What are the typical risks of a Certification Authority

The steady increase in online transactions and the use of digital certificates forces QTSPs to handle an ever-increasing volume of transactions to meet the demands of their customers. Such a scenario is naturally exposed to a drop in performance with slow response times or potential moments of downtime and blocking of services.

Continuous improvement and failover mechanisms enable a CA to recover quickly and effectively from such incidents, mitigating the risks associated with downtime or data breaches.

At Namirial, we have always improved our infrastructure to better respond to any difficulties, providing our customers with the highest level of security and reliability and ensuring business continuity. A choice that has rewarded us and prompted us to further raise the level of security and reliability offered.

Our Innovation

To protect our customers’ data and activities even more effectively and to be able to handle even the most critical events, we decided to equip ourselves with a second Qualified Certification Authority, thus doubling our level of security and reliability.

The second Certification Authority is fully equivalent to our current CA, whose traditional business continuity model, based on a primary and secondary data center, is replicated.

Both of our QTSPs are on the Trusted Service List maintained by the European Union, and each operates with two different data centers, a primary data center for day-to-day operations and a secondary data center to handle disaster recovery.

Specifically, the primary location of the current Namirial CA is in Milan, with the disaster recovery system installed in Senigallia. The new Namirial CA, on the other hand, has its primary location in Barcelona, while the disaster recovery system is in Naples.

Load-balancing architecture

The second CA is built on the PKI as a service (PKIaaS) model, an innovative service created by Uanataca S.A., a Namirial Group company that operates as a QTSP in Europe and Latin America. Through Uanataca, we help our clients to become a QTSP themselves by providing them with our infrastructure, cloud services, advice on business processes and legal and security procedures.

Through PKI as a Service, Uanataca provides PKI hosting, digital certificate issuance and management, centralized certificate custody, and remote electronic signature services to other QTSPs, including Namirial itself. When needed, the certificate issuance, digital signature and time stamp services offered by Uanataca will be made available from the WAF component, leaving the interface offered to customers unchanged and uniform. This is planned to ensure maximum continuity of services and enable our customers to cope with overloads, incidents and total or partial service interruptions, ensuring business continuity of critical business processes and required trust services.