Digital Certificate Service from Exostar UK Ltd

Digital Certificate Service
from Exostar UK Ltd

Grant of Approval

tScheme Limited grants approval to the electronic trust service identified as:
Digital Certificate Service

as supplied by:
Exostar UK Ltd
of The Broadgate Tower Third Floor, 20 Primrose Street, London, EC2A 2RS.

The management system used to deliver this service is certified by:
LRQA Lloyd's Register Quality Assurance Ltd.
of Trinity Park, 1 Bickenhill Lane, Birmingham B37 7ES

to satisfy the criteria defined in the following tScheme Approval Profiles:

Qualified Certificates (QCs):
This Service Provider has demonstrated compliance with the provisions laid down in Directive 1999/93/EC, including with the requirements of Annex I (requirements for QCs), Annex II (requirements for Service Providers issuing QCs) and those of Annex III (requirements for compliant Secure Signature Creation Devices - SSCDs).

This approval initially commenced on:
30th June 2016

Documents supporting this grant are available by clicking on the links in the table above.

This Grant of approval is issued by:
tScheme Limited
Mulberry Grove
PO Box 3653
RG40 9NN
United Kingdom

Company Number 4000985

Approved Service Description

This Public Service Description relates to Exostar UK Ltd’s service known as DCS – Digital Certificate Service.

DCS is a source of Qualified Certificates issued in accordance with and conformant to European legislation1. The Exostar DCS Certificate Authority (DCS CA) is subordinate to Exostar’s USA-based Root CA, which is cross-certified with the US Federal Bridge CA and the SAFE-BioPharma Association Bridge CA. The DCS CA issues certificates that can be used for both Identification/Authentication and Digital Signature purposes. In addition to Qualified Certificate identifiers (e.g. id-QCP-Public, and id-QCP-Public+SSCD), the digital certificates also exhibit a US Federal Policy identifier, which maps to the SAFE-BioPharma Association Bridge CA at the Medium Software or Medium Hardware level of assurance.

The combination of these attributes makes the certificates useful to subscribers in the pharmaceutical, life sciences, and healthcare industries worldwide. In particular, the certificates satisfy the requirements imposed upon those subscribers who are required to digitally sign documents intended for submission to regulatory agencies such as the European Medicines Agency and the US Food and Drug with EU Qualified Certificates or certificates mapped to industry or US Government bridge CAs.

Relying parties can be assured that subscribers of DCS have been properly authenticated and vetted before receiving digital certificates from the service. Requisite identity proofing is conducted in accordance with the policies of the US Federal PKI policy authority, the US Federal Identity, Credential, and Access Management policies, the policies of the SAFE-BioPharma Association and tScheme Ltd., and European Directive 1999/93/EC1 for the appropriate assurance level of the certificates issued (e.g. id-QCP-Public / Medium Software, or id-QCP-Public+SSCD / Medium Hardware). The assurance level of certificates issued to subscribers can be ascertained from various extensions including the QCStatements extension and Certificate Policies extension. All Personally Identifiable Information is securely handled in accordance with both US and UK law.

The provision of DCS, and related client services functions, is hosted and operated by Exostar LLC at its operations centers in Virginia, USA. DCS provides full life-cycle certificate support.

For additional information, please see the Exostar DCS Service Policy Disclosure Statement, and the Exostar FIS and DCS Certificate Policy generally, publicly available at http://www.myexostar.com/Federated-Identity-Service/Policy_and_Compliance/.

1 Meeting the requirements defined in Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures.


Why tScheme approval?

It’s the mark which says your service meets the highest standards of trust.


Getting tScheme approval

Approval usually takes at least three months, but it can be quicker.


Using the tScheme mark

The tScheme mark lets users know that your service offers the highest levels of trust.