Latest on us in the news
Microsec is the first domestic service provider to be included on the list of eIDAS certified and qualified trust service providers.
17/01/2017

Microsec, a Hungarian-owned company providing a comprehensive range of services based on electronic signature technology, is the largest Hungarian certification provider, and now the first Hungarian registered eIDAS qualified trust service provider. 

A substantial change was introduced in the field of electronic identification, electronic signatures and trust services on July 1 2016, when the eIDAS Regulation came into effect to provide a unified legal background within the EU. Its goal is to promote the spread of cross-border electronic transactions, by supporting the development of the digital single market. Its significance lies in the fact that these types of e-services have legal effects identical to paper-based methods, which can significantly reduce the need for a physical presence, and citizens will be able to manage their official, business, or private affairs with due legal consequences anywhere and at any time. 

„In line with the compliance requirements of the regulation, Microsec successfully obtained the German TÜVIT eIDAS accreditation before 31 December 2016, becoming the only organization in Hungary to comply with this requirement earlier than the originally announced deadline. As a result, Microsec was registered on December 21 2016 as an National Media and Infocommunications Authority (NMHH) qualified trust service provider, and has been the only domestic organization on this list since.

We are proud that Microsec is currently the only Hungarian qualified trust service provider with an eIDAS certification, said Gergely Vanczák, general manager of Microsec e-Szignó Certification Authority.

It is an important milestone in the life of our business that Microsec, an expert in the field of new generation PKI* technology, is capable of providing four different eIDAS qualified trust services: 

  •  issuing certificates for qualified electronic signature;
  • issuing certificates for qualified electronic seal;
  • issuing qualified electronic time stamps;
  • qualified preservation of electronic signatures, seals and certificates.

 Our eIDAS certified qualified preservation service, which can be used for the long-term authentic retention of electronically signed documents (such as PDF, e-files, ASiC) is unique, not only in Hungary, but in Europe as well,”  Gergely Vanczák stressed.

What do these services offer?

Using qualified and non-qualified (advanced) electronic signatures based on qualified certificates, private or public documents with full probative value can easily be created digitally. The signature created in this way is proof of integrity, authenticity of origin and non-repudiation, and it is equivalent to traditional signatures on paper.

Qualified stamp certificates can be issued to legal persons, enabling the parties concerned to create qualified stamps on behalf of an organisation (e.g. company, institution, association, etc.), ensuring integrity and non-repudiation for the signed documents, even those that require full probative value. 

The documents can be provided with a qualified time stamp, which is an evidence of full probative value issued by a trusted third party proving that a document existed at a specific time. 

Electronic signatures to be preserved for the long-term require regular maintenance, and their authenticity, as well as their compliance with current signature standards, needs to be continuously ensured, which can be achieved using a qualified preservation service. Its advantages include associated legal presumption and NMHH supervision, as well as guarantees of readability and confidentiality. 
NMHH web page
eIDAS regulation
TÜVIT accreditation

 
Microsec obtained eIDAS conformity assessment certificate by TÜVIT
08/11/2016
First in Hungary, Microsec Ltd. qualified trust services such as e-Szignó Signature, Times-Stamp, Seal and Preservation fulfill all requirements defined in Regulation (EU) No. 910/2014 (eIDAS) according to the result of TÜVIT conformity assessment audit carried out in October, 2016.

TÜVIT web site

Certificates:

e-Szignó qualified signature
e-Szignó qualified time-stamp
e-Szignó qualified preservation
e-Szignó qualified seal



 
Microsec at ITBN CONF-EXPO 2016
21/09/2016

Following the tradition of previous years, Microsec is participating at the ITBN CONF-EXPO between the 27th -28th September 2016, which is one of the largest IT Security events in Hungary.

The conference is organized around the topic of “cyber vigilance”. The biggest challenge today is the early recognition of the attacker entering into our systems. Lots of people believe that it is enough to have an antivirus software installed on the PC. But they are wrong. Our protection systems and critical infrastructures need to be monitored 24/7 continuously since hackers do not go on holidays. 

Stand P6, Microsec is showcasing a future-proof mobile ID: PassBy[ME] to demonstrate secure and seamless eIDAS compliant online authentication, transaction authorization, document signature and trusted messaging. The solution is ready to fulfill PSD2 (Revised Directive on Payment Services) objectives. 

Furthermore, András Barsi, Chief Strategy Director, will present the benefits of PassBy[ME] mobile ID solution at 12:30 on the 28th September in room G300. 

The participation is free of charge, but pre-registration is required. For more information, please click on the image.
ITBN CONF-EXPO 2016

 
PassBy[ME] the future-proof mobile ID with enhanced feature
15/09/2016

Microsec, the expert in PKI software development and security solutions, has released a new version of PassBy[ME], empowered with new ergonomic feature. The new generation mobile ID solution was originally developed in 2013. Its prime function was to supply a next generation authentication and signed transaction authorization solution to the market providing maximum safety in verifying user ID to prevent fraud in the online environment. This impressive product was recognized by The Best Hungarian IT Security Innovation Award at the IT CONF-EXPO in 2013. 

PassBy[ME] is a user friendly and exceptionally secure mobile ID where Public Key Infrastructure (PKI) provides the highest level of security known today. “PassBy[ME] strengthens customer authentication, the weakest link in the chain of online transactions today” – said Microsec Chief Strategy Director András A. Barsi. Secure user authentication is also demanded by the quick spread of IoT, that helps controlling data stored in IoT. 

Due to its true niche function in the digital world, PassBy[ME] has been further extended with new business feature serving end to end online security and ergonomics to users. “From legal perspective, there is still a big gap between today’s online transaction authorization and original signed paper document process, since online transaction authorization is based on authentication without legal responsibility – concluded Barsi. Our PassBy[ME] solution solves this legal issue using eIDAS compliant signature protocols behind transaction authorization as well”

This smart device based technology provides 4 key feature nowadays: next generation user authentication, transaction authorization, and the lately added mobile signature function and trusted messaging service.

Mobile signature function enables instant signing regardless of location, providing extreme flexibility and speed in daily business. Trusted message service is a very secure and fast way of providing signed receipts of messages as proof of delivery.

“Available as a service or packed product for larger deployment, PassBy[ME] has a wide application area where level of security is key to fight against online fraud and data phishing or authentication failure” – added Tamás Paulik Senior Security Architect, PassBy[ME].   

Using it in the financial sector for online authentication, PassBy[ME] exploits the advantages of Bring Your Own Device (BYOD) scenario. One time passwords (OTPs) are thus eliminated so are the associated costs of text messages and the inconveniences of additional hardware tokens. 

For e-Government services like e-health, tax or citizen services true identity of a user is required, so the PKI based authentication solution provides an ease of convenience. Cloud service providers have a huge growth potential and PassBy[ME] is a secure solution to protect user login credentials in a simple way.

PassBy[ME] is a patented product.

 
Microsec at Trusted ID Summit 2016 in Poland
14/09/2016

Microsec, the expert in PKI software development and security solutions, is co-organizing the TRUSTED ID SUMMIT together with IDENTT specialized in identity document verification methods. On the 22nd of September in Warsaw, the summit will reveal the current challenges of online user presence. Since eIDAS regulation came into effect on the 1st of July 2016, the need for discussing the new legal possibilities and business perspectives of online identity is even more timely within the innovative European space.

The conference is addressed to private and public organizations, that are either obliged to verify user identity in case of any online transactions or planning to implement it. Microsec experts András Barsi, Chief Strategy Director and Kornél Réti, Research Engineer will explain the eIDAS regulation in the context of identity verification via hands-on case studies. 

Cyberattacks are hitting the largest and thought to be the safest institutions and online identity theft is growing in a great extent. This forum is designed to provide up-to-date solutions to organizations and users in helping to increase security level and to meet the growing demand of digitalization. 

