Independent and highly prestigious auditors have verified that the processes and products used by ANF Certification Authority, have been designed and comply with the norms and standards of international recognition.
Regulation (EU) 910/2014 of the European Parliament and of the Council, of July 23rd, 2014, on electronic identification and trust services for electronic transactions in the internal market (eIDAS Regulation).
ANF Certification Authority has been accredited with the eIDAS certification of conformity to provide the following services as a Qualified Trust Service Provider:
Service of issuing qualified electronic certificates of electronic signature; Service of issuing qualified certificate for electronic seal; Service of issuing qualified electronic certificates for website authentication; Service of issuing qualified electronic time stamps; Qualified validation services for qualified electronic signatures and; Qualified validation services for qualified electronic seals. In compliance with Regulation (EU) 910/2014 and ETSI EN 319 401; ETSI EN 319 102-1; ETSI EN 319 411-1; ETSI EN 319 411-2; ETSI EN 319 421; ETSI EN 319 422
ANF Autoridad de Certificación is certified UNE-EN-ISO 27001: 2007, applied to the Provision of Electronic Signature Certification Services. Prepared by the International Organization for Standardization (ISO), ISO 27001: 2007 specifies the requirements to establish, implement, maintain and improve an Information Security Management System (ISMS).
This certification independently guarantees internal controls and compliance with management and continuity requirements, as well as laws and regulations on the processing of customer´s data.
ANF Certification Authority is certified UNE-EN-ISO 9001: 2008 for the Provision of Electronic Signature Certification Services.
Currently, ISO 9001: 2008 sets the standard for the management of more than 750,000 organizations in 161 countries. Prepared by the International Organization for Standardization (ISO), this standard specifies the requirements for the application of a Quality Management System (QMS) in public and private organizations.
The ISO 26000 (Social Responsibility Guide) established by the International Organization for Standardization, sets guidelines in the area of Social Responsibility, so that organizations make a correct orientation of their social responsability policies..
The ISO 26000 contains voluntary guides, not requirements, and thus is not used as a standard for certification such as ISO 9001 and ISO 27001. Universal Exports and the entire ANF Certification Authority is committed to the application of adequate social responsability policies, and assume the guidelines set forth by ISO 26000.
PCI DSS (Payment Card Industry Data Security Standard)
The communications and systems infrastructure of the PKI of ANF AC has been developed in compliance with the strict security standards of the PCI DSS (Payment Card Industry Data Security Standard) standards, established by the main debit and credit card companies that along with compliance with data protection legislation (LOPD) offers maximum security in the processing of personal and private data.
TACED Quality Report
The electronic signature instruments of ANF Certification Authority have been reviewed by the technical services of the CED. This report determines the adequacy of these instruments to the legal requirements and, therefore, the electronic signatures generated with them can be considered as legal evidence in arbitration proceedings.
QSP Qualified Service - Fujitsu
Fujitsu ANF Certification Authority is a QSP Qualified Service Partner, where is credited by Fujitsu compliance with quality standards as well as the technical capacity.