VeriSign Managed Services Model Eases Compliance with EU Directive
for Electronic Signatures
New Standard To Affirm Integrity of Qualified
Certificates and Build Foundation of Trust for EU Businesses
Mountain View, CA, July 19, 2001 - VeriSign, Inc. (Nasdaq:
VRSN), the leading provider of Internet trust services, announced today
that its managed PKI services will meet the criteria set forth by the
EU Commission's Directive for digital signatures, giving digital signatures
the same legal status as physical signatures.
The criteria developed by the EU Commission and
the creation of a compliant solution by VeriSign will accelerate the
acceptance of digital signatures and increase confidence in doing business
online. VeriSign will meet the EU requirements by enhancing its managed
services processes, specifically its industry-leading Certificate Policies
(CP) and Certification Practice Statement (CPS).
"Trust services will serve as a catalyst for
increased online interaction throughout the European Union. VeriSign
has been working to meet the broad criteria of the EU Directive and
will work towards meeting the individual countries' requirements as
they evolve," said Roger Cochetti, senior vice president and chief
policy officer for VeriSign. "It is essential for certificate authorities
to observe criteria set forth by the EU Directive in order to provide
consistent and reliable trust services."
To issue a certificate deemed "Qualified"
by the Directive, Certificate Authorities (CA) must follow certain procedures
to establish security during certificate issuance and liability of the
CA should the certificate be compromised. VeriSign is uniquely positioned
to meet the procedural requirements because of its outsourced managed
services model. This model provides policies and procedures necessary
to operate a CA, unlike software-only solutions.
VeriSign was the first CA to document and publish
the legal, technical, and policy aspects of its services in the form
of a CP/CPS. The CP defines the authentication process for issuing and
maintaining digital certificates and forms the legal parameters for
the use of certificates between parties. VeriSign has updated its CP
to meet each of the EU Directive policy requirements.
EU member states must pass legislation supporting
the EU Directive for digital signatures, enabling businesses to benefit
from EU-wide acceptance of digital signatures issued from any country
within the EU.
"Doing business electronically is increasing
rapidly both for companies and for consumers. But without security and
trust, there won't be a notable shift towards commercial and financial
transactions on the Internet," said Erkki Liikanen, EU Commissioner
responsible for the Information Society.
VeriSign European affiliates who will be able to upgrade to a platform
that is capable of issuing Qualified certificates under the Directive
include: Adacom (Greece), BT Ignite (U.K.), CertiSign (Portugal), Certplus
(France), Computer Communication Systems (Poland), D-Trust (Germany),
DSV (Germany), EuroTrust (Denmark), KPN Telecom (the Netherlands), Roccade
Megaplex (the Netherlands), Skırr (Iceland), Telefonica (Spain), Telia
(Sweden), and Trust Italia (Italy). VeriSign affiliates combine VeriSign's
global Trust Services infrastructure and expertise with their own e-commerce
services to serve customers in their local language, currency, and legal
system, enabling trusted and secure electronic commerce and communications
over the Internet.
Digital certificates enable users to encrypt e-mail
and documents to send them securely over the Internet. Digital signatures
associated with certificates issued by VeriSign's affiliates ensure
the identity of the sender. VeriSign's standards based architecture
has scaled to produce over 5 million digital certificates and offers
customers new features beyond EU Compliance including the Device Manufacturing
Service platform, Managed PKI for Wireless Clients (WAP 1.2.x compliant),
as well as enabling secure extranet, messaging, and VPN solutions working
with a wide variety of industry - leading applications.
In addition to the EU Directive for electronic signatures,
VeriSign is compliant with generally accepted standards such as Common
Criteria EAL4, annual SAS-70 Type II audits of its CPS, and the WebTrust
Audit for CA's to provide customers with the highest quality of trusted
infrastructure services. VeriSign continues to pursue additional CA
licensings and accreditations in various states in the United States
and through its affiliates internationally.
"This directive will propel increased online
interaction throughout Italy and the European Union. The acceptance
of digital signatures increases confidence in doing business online,"
said Mr. Ernesto Pascale, Trust Italia Chairman. "The greater the
confidence level, the greater the financial health of European businesses."
"VeriSign and Adacom have worked together to
become compliant with the EU Directive for Electronic Signatures,"
said Minas Giaourtopoulos, General Manager, ADACOM S.A. "This initiative,
along with the decree in Greece which recognizes digital signatures,
is important to fully provide trust services to the Greek-Balcanian
and Cyprian markets."
"The Digital Signatures compliance is extremely
vital for European competitiveness in the global marketplace. As the
global leader in this space, we are able to build upon our foundation
that enables consistent and reliable trust services for e-commerce,"
says Peter Mandos, Managing Director of D-TRUST.
"As we evolve from concepts like e-commerce
or e-business to e-relations, the foundation of trust on the web is
crucial. The European Directive for Digital Signatures and the work
of each country in this area is producing increasing effects on every
aspect of a citizen's daily life," said Domingos Miranda, V.P.
Corporate Affairs, Legal and Finance, CertiSign Portugal. "The
public administration, companies old and new, banks, insurance companies,
and more can now trust their most precious relationships to web technology
knowing it has legal recognition. In Portugal, sectors like justice
and social security are taking some important steps toward the use of
e-relations based on digital signatures."
About VeriSign
VeriSign, Inc. is the leading provider of trusted infrastructure services
to Web sites, enterprises, electronic commerce service providers and
individuals. The company's domain name, digital certificate and payment
services provide the critical Web identity, authentication and transaction
infrastructure that online businesses require to conduct secure e-commerce
and communications. VeriSign's services are available through its Web
site (www.verisign.com) or through its direct sales force and reseller
partners around the world.
###
Statements in this announcement other than
historical data and information constitute forward-looking statements
within the meaning of Section 27A of the Securities Act of 1933 and
Section 21E of the Securities Exchange Act of 1934. These statements
involve risks and uncertainties that could cause VeriSign's actual results
to differ materially from those stated or implied by such forward-looking
statements. The potential risks and uncertainties include, among others,
VeriSign's limited operating history under its current business structure,
uncertainty of future revenue and profitability and potential fluctuations
in quarterly operating results, increased competition, risks associated
with the company's international business and risks related to potential
security breaches. More information about potential factors that could
affect the company's business and financial results is included in VeriSign's
filings with the Securities and Exchange Commission, especially in the
company's Annual Report on Form 10-K for the year ended December 31,
2000 and Quarterly Report on Form 10-Q for the quarter ended March 31,
2001.
VeriSign undertakes no obligation to update
any of the forward-looking statements after the date of this press release.
Contact Media Relations: Janine Dunne, jdunne@verisign.com,
703-948-4496
Perveen Akhtar at Banner1, perveen_akhtar@b1.com,
+442073492268
Investor Relations: Katie Ochsner, kochsner@verisign.com,
650-426-3512
Worldwide Sites
