fidentity logo

What is a trust service provider?

Trust service providers: The key to safe digital signatures

Trust Service Providers provide the infrastructure for digital certificates – an essential foundation for digital signatures. But if you want to combine simplicity, security and legal validity, you need more: structured processes, reliable identification and a partner who brings it all together.

Portrait Franziska Ackermann, Head of Communications
Franziska Ackermann
15.7.2025

Digital processes are on the rise – for account openings, contract signings or online applications. But as soon as legally binding agreements are involved, things get more complex. In digital processes we use “digital signatures”, which come in different levels of assurance. And when it comes to signatures that need to hold up legally, one player becomes essential: Qualified Trust Service Providers, or qTSPs. They provide the technical key for legally valid digital signatures – in the truest sense of the word.

What does a Trust Service Provider do?

A Trust Service Provider (TSP) is a company certified under eIDAS(EU) or ZertES(Switzerland). It provides essential digital trust services, such as the creation of qualified electronic signatures (QES), timestamping or certificate validation.

Here’s a summary of their key tasks:

  1. Issuing and managing digital certificates for signatures, seals or website authentication (Art. 3, 24 ff. eIDAS)
  2. Enabling qualified electronic signatures (QES) (Art. 25–28 eIDAS; Art. 6–7 ZertES)
  3. Providing qualified electronic timestamps to document the exact time of a digital action with evidentiary value (Art. 42 eIDAS)
  4. Secure generation and management of cryptographic keys in hardware security modules (HSM)
  5. Validation services for certificates via Online Certificate Status Protocol (OCSP) or Certificate Revocation Lists (CRLs)
  6. Long-term archiving of electronic documents (optional and not a legal obligation, e.g. according to EN 319 511)
  7. Electronic delivery services for legally secure digital communication – e.g. registered email (Art. 44 eIDAS)
Certified Trust Service Providers in Switzerland and the EU

Qualified electronic signatures (QES) may only be issued by qualified Trust Service Providers (qTSP). In Switzerland, five providers are currently accredited under the ZertES signature law. In the EU, the official Trusted List includes over 200 qualified TSPs.

EU Trusted List Browser (eIDAS)

Directory of ZertES TSPs in Switzerland (SAS)

In Switzerland, only providers certified under ZertES are permitted to offer qualified trust services; the same applies under eIDAS in the EU. Accreditation is granted per service – the official directories provide a transparent overview of which providers are authorized for what.

«Integrating a TSP is complex – and you only get part of what you actually need. fidentity delivers the entire process: document processing, identification and signature – all from a single source. Because having the key alone is not enough.»

Thorsten Hau, CEO fidentity

The key alone is not enough

As central as the role of a TSP may be in generating and safeguarding cryptographic keys, a legally valid qualified electronic signature requires much more than just a secure key pair:

  • legally compliant, documented identification of the signing person
  • document integrity protection (e.g. via hashing#blank)
  • an audited, end-to-end process
  • protection against deepfakes, replay attacks and other manipulations
  • a user-friendly experience
  • efficient end-to-end digitalisation
  • support with regulatory compliance (GDPR, FINMA, AMLD6 etc.)

Many companies underestimate this complexity – and attempt to integrate qTSPs on their own.

Is fidentity a TSP?

fidentity is not a Trust Service Provider itself but works with several certified qTSPs – depending on the legal framework and individual customer needs. For example, we work with the two major Swiss providers Swisscom and SwissSign, as well as the innovative EU provider Sign8.

Our ability to integrate multiple providers is a clear advantage:

Flexibility for customers: The appropriate TSP can be selected depending on the use case, industry or required level of trust.

Higher reliability: If one provider has technical issues, an alternative is available.

Regulatory compatibility: For cross-border processes between the eIDAS and ZertES frameworks, the solution remains compliant.

Learn more about our solutions

Conclusion: The key needs a system – and a plan

A Trust Service Provider is essential – but for legally valid and efficient digital signatures, more is needed: a well-designed, integrated process. Only by intelligently combining document processing, identification and signature can legal certainty be paired with technical simplicity.

This is exactly what fidentity delivers. All from a single source. Fully certified. Ready to use immediately.

Share article:

Get in touch.

Portrait René Greiss, Head of Sales and Business Development
René Greiss
Head of Sales and Business Development
Interested in learning more about IDENT, SIGN, and ONBOARD? Get in touch now. I’m happy to assist you.
Contact me
Eine Frau lächelt während sie ein Mobiltelefon vor ihr Gesicht hält
Technology

5.6.2025

Why effective user guidance matters
Titelbild Blogpost Hashing, ein Mixer, darum abstrakte Motive, dieses Bild wurde mit Dall-E von Open AI generiert.
Technology

16.12.2024

The digital fingerprint: how hashing builds trust in data
Titelbild für den Blog Elektronische vs. digitale Signatur: Welche braucht man wirklich? Dieses Bild wurde mit Dall E von Open AI generiert.
Technology

20.3.2025

Electronic vs. digital signature: the key differences at a glance
Read more news