The SigningHub cryptographic engine has been independently-evaluated and certified to be compliant with the CEN CWA 14167-1. This standard specifies the requirements for trustworthy systems for the issuance and management of EU Qualified Certificates. The SigningHub internal Certificate Authority (CA), OCSP Validation Authority (VA) and Time Stamp authority (TSA) services were all certified. In addition the SigningHub signature creation and verification services are compliant with CEN CWA 14170 and CWA 14171.

SigningHub supports the use of FIPS 140-2 and Common Criteria EAL 4+ certified HSMs, Secure Signature Creation Devices (SSCDs) and Qualified Signature Creation Devices (QSCD) under the new EU eIDAS regulations. We partner with a number of secure hardware vendors including SafeNet, Thales and Utimaco.

SigningHub Cloud is also available as part of the UK Government Software as a Service G-Cloud 6 initiative.

SigningHub Cloud is located in a secure and resilient data centre which has been independently certified under various schemes including: