Skip to main content

Latest on us in the news

Information on the annual replacement of the Time Stamp Authority certificate

During the replacement, a few seconds of outage may occur in our time-stamping service. The times stamps, created with the new TSA certificate, are valid until the end of 2029.

Regarding the replacement, our clients do not have to take any actions unless their own system is set to only approve the acceptance of the previous TSA certificate.


The new TSA certificate can be downloaded from here:



Microsec Introducing New PSD2-Specific Certificates
Microsec introduced its new PSD2-specific qualified website and electronic seal certificates this week at the 'eIDAS meets PSD2' workshop in France, being one of the first QTSPs in Europe to provide these certificates. In the last 7 months ETSI has been working on a new technical specification for the format and management of eIDAS compliant certitificates which support the requirements of the PSD2 Regulatory Technical Standard on SCA and CSC. At the event, organized jointly by ETSI and Open Banking Europe, the attending financial service providers and regulators could learn about the upcoming specification, and see live demonstrations of eIDAS certificate issuance and usage in the context of PSD2 access to account transactions. Kornél Réti - PKI expert, Microsec - who had taken part in the creation of the specification, presented the certificate issuance and management solutions.

Our service:

PassBy[ME] Mobile ID is integrated with Thales nShield HSM

Microsec PassBy[ME] Mobile ID integrated with Thales nShield HSM delivers a source of trust for all derived digital services. It enables customers and service providers to meet EU cross-border standards; generate and manage sensitive cryptographic keys in a certified, tamper-resistant hardware environment.

Read the full press release

Download case study

With a leadership role in the development and application of PKI, Microsec has signed a cooperation agreement with CrySyS Laboratory, an expert in IT security and cryptographic solutions

Microsec pioneering in developing electronic signature, identification technologies and encryption and CrySyS Data and System Security Laboratory (CrySyS Lab) based at the Network Systems and Services Department of the Budapest University of Technology and Economics, focusing on IT security and employed cryptography, expanded their collaboration at the end of 2017.

The two organizations have been active in recent years, thus Microsec has supported the research of internationally renowned lab work by financial materials and assets, and has also contributed to the participation of CrySyS Lab’s ethical hacker team, !SpamAndHex in competitions abroad.

With this agreement, Microsec aims to focus on PKI R&D activities, to strengthen university relationships and to provide first-hand information on practical issues related to research at the same time.

Furthermore in the future we are releasing publications with CrySys Lab acting partly as a PKI off-site research laboratory of Microsec.

CrySys Lab

Microsec audited to issue certificates based on ECC algorithm, first in Hungary

In Hungary, Microsec was the first to receive the rights for issuing certificates based on ECC (elliptical curve cryptography) algorithm after a strict, conformity assessment audit. The four-day review was carried out by the Essen-based German accreditation body, TÜViT.

The e-Szignó Certification Authority, ahead of the majority of industry players, was certified by the auditor in November 2017 and currently bears a technology that can become widespread in following 5 years.

“In case of the certificates used by our customers, the practical advantage of ECC algorithm -  in addition to the appropriate security features - is the shorter key length, which facilitates the storage of certificates and speeds up electronic administration”– says Dr. Sándor Szőke, deputy director of eIDAS Trust Services, Microsec.

Although the public key coding algorithm based on the elliptical curve (ECC) has been known since 1980, it is still novel in cryptographic applications, as currently RSA algorithms are the most common, that are based on different mathematical logic. To avoid ever-more frequent attacks against IT systems, it is advisable to use longer cryptographic keys to keep the security level from time to time. Moreover using longer RSA keys could influence the speed of electronic administration. From security level point of view, a 3072-bit RSA key corresponds to a 256-bit ECC key resulting significant differences between smart cards and embedded devices during storage and processing. Applying ECC keys enables multiple key usage in the key storage device memory, which also speeds up the operations with electronic certificates.

TÜViT certificates

Microsec is the first domestic service provider to be included on the list of eIDAS certified and qualified trust service providers.

