Certificate Service Provider (CSP) regulation

In accordance with the Ministerial Resolution No. (1) of 2008 regarding the issuance of Certification Service Provider Regulations and based on Cabinet Decision 8/291 of 2006 dated October 15, 2006, on the appointment of TDRA as the authority responsible for the licensing, approval, monitoring and overseeing of the activities of Certification Service Providers in the UAE, this Section was created to lead this effort.

CSP laws and regulations apply to Certification Service Providers operating in the UAE and to all who provide such electronic attestation services directly or indirectly to the public for commercial purposes with respect to electronic records, documents, and signatures that relate to electronic transactions and commerce.


Licensed Certificate Service Provider in the UAE


License Number

Licensing Date

Expiry Date



Digital Trust L.L.C


18 May 2017

18 May 2023



First Abu Dhabi Bank P.J.S.C.


03 June 2020

03 June 2025




Cross Certification Service Provider Notification



Notification Number

Licensing Date



DocuSign, Inc.

DocuSign eSignature


20 December 2016



Adobe Systems Software Ireland Ltd.

Adobe Sign


25 July 2019

Active (Pending Renewal)





10 November 2020

Active (Pending Renewal)


eMudhra DMCC



10 November 2020



Lleida Networks Serveis Telematics, S.A

Click & Sign


11 November 2020



Ascertia Limited



14 December 2020

Not Active



Trust Services

In September 2021, the UAE has issued a new Electronic Transactions and Trust Services law, promulgated by Federal Law by Decree No. 46 of 2021 (The Arabic version is currently available only). The new law repealed the previous Federal Law No. 1 of 2006 concerning e-commerce and e-transactions as of 2 January 2022.

Please be advised that the reconciliation period stated in article (50) of the law decree has been extended for an additional year, starting from 2 January 2023.

During this period, all Certificate Service Providers License and Cross Certification Service Providers Notification will remain valid until the expiration of their license.

All licensed providers are required to comply with the new Electronic Transactions and Trust Service law and its bylaw, if they wish to continue providing their services in the UAE.

New applications are currently on hold and will not be processed until the new application procedures are issued and enforced.


Certification Service Provider (CSP) Cross-Certification
Certification Service Provider (CSP) License Application
CPS Table of Contents Guidelines
Electronic Transactions and Trust Service Law - Arabic
Licensing eCommerce resolutions CSP Regulations
Model Signatory Contract Terms Guidelines

Electronic Attestation Certificates issued by a foreign Certification Service Provider are recognized as legally equivalent to Certificates issued by CSPs operating under this Act if the practices of the foreign CSP provide a level of reliability at least equivalent to that required of CSPs operating in the UAE, and in accordance with UAE laws and international standards

Licensed Certification Service Providers are obligated to provide services as per their certification practice statements and contract terms and conditions, and as per their quality of service requirements expected. Development of clear procedures for handling customer complaints has been mandated to licensed CSPs. Customers, therefore, should approach the CSP with their complaints and go through the procedures in place. In cases where all these channels have been exhausted without resulting in a satisfactory solution, customers may approach TDRA to investigate their complaints.

No you don’t, but if you have one you can attach it with your request as a support documents for your request 

The Act is primarily based on the UNCITRAL Model Law on Electronic Commerce and has been assessed to be a comprehensive statute on commercial and public uses of electronic communications establishing requisite security and validity levels attaching to various levels of authentication in line with various regulatory regimes in the world

The Act articulates and stipulates the duties of Certification Service Providers (CSPs) and their signatories and provides a broad framework for regulation and licensing of CSPs in the United Arab Emirates.

Provided that all the required information and documents are in order, the application should be processed within 3 months.

No, you are not required to have .ae domain to obtain an NOL

No, you are not required to have .ae domain to obtain an NOL

Yes it is one of requirement to providing NOL that applicant website ends with .ae, and if your website end with other than .ae you can have a .ae and link it with your original website

Yes, it is compulsory for a Certification Service Provider to be licensed in the United Arab Emirates, since the licensing regime that the UAE has adopted, is a mandatory regime.

