Index of documents supporting the Grant of Approval to Equifax Secure Limited's SecureMark Service.

  1. What the tScheme Approved Service Mark signifies.
  2. Approved Service - Service Description
  3. Approval Profiles used in the assessment:
    Base Approval Profile tSd0111 3.00
         
    Approval Profile for Registration Services tSd0042 3.02
         
    Approval Profile for a Certification Authority tSd0102 3.01
         
    Approval Profile for Certificate Dissemination tSd0105 3.01
         
    Approval Profile for Certificate Status Management tSd0106 3.01
         
    Approval Profile for Certificate Status Validation tSd0107 3.01
         
    Approval Profile for Identity Services tSd0108 2.00


What the tScheme Approved Service Mark signifies

When a trust service carries the tScheme Mark, you can be secure in the knowledge that:

For each service, tScheme approval is regularly reviewed and may be withdrawn.

This Grant of Approval does not affirm or endorse any claims of conformance to standards or adherence to guidelines not explicitly listed as forming part of the service assessment.

top


Approved Service - Service Description

The subject service of this Grant of Approval is the SecureMark Service from Equifax Secure Limited.

SecureMark certificates are for use by individuals and businesses within the community of the United Kingdom. The application and registration process for a SecureMark certificate to perform secure transactions with various organisations is carried out electronically and through a secure operational infrastructure.

SecureMark Certificates provide validation and verification of the individual and the business listed in the certificate using online authentication tools and other enhanced procedures. Supporting applications include the following functions and features, digitally signing and authenticating identities and other attributes for e-mail, web forms, web sites, and encrypting/decrypting information.

On receiving a SecureMark certificate, the subscriber can then carry out various functions such as access and registration for government services, signing tax and other reporting forms, and e-mail.

SecureMark certificates are stored in the subscribers’ browsers, the supported versions being restricted so that the security strengths of at least 128 bit encryption are protected from being compromised or undermined. The certificates are generated using the latest X.509 and S/MIME standards.

Equifax Secure Limited will only issue SecureMark certificates to individuals and businesses that undergo a registration process that provide substantial assurance that the applicant’s identity exists, that the applicant owns the identity, that the business exists and the applicant has been granted the right to obtain a certificate on behalf on the business.

Each individual and business accepts an Equifax Subscriber Agreement which binds each subscriber to a clearly defined set of Terms and Conditions under which the digital certificates may and may not be used. Each relying party also has an agreement in place that confirms the services expected.

More detail regarding the above including Equifax Secure Limited obligations and liability to Subscribers and Relying parties can be found in the Certificate Policy/Service Policy (PKI) Disclosure Statement and the Certificate Practice Statement, which can be located at

http://www.equifaxsecure.co.uk/policies/index.html.


top

The tScheme Code of Conduct

Participants in the electronic trust services industry strive:

top