Magyar Telekom Plc.’s new qualified timestamping service operates smoothly based on the Trident Timestamp Server running on Trident HSM. The service has been developed with the support of the Noreg Information Security Ltd. on the basis of the product of i4p Ltd.
The challenge: an outdated timestamp
Due to a change in EU regulations, Magyar Telekom needed a system that would allow the company to provide a state-of-the-art timestamping service in order to comply with the latest legal requirements that will come into force at the end of 2022. Magyar Telekom is a registered Qualified Trust Service Provider (QTSP) and is therefore authorized to provide qualified timestamping services. Although the company does not currently provide such a service to external customers, the organization operates much more smoothly by making it available in its internal systems to its own partners and employees to sign accounts and authenticate the company’s internal processes.
It is of key importance for a multinational company that its timestamped documents are valid throughout the European Union, this is why it is necessary to use the qualified timestamping service (since only documents with qualified timestamps become valid in the whole European Union).
Within the EU, the conditions for providing such services will soon change. From 2023, new regulations will apply that require a different set of algorithms in the future. Magyar Telekom has decided to anticipate the changes and will update its previously used timestamping solution as soon as possible. Thus, a new procurement was required and the product of i4p was the winner in the end.
The Solution: based on a world-class Hungarian development
The company’s experts have compiled a list of requirements, taking into account the latest specifications and the company’s own needs, as well as features that were not included in the previously used solution. Based on the applications received, it was finally decided to invite Noreg Information Security Ltd. to replace and integrate the hardware security module, a firm with which Magyar Telekom has had a good relationship for a long time and has cooperated with in several successful projects.
Specialists from Noreg Information Security Ltd. submitted their bid based on the solution and support of i4p, which ultimately proved to be a winner. Noreg made this decision, because the Trident Timestamp Server running on Trident HSM meets the highest level of cryptographic requirements, and the manufacturer provides professional support for the product, develops its products while keeping in mind the needs of customers, and responds quickly to new requests and expectations. In this case, too, the company’s experts upgraded the product in just a few months so that it could meet Magyar Telekom’s needs in every respect.
The system is based on Trident HSM, a unique HSM module of i4p that provides advanced cryptographic, security and key management features. The efficiency and reliability of the solution is also confirmed by a globally recognized international security certificate; the Common Criteria EAL4+. The product also set a world record during its certification process because it was the first to meet the criteria of two protection profiles (PP) at the same time and the second of the hardware security modules to meet the requirements of the protection profile (PP) for HSMs. This device runs the Trident Timestamp Server, which makes it easy to create qualified timestamps that comply with the specifications of eIDAS. The solution can verify and certify that the timestamped data are exactly the same as those in the document at the time the timestamp was placed, that is they have not been modified.
Results: digitization at a master level
The implementation of the solution went smoothly, including the installation process and the subsequent audit. The configured system is already fully compliant with the specifications of eIDAS and proven to be able to generate timestamps that meet the latest regulations.
“We are satisfied with the product as well as the level of the manufacturer’s support for the solution. We have received all the help for the implementation from i4p Ltd.; in addition, the available documentation is of high quality, and despite the COVID situation, the cooperation was smooth,”
Tamás Kovács, Technical Director Noreg Information Security Ltd