Help with our signature cards

Do you have questions about our signature cards? Then we will be pleased to assist you. The FAQs section may already have the answer to your question. Otherwise, feel free to call us from Monday to Friday, from 7am to 6pm at the following number: +49 (0) 30 – 2598-0.

FAQs – Frequent questions regarding our D-TRUST signature cards

We have compiled the answers to frequently asked questions here for you.

Card orders

As required by law, the person ordering a signature card must always be identified in person. This is the only way to ensure legal certainty. This means that the applicant must present an ID card or passport that is valid for at least another four weeks.

When submitting an application, you have the following options:

  • PostIdent method: You fill out your application documents and go to a post office to have your identity confirmed using the PostIdent method.
  • IHK (Chamber of Industry and Commerce): Over 60 chambers of industry and commerce  throughout Germany offer a signature service. They will guide you through the application procedure and you will be identified at the same time. An overview can be found here.
  • D-TRUST registration partner
  • D-TRUST on site in Berlin: You can contact us by sending an e-mail to: service [at]

The D-TRUST Card 3.0 uses the operating system StarCOS 4.3. The certification of this operating system will expire on 31 December 2021. More information can be found here.

This means that the production of the D-TRUST Card 3.0 will be discontinued as of 20 June 2019. The D-TRUST Card 3.1 (CardOS 5.0 operating system) with a validity of 2 years will then be issued.

If you are a D-TRUST customer and have already identified yourself, you can apply for a follow-up Card without having to register in person again. This simplified application method is open to you if:

  • your name has not changed in the meantime or
  • no more than 180 days have passed since your old signature card expired.

You can apply for a follow-up card here:

SMS/TAN method

If you have not yet applied for a signature card/certificate, you can provide your mobile phone number as part of your first-time application. We will store the number exclusively for this purpose so that it can be used for the SMS/TAN method.

If you already have a signature card, you can register your mobile phone number retroactively. To do this, you will need the registration secret that we already sent to you by post at your registered address. You can apply for your registration secret here.

By providing a mobile phone number for a new or existing signature card, we can offer you the following options:

  • Electronic activation
    Up to now, our process was designed so that you confirmed receipt of the signature card and PIN letter by signing the confirmation of receipt. You then had to send back the original confirmation of receipt to us.

This procedure is still possible, but if you have provided us with a mobile phone number you can also confirm receipt using a TAN. This speeds up the activation process significantly because neither the confirmation of receipt has to be returned nor the manual check carried out.     

  • Electronic blocking
    This means that you do not have to call our revocation hotline.
  • Online application for a follow-up card (instead of the order Password)
    In addition to requesting an order password in order to apply for a follow-up card online, we can offer you the SMS/TAN method. After requesting the order password, we will generate it and send it to you by post. The SMS/TAN method is a digital alternative where the postal procedure is no longer needed. This is a faster option for applying for a follow-up card.
  • Electronic complaint regarding a card/replacement card
    Up to now, any complaint regarding a signature card meant that you had to complete the application again and provide your data. This application and the card were then sent to us. With the SMS/TAN method, your application data is displayed to you so that you do not have to enter your data again. Replacement cards are applied for in the same way.

Card initialisation and installation

For security reasons, you can only activate your signature card by entering a correct PIN. We issue the PIN codes for the qualified certificate on the signature card as so-called transport PINs.

After you have received your signature card from D-TRUST, it is important that you fill out the confirmation of receipt enclosed and return this form to D-TRUST. Only then will your card be activated in the repository service so that you can generate valid signatures.

You can check whether your signature card was correctly installed by starting the 'D-TRUST Card Assistant' and inserting your card into the reader. If your certificates are displayed there, the installation was successful and you can use the many applications.

