Cryptomathic Signer
Overview
Cryptomathic Signer is a remote signing server that enables organisations to create legally binding electronic signatures and seals at scale. The platform keeps signing keys within secure, centralised HSM infrastructure and uses strong authentication combined with What You See Is What You Sign (WYSIWYS) functionality to deliver the highest assurance levels available under the eIDAS regulation. Signer is Common Criteria EAL4+ certified as a Qualified Signature Creation Device (QSCD), placing it among a small number of platforms certified against the eIDAS protection profile for remote qualified electronic signatures.
Unsung is a Cryptomathic Bronze Partner and Value-Added Solutions Provider. We implement Signer for UK customers in banking, government, and trust service provider environments where qualified electronic signatures are required for regulatory compliance and operational integrity.
The Challenge
Organisations in financial services, government, and regulated industries increasingly need to provide their customers and staff with the ability to sign documents and transactions electronically with the highest legal standing. Under the eIDAS regulation, qualified electronic signatures carry the same legal weight as handwritten signatures across EU member states — but achieving this assurance level requires specific certified technology and infrastructure.
Traditional approaches to qualified signatures relied on physical smart cards or USB tokens held by individual signatories, which do not scale for remote working, high-volume transactions, or customer-facing digital services. Organisations need a remote signing capability that maintains qualified signature assurance without requiring physical tokens, whilst providing non-repudiation evidence that can withstand legal scrutiny.
What It Does
Signer is a modular platform comprising three components aligned to the eIDAS regulation: a Registration Authority for subscriber management and certificate lifecycle, a Signature Activation Module for secure key activation with sole control assurance, and the QSCD-certified signing engine itself. Together, these provide a complete remote qualified electronic signature service.
The platform supports qualified, advanced, and simple electronic signatures from a single infrastructure, enabling organisations to apply the appropriate assurance level to each transaction through policy configuration rather than separate tooling. Signer integrates with existing identity management, authentication, and business applications through APIs, SDKs, and pre-built connectors. Its WYSIWYS capability ensures signatories can verify exactly what they are signing before authorising the operation, providing the strongest available evidence of non-repudiation. The platform is used by trust service providers, banks, and government departments across Europe, processing millions of signature transactions.
How Unsung Helps
Unsung helps clients assess their requirements for qualified and advanced electronic signatures, design appropriate signing architectures, and implement Cryptomathic Signer integrated with their existing PKI and identity infrastructure. For organisations that need to establish the underlying certificate authority and trust services alongside the signing platform, our PKI Design & Build service covers the full trust architecture from HSM through to signing application.
Related Unsung Services
PKI Design & Build — End-to-end design and implementation of signing and trust service architectures.
Hardware Security Modules — HSM deployment and integration for signing key protection.
PKI Consultancy — Independent advisory on digital signing strategy and eIDAS compliance.
