Trust in the electronic value chain

Licences and certifications

Licensed as an e-money company

Buypass is licensed, through its subsidiary Buypass Payment AS, by The Ministry of Finance as an e-money company in accordance with The Financial Institutions Act. LOV-1988-06-10-40, Chap. 4C and 4B.

Registered as an issuer of qualified electronic ID.

Buypass is registered with Nasjonal kommunikasjonsmyndighet (Nkom) Authority as an issuer of qualified electronic ID, in accordance with the Act on E-signatures, and has been declared compliant with the Self-Declaration Act and the Requirement Specification for PKI in the public sector.



ETSI EN 319 411

ETSI EN 319 411

Buypass is assessed for conformity with the ETSI EN 319 411 standards for issuing digital certificates.

The standards cover all areas of the issuance and administration of digital certificates, including the registration process and identity verification, issuance of digital certificates and securing private keys, revocation service and certificate status services (CRL, OCSP) etc. During the assessment process, an accredited independent auditor confirms that the systems, processes and procedures of the Certificate Authority are compliant with the requirements defined by the standards.

Part 1: ETSI EN 319 411-1
Covers digital certificates in general, including SSL / TLS certificates. Suppliers of browsers and operating systems, such as Microsoft, Apple, Google, Mozilla and Oracle (Java) accept this assessment report as one of their requirements to include our root certificates.

Part 2: ETSI EN 319 411-2
Covers EU qualified certificates according to the eIDAS Regulation, this includes qualified certificates for electronic signatures (QC eSignature), qualified certificates for electronic seals (QC eSeal) and qualified certificates for website authentication (QWAC). The assessment meets the requirements of eIDAS Regulation. Buypass are assessed for conformity as a Qualified Trust Service Provider (QTSP) as the first Certificate Authority in Norway and one of the first in Europe. Such assessment is a prerequisite to be registered on the EU's trusted list as a QTSP.

The European Telecommunications Standards Institute (ETSI) develops global standards for information and communication technology and is officially recognized by the EU as a European standardization institution. The institute has 700 member companies in 62 countries.

ISO 27001: 2013

Buypass is certified according to ISO 27001 – Control- / Information Security Management. The standard takes a comprehensive approach to information security. ISO 27001 assures protection of information as follows:

Confidentiality ensures that information is accessible only to authorized parties.
Integrity ensures that the methods for managing information is accurate and complete.
Availability ensures that authorized users have access to information and associated assets when required.

ISO 27001 harmonizes with other management systems that makes it easy to combine these, such as ISO 9001.

ISO 9001:2008

Buypass is certified in accordance with ISO 9001:2008 - Quality management systems. The standard is the most widely used and internationally recognized standard for securing the quality of goods and services in supplier and customer relationships. The standard is process orientated, with emphasis on continuous improvements and customer satisfaction.


Buypass is approved in accordance with the credit card companies' data security standard - PCI DSS (Payment Card Industry Data Security Standard). This shows again that Buypass is a company at the leading edge of information security. 

PCI DSS is a comprehensive set of requirements prepared by Visa, Master Card and American Express to increase security in payment transactions and handling credit card information. All companies that process, store or transfer credit card data and/or transaction information from these companies are obliged to follow the PCI Data Security Standard.



Our site uses cookies. This gives us useful information about the use of our website. We use this information to improve functionality and user experience. By using our website you accept the use of cookies. Read more about cookies