PSD2: Digital certificates for strong authentication and encryption
Every business planning to become a Third Party Provider (TPP) or Payment Service Provider (PSP) according to the new PSD2 Payment Services Directive (EU dIRECTIVE 2015/2366) is required to use digital certificates created specifically for PSD2 to safeguard information security.
Buypass is a eIDAS Qualified Trust Service Provider (TSP). We issues qualified certificates as specified in the "PSD2 Regulatory Technical Standards (RTS) for strong customer authentication and common and secure open standards of communication". The RTS requires use of Qualified Certificate for Electronic Seal (QC eSeal) and Qualified Website Authentication Certificate (QWAC) issued according to the ETSI TS 119 495 standard.
Order Qualified eIDAS certificates for PSD2
QC eSeal for PSD2
€ 1650,- ex. VAT. Valid 2 yrs
QC eSEAL for PSD2 environment for signing messages on behalf of the business. Satisfies eIDAS-requirements.
Delivered as soft token, with no need for HSM/Smart Card.
* New issuing CA - G2. Order now, issued from May 3. 2021.
SSL QWAC for PSD2
€ 2 050,- ex. VAT. Valid 2 yr**
Qualified Website Authentication Certificate. SSL/TLS certificates regulated by eIDAS.
*New issuing CA - G2. Order now, issued from May 3. 2021.
Test Certificates - PSD2 QC eSeal + QWAC
€ 650,- ex. VAT. Valid 2 yr
Bundle of test certificate for Qualified Certificate for eSeal and Qualified Website Authentication Certificate.
*New issuing CA - G2 from April 14. 2021.
**SSL QWAC for PSD2 issued from new CA, and changed from 1 to 2 years lifetime from May 3rd 2021
All PSD2 certificates ordered from April 23rd 2021 will be issued from our new CA (CA G2), and are valid for 2 years. We will start issuing these certificates from May 3rd 2021. If you have any questions, please contact Buypass Customer Service.
Ordering and issuing process
- Select the type of certificate you want to order, and fill out the application (PDF).
For test certificates, there is one common form for QC eSeal and QWAC. For ordinary certificates, there is one form per certificate.
- Signed form must be returned by e-mail to Buypass; firstname.lastname@example.org.
Remember to include CSR for certificates that require this. Read more about how to generate CSR.
Buypass must validate the information provided against public registers and your National Competent Authority (NCA) before we can issue the certificate.
To carry out necessary and required validations and checks, exptected time for issuans are 5-10 business days.
Countries we issue to
We are ready to issues PSD2 certifiates to the following countries in Europe. If you operate from a country not listed, please send us a request. We work continuously to include new countries.
Approved Qualified Trusted Service Provider (QTSP)
Buypass is located in Norway. We are approved as an Qualified Trusted Service Provider (QTSP) that issues QC eSeal and QWAC under the EU Trusted List.
Buypass is an active participant in Open Banking Europe (OBE) PSD2 QTSP Engagement Group, and listed as the only Nordic supplier of PSD2 certificates. The OBE group focus on realization and implementation of the requirements of the Regulatory Technical Standards (RTS) when using QC eSeal and QWAC. Participants from OBE and suppliers of qualified trust services, like Buypass are represented in this group.
We also have a close cooperation with other providers and stakeholders in this value chain (e.g. local Financial Supervisory Authority).
Other PSD2 and eIDAS resources
Nordic supplier of PSD2 certificates
Open Banking Europe list Buypass as the only supplier of PSD2 certificates located in the Nordic region. We are now in a position to contribute important security features to the FinTech services of the future. Read more