust, contact Bindi Li, bindi.li@ascertia.com, to find out more.