Azure Managed HSM and Azure Key Vault Premium HSM devices have achieved eIDAS compliance, certified as Qualified Signature Creation Devices (QSCD). This milestone ensures secure digital signatures and trust services across the EU, enhancing Azure’s compliance with stringent regulations like FIPS 140-3 Level 3 and PCI DSS. Unique :

Azure Managed HSM and Key Vault Premium Now eIDAS Certified
Microsoft just announced a major compliance win for Azure Managed HSM and Azure Key Vault Premium. Both services have earned eIDAS certification under the Austrian Scheme (A-SIT). This means they now meet the strict European Union standards for electronic identification and trust services.
What’s New with Azure HSM Devices?
Microsoft collaborated with Marvell to validate the Marvell LiquidSecurity HSM adapters powering these services. The hardware security modules (HSMs) used in Azure Managed HSM and Azure Key Vault Premium are now officially recognized as Qualified Signature Creation Devices (QSCDs). This certification is huge for anyone relying on digital signatures within the EU.
“The HSM for both Azure Managed HSM and Azure Key Vault Premium has received eIDAS certification as a Qualified Signature Creation Device (QSCD).”
Why eIDAS Compliance Matters
eIDAS stands for electronic IDentification, Authentication, and trust Services for Electronic Transactions. It’s a regulation designed to ensure secure and legally binding electronic transactions across EU member states. Achieving eIDAS compliance means Azure customers can confidently use these HSM devices for sensitive operations like time stamping, certificate issuance, and electronic signatures.
In essence, qualified electronic signatures created with these devices carry the same legal weight as handwritten signatures in the EU. This is a game-changer for Trust Service Providers and businesses needing to meet stringent regulatory requirements.
What is a Qualified Signature Creation Device (QSCD)?
A QSCD is specialized hardware that securely generates and protects digital signatures. It complies with EU Regulation No. 910/2014, ensuring signatures are trustworthy and tamper-proof. Azure’s HSMs meeting this standard means they provide the highest level of assurance for digital signing processes.
Other Compliance Highlights
Besides eIDAS, Azure Managed HSM and Azure Key Vault Premium also meet other top security standards like FIPS 140-3 Level 3, PCI DSS, and PCI 3DS. This broad compliance portfolio makes these services highly reliable for enterprises with strict security and regulatory needs.
“Azure Managed HSM and Azure Key Vault Premium provide the highest levels of assurance and compliance, now meeting FIPS 140-3 Level 3, PCI DSS, PCI 3DS, and eIDAS compliance.”
What This Means for You
If you’re using Azure for cryptographic key management or digital signatures within the EU, this update is crucial. It ensures your solutions can legally and securely operate under the eIDAS framework. Plus, the added certifications boost confidence in Azure’s security posture worldwide.
In short, Microsoft’s latest certification push strengthens Azure’s position as a trusted platform for secure digital identities and transactions.
From the New blog articles in Microsoft Community Hub