Microsec, a Hungarian-owned company providing a comprehensive range of services based on electronic signature technology, is the largest Hungarian certification provider, and now the first Hungarian registered eIDAS qualified trust service provider. 

A substantial change was introduced in the field of electronic identification, electronic signatures and trust services on July 1 2016, when the eIDAS Regulation came into effect to provide a unified legal background within the EU. Its goal is to promote the spread of cross-border electronic transactions, by supporting the development of the digital single market. Its significance lies in the fact that these types of e-services have legal effects identical to paper-based methods, which can significantly reduce the need for a physical presence, and citizens will be able to manage their official, business, or private affairs with due legal consequences anywhere and at any time. 

„In line with the compliance requirements of the regulation, Microsec successfully obtained the German TÜVIT eIDAS accreditation before 31 December 2016, becoming the only organization in Hungary to comply with this requirement earlier than the originally announced deadline. As a result, Microsec was registered on December 21 2016 as an National Media and Infocommunications Authority (NMHH) qualified trust service provider, and has been the only domestic organization on this list since.

We are proud that Microsec is currently the only Hungarian qualified trust service provider with an eIDAS certification, said Gergely Vanczák, general manager of Microsec e-Szignó Certification Authority.

It is an important milestone in the life of our business that Microsec, an expert in the field of new generation PKI* technology, is capable of providing four different eIDAS qualified trust services: 

  •  issuing certificates for qualified electronic signature;
  • issuing certificates for qualified electronic seal;
  • issuing qualified electronic time stamps;
  • qualified preservation of electronic signatures, seals and certificates.

 Our eIDAS certified qualified preservation service, which can be used for the long-term authentic retention of electronically signed documents (such as PDF, e-files, ASiC) is unique, not only in Hungary, but in Europe as well,”  Gergely Vanczák stressed.

What do these services offer?

Using qualified and non-qualified (advanced) electronic signatures based on qualified certificates, private or public documents with full probative value can easily be created digitally. The signature created in this way is proof of integrity, authenticity of origin and non-repudiation, and it is equivalent to traditional signatures on paper.

Qualified stamp certificates can be issued to legal persons, enabling the parties concerned to create qualified stamps on behalf of an organisation (e.g. company, institution, association, etc.), ensuring integrity and non-repudiation for the signed documents, even those that require full probative value. 

The documents can be provided with a qualified time stamp, which is an evidence of full probative value issued by a trusted third party proving that a document existed at a specific time. 

Electronic signatures to be preserved for the long-term require regular maintenance, and their authenticity, as well as their compliance with current signature standards, needs to be continuously ensured, which can be achieved using a qualified preservation service. Its advantages include associated legal presumption and NMHH supervision, as well as guarantees of readability and confidentiality. 
NMHH web page
eIDAS regulation
TÜVIT accreditation

Microsec obtained eIDAS conformity assessment certificate by TÜVIT
First in Hungary, Microsec Ltd. qualified trust services such as e-Szignó Signature, Times-Stamp, Seal and Preservation fulfill all requirements defined in Regulation (EU) No. 910/2014 (eIDAS) according to the result of TÜVIT conformity assessment audit carried out in October, 2016.

TÜVIT web site


e-Szignó qualified signature
e-Szignó qualified time-stamp
e-Szignó qualified preservation
e-Szignó qualified seal

Microsec at ITBN CONF-EXPO 2016

Following the tradition of previous years, Microsec is participating at the ITBN CONF-EXPO between the 27th -28th September 2016, which is one of the largest IT Security events in Hungary.

The conference is organized around the topic of “cyber vigilance”. The biggest challenge today is the early recognition of the attacker entering into our systems. Lots of people believe that it is enough to have an antivirus software installed on the PC. But they are wrong. Our protection systems and critical infrastructures need to be monitored 24/7 continuously since hackers do not go on holidays. 

