Smart card and security

Security is the cornerstone of the EPO's online services

Security is the cornerstone of the EPO's online services. Services used with a smart card have some or all of the following security features:

  • Confidentiality - ensuring that only the intended party is able to read the information.
  • Authentication - ensuring the identity of the communicating party.
  • Data integrity - ensuring that the information has not been modified.
  • Non-repudiation - ensuring that a party cannot deny involvement in a transaction.

These security features are implemented using the Secure Socket Layer (SSL) protocol and smart cards (security tokens) adopting Public Key Infrastructure (PKI) technology.

These online services are provided with a VeriSign Global Server Certificate, so a minimum level of 128-bit SSL encryption is automatically ensured for both US and international versions of Firefox and Internet Explorer.

For information on cryptovision software, please see further information on Installation and activation.

Smart Cards

The European Patent Organisation provides authorised users of its Online Services with smart cards for use with digital signatures.

Smart cards are highly secure devices that encrypt signatures. To add your digital signature, all you have to do is insert your smart card into the reader and type your PIN when prompted (you will need to have installed the smart card software first before you can do this).

Online Services smart cards are created by a certification agency. They contain:

  • the user's private key
  • the user's public key
  • a certificate confirming that this public key has been allocated to the user

Inserting your smart card

Before you insert your card, make sure that your smart card reader is switched on and working properly. The light on the side of the reader should be blinking. Once you have inserted your card, the light will stop blinking.

Smart card actions

Applying for a smart card

How to apply for a smart card

  • Complete the online request form.
  • Upon receipt of your online request form, the EPO will process your request and forward it to the smart card supplier.
  • You will receive your inactivated smart card within 20 days
  • The personal identification number (PIN) of your smart card will be sent to you separately. The PIN, together with instructions for activating your smart card, should be received by regular mail within the next three working days.

Departure of a smart card holder

Did you know that whenever any of your employees owning a smart card leaves your company a few actions need to be taken?

When a user with a smart card leaves your company/organisation, you must do the following:

  1. Inform EPO Customer Services either using the contact form, by phone or via e-mail to Customer Services will then ensure that the user's smart card is no longer linked to your company.

  2. Meanwhile your company administrator must remove the rights to all online services via the Administration page on EPO website so that the relevant smart card can no longer be used to make payments, for instance, from your company's deposit account. More information on how to do this can be found in our FAQs.

  3. Attention: these actions must be performed even if you have already sent a request for withdrawal of representation in respect of the relevant user (via MyFiles).

  4. If the user is registered for the Online Filing 2.0 service, your company administrator should remove his or her user account via Managing access rights, as explained in the User guide (section 17).

Legal Documents

Public accessSmart card accessPassword access

Quick Navigation