Qualified trust service providers

Qualified trust service providers (TSPs) must fulfil the same requirements as non-qualified trust service providers. But there are some special requirements that qualified TSPs must meet additionally.

General requirements for qualified TSPs are set out in Art. 24 of the eIDAS Regulation. Specific requirements for certain types of qualified trust services laid down in Art. 25 to 45 of the eIDAS Regulation as well as in Art. 3 et seqq. of the Signature and Trust Services Ordinance.

In accordance with Art. 21 of the eIDAS Regulation, a TSP must notify the supervisory body of its intention to start providing qualified trust services and submit a conformity assessment report issued by an accredited conformity assessment body. Each TSP can decide for themselves which accredited conformity assessment body it uses. However, the supervisory body can also carry out a review or task a conformity assessment body with conducting a conformity assessment at the expense of the TSP, especially if the conformity assessment report submitted by the TSP does not adequately demonstrate compliance with the requirements.

An informal list published by the European Commission comprises conformity assessment bodies for trust services that issue qualified certificates for website authentication. Please note that only the accreditation body of the Member State in which the conformity assessment body is established can provide competent information on the accreditation status of the conformity assessment body in question. A list of national accreditation bodies can be found on the website of the European co-operation for Accreditation (EA).

Note: Providers wishing to offer qualified trust services in and/or from Liechtenstein are advised to contact the Office for Communications at an early stage due to the stringent requirements they need to fulfil.