The EPO Online Services which can/must be accessed using a smart card are:
Smart cards are credit card-sized plastic cards that contain a microprocessor and a small amount of memory.
The EPO decided very early on in the planning process for its online services that the certificates which would allow users to conduct secure transactions with us would be stored on smart cards. Unlike passwords, smart cards allow us to provide the more secure two-factor authentication, comprising something that is held (the card) and something that is known (the PIN.) Two-factor authentication means that PINs can be simpler and therefore easier to remember than with a password, since, without the card, the PIN is useless, and vice versa. Also, the simpler PINs are not susceptible to brute-force attacks because the smart card locks out after several unsuccessful attempts to enter the PIN.
In addition to being small and portable, smart cards afford a much higher level of secure storage for certificates than, say, if they are stored on a hard drive. They offer tamper-proof storage of the user's private keys and digital certificates, are highly resistant to unauthorised deletion or copying of the certificates and keys, and any attempt to tamper with them requires significant effort which would invariably result in physical damage to the cards themselves. Also, it is easier to spot the loss or theft of a card than of a certificate stored on a computer.
Yes, you can use it either with the EPO-supplied smart card reader, or with an internal smart card reader, supported by the Gemalto software.
Yes, you can use your EPO smart card as well, provided that you have installed the Gemalto software. You cannot, however, use your EPO smart card to access your company network.
Smart card packages are supplied free of charge.
Yes. Smart cards are now valid for five years, and they are issued to the individual; this means you can take yours with you if you change employer or use it for several companies at a time.
Yes. In 2013 the EPO opted for a new generation of smart cards. You are now issued a smart card as an individual rather than as an employee of a specific company. This allows you to use your smart card for several companies at a time and to take it with you when you change employer.
No, this is not possible. Each person has to enrol individually (there is a secret security question for each card holder).
No. We can only issue EPO smart cards to individual natural persons.
No. The EPO can only issue one smart card per person and legal entity.
You can enrol for an EPO smart card online.
Please refer to the information on smart cards in the Security section.
Some non-EPO smart cards can be registered online.
Once we are in receipt of the signed paper copy of your enrolment form, your request will be processed and your new card will be delivered via the DHL courier service. You will receive a confirmation e-mail quoting the DHL tracking number once your card has been dispatched.
If you do not receive your smart card within 21 days, please contact us.
If we do not receive the paper copy of your enrolment form within two months of your online enrolment request, your smart card request will be automatically rejected. If you still require a card you will have to start the enrolment procedure again.
No, only authorised persons (representatives, authorised legal practitioners and employers) are allowed to use their smart card to sign applications.
EPO smart cards are now valid for five years. The validity date is indicated on the smart card.
The expiry date of your smart card is printed on the card next to your name. You can renew your card online up to 60 days prior to the expiry date. Your new smart card will be sent to your current address via the DHL courier service. Thereafter, a new PIN code will be dispatched via standard post.
Please contact us for further assistance.
If the expiry date has already passed, please contact us.
No, each new smart card is allocated a new PIN code.
Smart card holder, or the company Administrator is obliged to request the revocation of a smart card. Please contact us.
If your smart card has already expired or if you have already asked EPO User Support to revoke it, you should cut the smart card across the metallic chip and dispose of it. You do not need to return it to the EPO.
1) First check that you have the right software for new generation smart cards.
You need to have Gemalto Classic Client 6.3 (password-protected) correctly installed for new generation smart cards to work as they should.
If you have already installed the software, start by uninstalling it (it may not have downloaded properly the first time).
Then reinstall both of the following (choosing 32-bit or 64-bit installation, as appropriate):
Please restart your computer after the installation.
2) Then check your smart card.
Ensure that your card is correctly inserted in the reader.
Open the Classic Client Toolbox (Start => Programs => Gemalto => Classic Client => Classic Client Toolbox)
Go to Card Contents and click Certificates
You should see three red certificates and one public key, as in this example:
Please enter the PIN and click Login, and an additional private key will appear. Click the button Register All (see above), and the following message will appear:
3) Check that your web browser is correctly configured.
If you are using Internet Explorer 7.0 or later versions, please go to Tools, open Internet Options and check the following.
(a) The Enable Protected Mode option should be unchecked.
Alternatively add www.epo.org/ and https://my2.epoline.org/portal/ to the Trusted Sites.
(b) Users of Microsoft Internet Explorer 7.0 and 8.0 will need to uncheck Enable Protected Mode and enable SSL 2.0 to allow secure access to online services.
Users of Microsoft Internet Explorer 9.0 and 10.0 will need to uncheck Enable Protected Mode and disable SSL 2.0, TLS 1.1 and TLS 1.2.
If you are using Mozilla Firefox, please follow the procedure described here.
You should now be able to activate your smart card on our website.
When an individual requests a smart card, a portal is created at the EPO end. This portal is created from the information that the individual provides in the “Company details” field on the registration form.
It is essential for all future smart card requesters from the same company to provide exactly the same information in the “Company details” field (same spelling of company name) in order to be automatically assigned to the correct portal and user list.
The company portal is the gateway to the Administration facility, from which the company administrator manages the Online Services portal community.
