A QTSP is an entity that has been granted the status of 'qualified' by CRA after meeting stringent security and compliance requirements. QTSPs are allowed to provide qualified trust services such as issuing qualified electronic signatures/seals and issuing qualified certificates.
Any entity that can meet the requirements set out by the regulation and relevant technical specifications and standards.
A customer can file a complaint to the CRA when they believe that a (Q)TSP's conduct or service is in breach of the obligations under the regulations, or when they believe they have suffered harm as a result of the (Q)TSP's actions or negligence.
The Trusted List is a register of all (qualified) trust service providers that are supervised by CRA. It includes information about the qualified status of these QTSP and the type of services they provide.
The licensing process usually begins with the preparation of all necessary documentation and systems in line with the regulatory requirements. Please refer to licensing process guidelines.
The licensing process involves submitting an application to CRA, demonstrating compliance with security and operational standards, undergoing an audit by a conformity assessment body, and obtaining approval from the CRA.
Qualified trust services meet the stringent requirements defined by the regulation, while trust services do not. Qualified services provide a higher level of security and legal certainty.
A timestamp is a sequence of characters that records when a transaction or digital event took place. In the context of trust services, timestamps are crucial in establishing the exact time when an electronic signature was applied or a document was sealed, proving the integrity of electronic data.
A remote signature is a type of digital signature where the signing keys are securely managed in a centralized server rather than on an end-user's device. The user can sign documents or transactions remotely over the internet.
A QSCD, or Qualified Signature/Seal Creation Device, is a highly secure device used to create electronic signatures or seals. They are so called when they comply with the strict security requirements laid out in the regulation and relevant technical specifications and standards.
A qualified electronic certificate is a certificate that is issued by a QTSP and meets the requirements specified under the regulation. It assures the identity of the signer and the accuracy of the signature.
A qualified electronic signature is a type of electronic signature that is created by a qualified electronic signature creation device and is based on a qualified electronic signature certificate issued by a QTSP. It carries the same legal effect as a handwritten signature. Similarly, a qualified electronic seal verifies the origin and integrity of a document.
A customer complaint to CRA usually refers to a formal expression of dissatisfaction submitted by a customer of a (Qualified) Trust Service Provider directly to the CRA that oversees these providers. It might concern the (Q)TSP's services, practices, or compliance with regulatory requirements. Customers should try to resolve the issue with the (Q)TSP first.
If a QTSP ceases to provide their services, they must follow a termination plan approved by the CRA. This ensures continuity of service and protection for the users. The QTSP’s status will be updated in the Trusted List.
The CRA will usually review the complaint, conduct an investigation, and take any necessary actions based on the outcome of the investigation. They may contact the customer for further information during this process and will typically communicate the outcome to the customer.
The entity must meet strict technical, procedural, and management requirements as outlined in the regulation, technical specifications, and standards. Both TSPs and QTSPs must submit a licensing application to CRA with the supporting documents and obtain a license before they can provide (Qualified) trust services in Qatar.
You can check the Trusted List, published by CRA and available on the CRA's website. This list includes all providers who have been granted 'qualified' status.
Customers can submit their complaints, by filling the Consumer complaints form.
Yes, per the regulation, qualified trust service providers must use QSCDs for generating qualified electronic signatures/seals and for managing the associated signature/seal creation data.
Yes, many remote signing solutions are considered QSCDs, provided they meet the stringent security requirements specified in the regulation and standards and are certified by notified conformity assessment bodies.
Yes, remote signatures can have the same legal standing as regular electronic signatures, and, if implemented correctly and in adherence to the regulation, as handwritten signatures.