Stand P6, Microsec is showcasing a future-proof mobile ID: PassBy[ME] to demonstrate secure and seamless eIDAS compliant online authentication, transaction authorization, document signature and trusted messaging. The solution is ready to fulfill PSD2 (Revised Directive on Payment Services) objectives. 

Furthermore, András Barsi, Chief Strategy Director, will present the benefits of PassBy[ME] mobile ID solution at 12:30 on the 28th September in room G300. 

The participation is free of charge, but pre-registration is required. For more information, please click on the image.

PassBy[ME] the future-proof mobile ID with enhanced feature

Microsec, the expert in PKI software development and security solutions, has released a new version of PassBy[ME], empowered with new ergonomic feature. The new generation mobile ID solution was originally developed in 2013. Its prime function was to supply a next generation authentication and signed transaction authorization solution to the market providing maximum safety in verifying user ID to prevent fraud in the online environment. This impressive product was recognized by The Best Hungarian IT Security Innovation Award at the IT CONF-EXPO in 2013. 

PassBy[ME] is a user friendly and exceptionally secure mobile ID where Public Key Infrastructure (PKI) provides the highest level of security known today. “PassBy[ME] strengthens customer authentication, the weakest link in the chain of online transactions today” – said Microsec Chief Strategy Director András A. Barsi. Secure user authentication is also demanded by the quick spread of IoT, that helps controlling data stored in IoT. 

Due to its true niche function in the digital world, PassBy[ME] has been further extended with new business feature serving end to end online security and ergonomics to users. “From legal perspective, there is still a big gap between today’s online transaction authorization and original signed paper document process, since online transaction authorization is based on authentication without legal responsibility – concluded Barsi. Our PassBy[ME] solution solves this legal issue using eIDAS compliant signature protocols behind transaction authorization as well”

This smart device based technology provides 4 key feature nowadays: next generation user authentication, transaction authorization, and the lately added mobile signature function and trusted messaging service.

Mobile signature function enables instant signing regardless of location, providing extreme flexibility and speed in daily business. Trusted message service is a very secure and fast way of providing signed receipts of messages as proof of delivery.

“Available as a service or packed product for larger deployment, PassBy[ME] has a wide application area where level of security is key to fight against online fraud and data phishing or authentication failure” – added Tamás Paulik Senior Security Architect, PassBy[ME].   

Using it in the financial sector for online authentication, PassBy[ME] exploits the advantages of Bring Your Own Device (BYOD) scenario. One time passwords (OTPs) are thus eliminated so are the associated costs of text messages and the inconveniences of additional hardware tokens. 

For e-Government services like e-health, tax or citizen services true identity of a user is required, so the PKI based authentication solution provides an ease of convenience. Cloud service providers have a huge growth potential and PassBy[ME] is a secure solution to protect user login credentials in a simple way.

PassBy[ME] is a patented product.

Microsec at Trusted ID Summit 2016 in Poland

Microsec, the expert in PKI software development and security solutions, is co-organizing the TRUSTED ID SUMMIT together with IDENTT specialized in identity document verification methods. On the 22nd of September in Warsaw, the summit will reveal the current challenges of online user presence. Since eIDAS regulation came into effect on the 1st of July 2016, the need for discussing the new legal possibilities and business perspectives of online identity is even more timely within the innovative European space.

The conference is addressed to private and public organizations, that are either obliged to verify user identity in case of any online transactions or planning to implement it. Microsec experts András Barsi, Chief Strategy Director and Kornél Réti, Research Engineer will explain the eIDAS regulation in the context of identity verification via hands-on case studies. 

Cyberattacks are hitting the largest and thought to be the safest institutions and online identity theft is growing in a great extent. This forum is designed to provide up-to-date solutions to organizations and users in helping to increase security level and to meet the growing demand of digitalization. 

Microsec is showcasing best in class tool, PassBy[ME] mobile ID, to demonstrate secure and seamless eIDAS compliant online authentication, transaction authorization, document signature and trusted messaging. Furthermore, this solution is ready to fulfill certain PSD2 (Revised Directive on Payment Services) objectives.
Trusted ID Summit