The company administrator is the user responsible for defining user access to Online Fee Payment, the Mailbox and My Files. The company administrator can assign administrator rights to other smart card holders within your company, or revoke them.
No, but if your company wants to have access to Online Fee Payment and the Mailbox service, you will need an administrator in order to be able to assign appropriate access rights.
If you have not received you PIN code, please contact us for assistance.
Please contact us.
Go to Start - Programs - Gemalto - Classic Client - Classic Client Toolbox - Card Administration - PIN Management - Change PIN - Next.
First make sure that your smart card is correctly inserted in the reader.
Then run the Gemalto Toolbox by clicking on Start - Programs - Gemalto - Classic Client - Classic Client Toolbox.
Click on "Certificates" under "Card Contents" and enter your PIN code to log in.
If your PIN code is wrong or blocked, an error message will appear.
You should contact us informing us of your smart card details and ask for your Admin PIN. You will be required to answer the security question which you initially provided when applying for a smart card.
Each smart card contains a personal electronic key, which is equivalent to a "live" signature in the paper world. Only authorised representatives, i.e. professional representatives before the EPO and authorised employees whose names are entered in the official list maintained by the EPO, are entitled to use a smart card to sign their submissions.
An alphabetical or text string signature is a string of alphabetical characters, preceded and followed by a forward slash [/], selected by an individual person to provide evidence of their identity and their intent to sign the document in question. The name of an authorised representative without the forward slashes cannot be used to replace such a signature.
A facsimile signature is a scanned image of a handwritten signature. The image file (in TIFF or JPEG format) is attached to the application.
Yes. You can draft applications in File Manager and send them. However, any documents filed online must be signed by a person authorised to act in the proceedings in question.
Yes. You can draft, sign and send filings. You can use all three modes of signing: digital (via smart card), alphabetical or facsimile.
You need a deposit account with the EPO, a smart card and smart card reader and an internet browser. Additionally, your company administrator must grant you access to the company portal.
No, you need a smart card to be able to do this.
First you should contact your company administrator and check if you have the rights to access the service, then you need to contact the EPO to check if your deposit account is correctly linked to your smart card.
Please contact us.
As company administrator, you can give yourself access rights to the service.
See the Administration FAQs
Your smart card will have to be replaced. Contact us for assistance.
Internet Explorer users
Your certificates are stored on your smart card and are automatically registered in the new Web browser on your new PC.
Gemalto Version 6.3
Start - Programs - Gemalto - Classic Client - Classic Client toolbox - Certificates. Then log in and click on the Register All
Mozilla Firefox users
If you want to set up Mozilla Firefox to recognise Gemalto so that it can read your smart card, you will have to manually register your certificates.
No. The certificates in your smart card are meant for use with the EPO's Online Filing and secure online services only.
We recommend that you use the readers we supply, as they have been tested and approved. However, you can also use any other reader that is recognised by the Gemalto software.
We cannot, however, offer support for readers not supplied by us.
If your reader is faulty or if you did not receive one with your smart card, you can request one from us.
No, but you have to install the complete Gemalto software (smart card reader driver and the appropriate Classic Client) on your computer.
Gemalto Classic Client 6.3
Look at the icon in the Windows system tray on the right-hand side of the task bar.
indicates that your smart card reader is functioning correctly, but that it does not contain a card.
or indicates that your smart card is recognized by the reader/software.
Try changing the connecting lead to another USB port. If that does not work, try it on a different computer. If your reader works on another machine, you should consult your computer dealer/IT department. If not, please contact us.
If the green light on your smart card reader is flashing, that means your smart card reader is switched on.
If the light is not flashing, plug the connecting lead into any functioning USB port on your computer.
The green light should go from blinking to steady when you insert your card. If it does not, check that the end of the card with the chip element is inserted face-up in the direction of the arrow, and that the Gemalto software is installed.
In Gemalto 6.3 go to Start - Programs - Gemalto - Classic Client - Classic Client Toolbox - Certificates. You will see the window below, with the reader icons shown.
This means that Gemalto Classic Client 6.3 is unable to access the smart card driver and that you may need to install it.
You will find the link to Gemalto Classic Client version 6.3 and the requisite driver in the cover letter accompanying your smart card, or you can request it from us.
The current version of Gemalto is Classic Client 6.3.
You will find the link to Gemalto Classic Client version 6.3 and the requisite driver in the cover letter accompanying your smart card, or you can contact us.
Gemalto Classic Client version 6.3 must be installed on every PC where a smart card reader is used.
Version 6.3 of Gemalto Classic Client is now available. Please contact us for the link and the password.
For instructions on please see our installation guide.
If you use Microsoft Internet Explorer 7.0 or 8.0 you will need to
If you use Mozilla Firefox you should read our guide to the setting-up procedure:
No. At the beginning of 2013 the EPO opted for a new generation of smart cards. You are now issued a smart card as an individual rather than as an employee of a specific company. This allows you to use your smart card for several companies at a time and to take it with you when you change employer.
However, you will still need to contact the EPO to have the necessary changes made concerning your:
Please contact us.
Please contact us.
You cannot remove them. Please contact us.
The smart card holder or the company administrator must contact the EPO in order to request the necessary changes (name of new company, deposit account).
Please contact us.
Please contact us.