SIGNIUS – Digital Seals for Secure Payment Files

The challenge in payment processing

Banks today face significant challenges in payment operations. Regulatory frameworks such as eIDAS, ISO 20022 and SEPA demand rigorous protection of payment files. At the same time, transaction volumes are steadily increasing, which expands the attack surface for cybercrime. Payment files contain highly sensitive transaction data and must be safeguarded against tampering and forgery at all costs.

Corporate and retail clients alike expect speed and efficiency, but most importantly they expect security, authenticity and traceability. Banks therefore require solutions that ensure each payment file is genuine, unaltered and legally compliant.

The SIGNIUS solution – Digital seals for payment files

SIGNIUS provides banks with a comprehensive solution to secure payment files in a legally valid and tamper-proof way. At the core of our approach are qualified electronic seals in line with eIDAS, which guarantee both authenticity and integrity of every payment file.

Our technology supports all relevant standards – including SEPA credit transfers (pain.001), SEPA direct debits (pain.008) and ISO 20022 messages – and integrates seamlessly into existing IT and payment infrastructures.

Importantly, the SIGNIUS Sealing Server also fully supports the XAdES detached format, which is widely used in the banking sector and essential for corporate customers. This ensures that banks and their clients can process and verify payment files in a globally recognized and compliant format.

Deployment models for maximum flexibility

Fully on-premise

For banks with strict requirements for data sovereignty and in-house operations, SIGNIUS delivers a complete on-premise solution. This package includes:

• a HSM/QSCD (Hardware Security Module / Qualified Signature Creation Device),
• the required qualified seal certificate,
• and the dedicated SIGNIUS Sealing software.

This ensures banks maintain full control over keys, data flows and processes at all times.

Operating your own QSCD under CEN/TS 419221-6

In line with CEN/TS 419221-6, organizations are permitted to operate their own Qualified Seal Creation Device (QSCD) together with their own Qualified Seal Certificate (QSealCertificate), even if they are not acting as a Qualified Trust Service Provider (QTSP).

This is possible provided that the device is certified according to EN 419221-5 and that the organization follows documented practices ensuring secure operation, proper administration, and compliance with the evaluated configuration. This standard provides banks and corporates with a clear legal and technical basis to maintain full control over their sealing infrastructure while enabling them to use qualified electronic seals under eIDAS without additional audits or administrative burden.

Remote sealing for smaller volumes

For institutions with smaller sealing volumes, we offer a remote sealing model. In this setup, a lightweight client application is installed at the bank. The client transmits only document hashes to SIGNIUS for sealing. No document ever leaves the bank in clear text. This approach preserves data confidentiality while leveraging the benefits of centrally managed sealing services.

Easy integration – the SIGNIUS Sealing Server

At the heart of our solution is the SIGNIUS Sealing Server.

• It offers both a straightforward REST API and a network drive interface for file exchange.
• Deployment is fast and simple: in most cases, the system is up and running within a single day.
• By supporting XAdES detached, we guarantee seamless interoperability with corporate customers and established banking standards.
• In addition, the SIGNIUS Sealing Server can of course also validate digital signatures and seals, allowing both the creation and verification of qualified electronic seals to be carried out within a single system.

Key benefits for banks

• Maximum security: Every payment file is digitally sealed, making unauthorized modifications immediately detectable and preventing fraud or manipulation.
• Regulatory compliance: By using qualified seals under eIDAS, banks automatically meet the strictest regulatory requirements, including BaFin guidelines and international standards, while simplifying audits.
• Efficiency through automation: Sealing and verification processes are fully automated, significantly reducing manual effort and operational costs.
• Data sovereignty and flexibility: Whether fully on-premise or through remote sealing, banks can choose the deployment model that best fits their security strategy and business requirements.
• Standards compatibility: With full support for SEPA, ISO 20022 and XAdES detached, SIGNIUS ensures smooth interoperability with corporate customers and global payment ecosystems.
• Seamless integration: Thanks to its REST API and network drive interface, the solution can be embedded into existing infrastructures with minimal effort, making implementation both reliable and future-proof.

Why SIGNIUS?

SIGNIUS is a European solution provider specializing in eIDAS-compliant software and hardware systems. Through close collaboration with accredited Trust Service Providers (TSP/QTSP), we meet the highest standards of security and compliance. Our solutions are flexible, scalable, and can be tailored to the specific needs of individual banks or large banking groups.

By combining regulatory compliance with practical, easy-to-integrate technology, SIGNIUS turns digital seals into a genuine competitive advantage for banks.

Next steps

With SIGNIUS, you secure your payment files against manipulation, ensure regulatory compliance, and strengthen client trust. Whether through a full on-premise deployment or via remote sealing, we deliver the solution that fits your needs – with full support for XAdES detached.

We would be delighted to provide you with a live demonstration of our solution and show you how the SIGNIUS Sealing Server can secure your payment workflows in just one day.

Download the brochure

Contact us