Microsec is showcasing best in class tool, PassBy[ME] mobile ID, to demonstrate secure and seamless eIDAS compliant online authentication, transaction authorization, document signature and trusted messaging. Furthermore, this solution is ready to fulfill certain PSD2 (Revised Directive on Payment Services) objectives.
Trusted ID Summit

 
CrySySLab’s team played hard on DEFCON CTF Finals
29/08/2016
!SpamAndHex team, co-sponsored by Microsec, competed against the bests in the world on the 24th DEFCON CTF Finals in Las Vegas and successfully ranked 13 in a very tough contest in August 2016. This year's challenge was to find vulnerabilities in CGC binaries, to generate a Proof of Vulnerability and to patch it with a maximum of 5% performance lost. Find more information on CrySySLab blog.  
Congratulation to the team, we are proud of the them!

!SpamAndHex team
 
PassBy[ME] strategic partnership with T-Systems Hungary
15/06/2016

A partnership agreement was signed on the 13th of June 2016 between Microsec Ltd. and T-Systems Hungary Ltd. to further enhance Microsec’s patented, next generation authentication solution, the mobile based PassBy[ME]. Microsec’s solution, relying on public key infrastructure (PKI) technology will be implemented into T-Systems’ commercial services.

Microsec’s offering incorporates:

- next generation online authentication protocol for e-banking and e-commerce,

- transaction authorization e.g. for money transfer and

- mobile signatures for e-documents.

The PassBy[ME] system represents the next generation of online security solutions. PassBy[ME] is a security leap compared to current authentication and transaction authorisation methods as well as a major improvement of customer experience.

As of 1st July 2016 in compliance with eIDAS regulation for electronic identification and trust services for electronic transactions, Microsec Ltd. supports T-Systems as a qualified and trusted certification authority.

PassBy[ME].com


T-Systems Magyarország Ltd. news

eIDAS news (Hungarian)

 
2015 ITBN Conf-Expo – National Day of IT Security
12/10/2015

2015 ITBN Conf-Expo – National Day of IT Security

Microsec participated the ITBN Conf-Expo – National Day of IT Security which held between 23-24 of September. ITBN is the biggest IT Security autumn event. On the second day of conference our colleague Tamás Paulik prestend PassBy[ME]. Our innovation is the next generation authentication solution that can be used in any environment where authenticating the user accessing an online service is highly important. This includes e-Government, financial and banking, e-commerce and cloud based services as well as VPN access. 

www.passbyme.com 

   

 
Conference and IT Expo in Bahrain
14/04/2015

Microsec participated the 8th Bahrain International eGovernment Forum and the IT Expo, held between 15-19 March in Manama, Bahrain. It was our honor to delegate András Barsi to the ‘eGovernment Success Stories’ workshop where he presented Microsec’s related experiences and success.

The IT Expo was held during the last 3 days of the event. The Microsec booth was besieged by many questions about our products and solutions from the participants, and also there was the opportunity to demonstrate how PassBy[ME] is working after integration into the local eKey System.
 
Facility Security Clearance Certificate for Microsec Plc.
26/02/2015

On 3rd February 2015 the National Security Authority (NSA) of Hungary granted a Top secret security clearance – in accordance with the provisions of the 2009. CLV. law on the protection of classified data and Government Decree No. 92/2010. (31st March) on the detailed regime of the industrial security vetting procedure and the issuing of the Facility Security Clearance – to Microsec Plc.
The NSA of Hungary conforms, that Microsec Plc. possesses storage capabilities approved for the safeguarding of classified information up to and including Top secret, and a safe computer system approved for the safeguarding of classified information up to including Secret.

The NSA granted a Secret UE security clearance – in accordance with the provisions of the 2005/9952/EC Council Decision of 20 December 2005 amending Decision 2001/264/EC adopting the Council’s security relations – to Microsec Plc.
The NSA of Hungary confirms, that Microsec Plc. possesses storage capabilities approved for the safeguarding of classified information up to and including Secret UE and a safe computer system approved for the safeguarding of classified information up to and including Secret UE.