Security

Certifications

Global Trust Services Provider Europe

Uanataca is an EIDAS PSC accredited by MINETUR, in compliance with the ETSI EN 319 401, ETSI EN 319 411-1, ETSI EN 319 411-2, ETSI EN 319 421 regulations for the provision of the following trusted services:

  • Service for issuing qualified electronic certificates of electronic signature

  • Service for issuing qualified electronic certificates of electronic seal

  • Service for issuing qualified electronic time stamps

Peru

Uanataca, through its partner Bit4id SAC, is a PSC accredited by Indecopi, for the provision of the following trusted services:

  • Root Certification Entity and Certification Entity subsequent level

  • Registration Entity

  • Service Provider Added (Time Stamping)

Guatemala

Uanataca, through its partner 5B, is a PSC accredited by the Registry of Certification Service Providers of the Ministry of Economy, for the provision of the following trusted services:

  • Root Certification Entity and Certification Entity subsequent level

  • Registration Entity

  • Service Provider Added (Time Stamping)

ISO management certifications

  • ISO 27001

    The provision of trust services of Uanataca is accredited by the independent entity CSQA under the UNE-ISO / IEC 27001: 2014 standard of information security, which specifies the requirements to establish, implement, maintain and improve a Management System of the Information Security (ISMS).

  • ISO 9001

    The provision of Uanataca's trust services is accredited by the independent CSQA entity under the UNI-EN-ISO 9001: 2015 quality standard, which specifies the requirements for the application of a Quality Management System (QMS) in public and public organisations.

Cryptographic security

All cryptographic devices used by Uanataca have the cryptographic security certifications

  • NIST FIPS140-2

    It is a computer security standard of the United States government for the accreditation of cryptographic modules. Its original title is Security Requirements for Cryptographic Modules.
    Uanataca's cryptographic devices have level 3, the highest in use outside critical environments in the military.

  • Common Criteria EAL4+

    The common criteria arise as a result of the harmonisation of the security criteria for computer products so that the result of the evaluation process could be accepted in multiple countries.
    The cryptographic devices of Uanataca have the EAL4 +, EAL5 and EAL6, the highest in use outside critical environments in the military.

Infrastructure security

The Uanataca data center has the following security features

  • Multilevel Access System

  • Only pre-authorised users can access the facilities

  • Identity validation by official identity document or passport

  • Perimeter alarm system

  • Security guards 24 hours a day, 7 days a week

  • Access control through biometric verification

  • Closed circuit video recording, with video analysis

All cryptographic devices used by Uanataca have the cryptographic security certifications

  • NIST FIPS140-2

    It is a computer security standard of the United States government for the accreditation of cryptographic modules. Its original title is Security Requirements for Cryptographic Modules.
    Uanataca cryptographic devices have level 3, the highest in use outside critical environments in the military.

  • Common Criteria EAL4+.

    The common criteria arise as a result of the harmonisation of the security criteria for computer products so that the result of the evaluation process could be accepted in multiple countries.
    The cryptographic devices of Uanataca have the EAL4 +, EAL5 and EAL6, the highest in use outside critical environments in the military.