Security is the cornerstone of the EPO's online services. Services used with a smart card have some or all of the following security features:
These security features are implemented using the Secure Socket Layer (SSL) protocol and smart cards (security tokens) adopting Public Key Infrastructure (PKI) technology.
These online services are provided with a VeriSign Global Server Certificate, so a minimum level of 128-bit SSL encryption is automatically ensured for both US and international versions of Firefox and Internet Explorer.
For information on cryptovision software, please see further information on Installation and activation.
The European Patent Organisation provides authorised users of its Online Services with smart cards for use with digital signatures.
Smart cards are highly secure devices that encrypt signatures. To add your digital signature, all you have to do is insert your smart card into the reader and type your PIN when prompted (you will need to have installed the smart card software first before you can do this).
Online Services smart cards are created by a certification agency. They contain:
Before you insert your card, make sure that your smart card reader is switched on and working properly. The light on the side of the reader should be blinking. Once you have inserted your card, the light will stop blinking.
When a user with a smart card leaves your company/organisation, you must do the following:
Inform EPO Customer Services either using the contact form, by phone or via e-mail to firstname.lastname@example.org. Customer Services will then ensure that the user's smart card is no longer linked to your company.
Meanwhile your company administrator must remove the rights to all online services via the Administration page on EPO website so that the relevant smart card can no longer be used to make payments, for instance, from your company's deposit account. More information on how to do this can be found in our FAQs.
Attention: these actions must be performed even if you have already sent a request for withdrawal of representation in respect of the relevant user (via MyFiles).
If the user is registered for the Online Filing 2.0 service, your company administrator should remove his or her user account via Managing access rights, as explained in the User guide (section 17).
|Public access||Smart card access||Password access|