The following applications can be currently used:

  • Online application of certificates of origin at IHK
    FAQ list at:
    Support center of IHK-Gesellschaft für Informationsverarbeitung: Tel.: +49 (0) 231 97 46 422
    E-mail: gfidoscdigsig [at]
  • Online handling of public calls for tender/federal government's e-Vergabe platform
    Technical support from Procurement Agency of the Federal Ministry of the Interior: Tel.: +49 (0) 228 610 12 34
    E-mail: support [at]
  • Construction tendering platform, AVA-Online in Bavaria
    Technical support from Ventasoft GmbH: Tel.: + 49 (0) 30 / 44 33 11 0
    E-mail: info [at]
  • Construction tendering platform, AVA-Online in Berlin
    Technical support at Ventasoft GmbH: Tel.: + 49 (0) 30 / 44 33 11 0
    E-mail: info [at]
  • Tender platform, AVA-Online in Stuttgart
    Technical support at Ventasoft GmbH: Tel.: + 49 (0) 30 / 44 33 11 0
    E-mail: info [at]
  • Subreport tendering platform (ELViS Login)
    Technical support from Subreport: Tel.: +49 (0) 221 / 98 57 80
    E-mail: info [at]
  • ABC of tendering
    Technical support via a contact form on the website
  • Construction tendering platform of Deutsche Bahn AG
    Technical Support: E-mail: teb-admin [at]
  • Baden-Württemberg logistics center:
    A class-3 reader is required in order to use this platform!
    Technical support at LZBW: Tel.: +49 (0) 7156 / 95 08 95
    E-mail: kundenservice [at]
  • Bremen tendering platform
    Technical support: Tel.: +40 (0) 421 / 361 17 258
    E-mail: info [at]
  • NRW contract awarding marketplace
    Technical Support: Tel.: 0900 / 1 267 463 (€1.49 per minute in Germany)
    E-mail: vergabe [at]
  • Public and private construction calls for tender via bi-online
    Technical support: Tel.: +49 (0) 431 / 535 92 77
    E-mail: info [at]
  • Electronic mailbox for courts and administrations
    Technical Support: Tel.: 01805 / 34 87 43 (€0.14 for every sixty-second period started for calls in Germany)
    E-mail: support [at]
  • Emission trading
    Technical support for signature handling: Tel.: +40 (0) 421 / 204 95 59
    E-mail: support [at]
  • Online query for pension accounts
    Technical Support: E-mail: hilfe [at]
  • Legally effective registration of intellectual property rights at the German Patent and Trade Mark Office
    Technical Support: Tel.: +49 (0) 89 / 21 95 25 00
    E-mail: support.dpma-direkt [at]
  • Electronic waste notification system with Zedal
    Technical support: Tel.: +49 (0) 2361 / 91 30 150
  • Qualified electronic signature for files with Digiseal software, e.g. for the electronic invoice
    Technical support: Tel.: +49 (0) 30 / 75 65 97 80
    E-mail: mail [at]
  • Elektronisches Abfallnachweisverfahren mit eANVportal
    Technischer Support: Tel.: +49 (0)731 1551 115

Revocation of signature cards

If you lose your signature card, you should have it immediately revoked. Here.

In order to be able to use the SMS-TAN method, you first have to register here. For more information please go to our Signature Card FAQs section.

Pursuant to the eIDAS Regulation, a certification service provider must immediately revoke a qualified certificate if

  • this is demanded either by a signature key holder or their representative (third party authorised to revoke)
  • the certificate was issued on the basis of incorrect data
  • the certification service provider discontinues his activities and if such activities are not continued by another certification service provider
  • the certificate holder fails to fulfil their contractual obligation
  • other reasons for revocation were considered in appropriate agreements.

As soon as you no longer need your signature card, you can have it revoked or destroy it yourself using a punch in order to destroy the chip, for example. Please remember that you will need precisely this card and the pertinent keys and PINs to decrypt any data which was encrypted using this card. Therefore, if you still need the card to decrypt data, you should keep it in a safe and secure place.

General questions

In order to use the signature card, you will need a card reader and, depending on the application which you wish to use, additional software. Card readers can be purchased from ReinerSCT.

Applications, such as MS Outlook, Lotus Notes or the "electronic certificate of origin", can communicate directly with the reader and require Nexus Personal as additional Software.

In order to sign files electronically (e.g. in Word, Adobe), you will have to use verified and certified signature software. All the required components can also be ordered using our application form for a signature card.


You will need:

  • Internet access
  • Microsoft operating system environment: Windows ME, 2000, XP, Vista
  • 60MB free harddisk capacity
  • Pentium (or compatible) processor/300MHz or higher
  • 64MB RAM (128MB recommended)
  • To use secure e-mail: Microsoft Outlook (version 98 and higher), Outlook Express (version 5 and higher), Netscape Messenger (versions 4.7x and 7.0) or Mozilla 1.0 and higher.

Note: No guarantee is assumed and no support provided if the D-TRUST signature is used with terminal servers. Under Windows 2000, Windows XP or Vista, you may require administrator privileges to install the Software.


Unlike the standard signature card, the multi-sign card can be used to perform several signing processes by entering the PIN just once. In order to attach a signature or multiple signatures, you will need special signature software.

Here you will find a list of signature software from various manufacturers that you can use with your D-TRUST signature card.

You can have a pseudonym in your certificate. This will then appear in the certificate instead of your name. This is indicated by the attachment ":PN".

A fee is charged for each pseudonym which can be assigned just once. If the pseudonym selected already exists, we will have to reject or number your selected pseudonym. A desired pseudonym that, for instance, refers to the company name or describes the purpose of the signature card, can be entered in the application.

It makes sense to enter a pseudonym when using multi-sign cards for electronic invoice management. A pseudonym for single-signature cards only makes sense in certain cases. Many eGovernment applications cannot be used if the certificate contains a pseudonym.

Unfortunately, no. That's because this would mean that you are giving your colleagues an unconditional blank signature which they can use to make legally binding representations in your name. Such representations are always deemed to be given by the owner of the certificate, no matter who actually used the signature card. You should therefore store your personal signature card with the same care as you store your credit card!

If you already have a signature card and if you require additional software or hardware, you can order the products required directly from D-TRUST by e-mail (service [at] Please state your invoice and delivery address as well as your order number.

The generation of your signature card involves several processes: from checking that the application documents are complete right through to issuing the certificate. Therefore, you can expect delivery of your signature card two to three weeks after submitting your application.

If this is your first application for a signature card, you can query the processing status of your card online at D-TRUST GmbH. Go to the Status request and enter your individual application ID which is shown on the top right of the application form.

For security reasons, PIN letters are sent a few days after the signature card is sent. If you have ordered a reader and software, these components will also be sent to you independent of the signature card.

You will receive an e-mail from us in time stating that your signature card is due to expire. You can apply for a follow-up card one month before and up to one month after your signature card expires. The follow-up application process for this has been simplified and is carried out on the basis of the application documents which D-TRUST GmbH already has. You can find out more here about the follow-up application process.

Until their validity expires, qualified certificates that have been issued according to the Act on Digital Signature are also valid as qualified certificates for electronic signatures as contemplated in the EU regulation.

Background information: On 1 July 2016, new legislation was introduced for qualified signatures and certificates when the EU's new eIDAS regulation (Regulation on electronic identification and trust services for electronic transactions in the internal market) came into effect. This regulation supersedes the German Act on Digital Signature and the German Signature Ordinance. The latter two are to be replaced by the Trust Service Provider Act which is currently being drawn up. This Act is to adapt laws for administrative procedures, which currently refer to the German Act on Digital Signature and the Signature Ordinance, in order to avoid any legal loopholes.

Since 1 July 2016, D-TRUST GmbH has been a qualified trust service provider within the meaning of the EU regulation.

Due to a weak point found in Infineon chips and the resultant security measures and regulatory requirements, the so-called OCSP service of D-TRUST GmbH had to be changed on 23 June 2017. Furthermore, the certificate revocation lists (CRLs) for signature cards issued in line with the German Act on Digital Signature were discontinued on 26 September 2017.

According to their definition, revocation lists are negative lists. They only state certificates that have been revoked. They do not provide any information as to whether a certificate actually is valid or if it was ever issued by a certification authority. A reliable validity check should therefore always be made through the OCSP service (online certificate status protocol).

Since 23 June 2017, all OCSP requests regarding qualified certificates on D-TRUST signature cards have been answered by the eIDAS-compliant D-TRUST OCSP 1 3-1 2016 Signer. You can simply check the validity of your certificate using our OCSP request.

More detailed information can be found in the Solutions & Products section.

Order your signature cards

Would you like to order one of our products? Then you have come to the right place. Public authorities who already worked with us can still contact us through our public agency support.

Do you have questions regarding our products?

We have a comprehensive service portal that you can use to contact our support team in a quick and convenient manner. You will find there the support you need if you have technical problems along with information on the requirements for our solutions and possible applications as well as the respective documentation and price lists.