The mission of TDRA is to support the ICT sector in the UAE, to safeguard competition, to provide fair access to the domestic infrastructure and to ensure the optimal use of natural resources through the implementation of International Best Practices in every area. TDRA also continues to work on enhancing the quality of services offered, raising public awareness, protecting the subscribers’ interests and facilitating the growth of e-commerce transactions, while encouraging investment, innovation, development and education

The objectives of the Act are as follows:

  • To protect the rights of persons doing business electronically and determine their obligations
  • To encourage and facilitate Electronic Transactions and Communications by means of reliable Electronic Records
  • To facilitate and eliminate barriers to Electronic Commerce and other Electronic Transactions resulting from uncertainties over writing and signature requirements, and to promote the development of the legal and business infrastructure necessary to implement secure Electronic Commerce
  • To facilitate the electronic filing of documents with governmental and non-governmental agencies and departments and to promote efficient delivery of the services from such agencies and departments by means of reliable Electronic Communications
  • Minimize the incidence of forged Electronic Communications, alteration of Communications and fraud in Electronic Commerce and other Electronic Transactions
  • Establish uniform rules, regulations and standards for the authentication and validity of Electronic Communications
  • Promote public confidence in the validity, integrity and reliability of Electronic Transactions, Communications and Records
  • Promote the growth of Electronic Commerce and other transactions on the national and international level through the use of Electronic Signatures

A CSP guilty of an offence under the Act or any of its regulatory instruments shall be liable on conviction to a fine, or to term imprisonment, or to both in accordance with the Act or any of the regulations issued by the Minister of Economy.

The entire licensing process involves 4 parts:

  • A CSP needs to obtain a CSP license application package either by downloading it from TDRA website at www.tra.ae, or in person at TDRA offices in Dubai and Abu Dhabi
  • A CSP needs then to submit the application and all required documents to  TDRA for review and processing along with a non-refundable application processing fee
  • TDRA will review the application
  • TDRA will then decide to Grant or Reject the License

The Act applies to Electronic Records, Documents and Signatures that relate to Electronic Transactions and Commerce, while giving legal recognition on the use of electronic records and signatures and their secure counterparts.

The Regulations apply to Certificate Service Providers operating in the UAE and to all who provide such electronic attestation services directly or indirectly to the public for commercial purposes with respect to Electronic Records, Documents and Signatures that relate to Electronic Transactions and Commerce.

The Telecommunications Regulatory Authority (TDRA) of the United Arab Emirates (UAE), has been passed its powers as a “Controller” under Cabinet Decision 8/291 of 2006 dated October 15, 2006, appointing TDRA as the Controller with responsibilities relating to the licensing, approval, monitoring and overseeing of the activities of Certification Service Providers (CSPs) according to Federal Law No. (1) Of 2006 on Electronic Commerce and Transactions (the “Act”).
A CSP is an accredited or authorized person or organization that issues Electronic Attestation Certificates or provides other services in this connection and in relation to Electronic Signatures regulated by this Act.

The license application fee payable is Five Thousand UAE Dirham (AED 5,000) made payable to TDRA in a form of a bank draft or transfer in respect of each submission. Upon passing of the licensing criteria, a non-refundable License Registration Fee is required for the amount of One Hundred Thousand UAE Dirham (AED100,000).

The term of the license is 5 years.

  1. Website
  2. Mobile App
  3. Social Media (SocialCommerce)
The Act was published in Muharam 1427 H/January 2006 in the Arabic language in the Official Gazette of the United Arab Emirates, Volume 442, year 36,.

Individuals, Businesses and establishments that practice online activity such as: e-Commerces, e-Businesses that provide products and services online.

Without CSPs there will be no trusted entity that issues digital certificates or keys to us. It will be difficult to verify the authenticity of digital signatures since there are no digital certificates to tell us how each user’s digital signature should look like.

Did you find the content useful ?

Give us your feedback so we can improve your experience

Last updated :

06/03/2023 11:55

Load Time:


Number of visitors: