1. Help Center
  2. Electronic certificate

How does Swisscom keep the private keys to the signature certificates?

Overall, Swisscom keeps and manages the keys to the signature certificates in trust for remote signatures.

In the case of a personal signature, the signature certificates are only generated for the signature and lose their validity after approx. 10 minutes. Company certificates for electronic seals are valid for up to 3 years.

According to the law, the private key must be stored on a (qualified) signature creation device. The memory for this is a device mainly designed for key storage, the so-called Hardware Security Module (HSM). It is subject to strict regulation and auditing regarding security standards and access to this device. Signatures in the EU and Switzerland are subject to exceptionally high-security standards, only available from a few HSM manufacturers worldwide.