PP for a Secure Signature Creation Device - Part 4: Extension for device with key generation and trusted communication with certificate generation application

SSCD / Smart card and similar devices

Certification Body

Bundesamt für Sicherheit in der Informationstechnik (BSI)



Point of Contact

  • CEN/ISSS, Rue de Stassart 36, 1050, Brussels, Belgium

Certification ID


PP Version


CC Version

3.1 Revision 4

CC Conformance Claim

CC part 2 extended
CC part 3 conformant
EAL 4 augmented by AVA_VAN.5
Conformance claims to this protection profile requires strict conformance

Certification status

Certified 12 December 2012




The Protection Profile is established by CEN/ISSS for use by the European Commission in accordance with the procedure laid down in Article 9 of the Directive 1999/93/ec of the European parliament and of the council of 13 December 1999 on a Community framework for electronic signatures, also referred to as the 'Directive' in the remainder of the PP, as generally recognised standard for electronic-signature products in the Official Journal of the European Communities.

The intent of the Protection Profile is to specify functional and assurance requirements defined in the Directive for a secure signature-creation device (SSCD) which is the target of evaluation (TOE). The Protection Profile describes core security requirements for a secure device that can generate a signing key (signature-creation data, SCD), operates to create electronic signatures with the generated key and export the verification key (signature-verification data, SVD) for certification through a trusted channel to the Certificate Generation Application (CGA).

Relation to other PPs

This Protection Profile is strictly conforming to the PP for a Secure Signature Creation Device - Part 2: Device with key generation.

The Protection Profile is an update of the Protection Profile V1.04 certified under BSI-PP-0005-2002 in order to comply to Common Criteria Version 3.1.