Index of documents supporting the Grant of Approval to BT Global Banking and Financial Markets’ Radianz Messaging Service.

  1. What the tScheme Approved Service Mark signifies.
  2. Approved Service - Service Description
  3. Approval Profiles used in the assessment:
    Base Approval Profile tSd0111 3.00
    Approval Profile for Registration Services tSd0042 3.02
    Approval Profile for a Certification Authority tSd0102 3.01
    Approval Profile for Signing Key Pair Management tSd0103 3.02
    Approval Profile for Certificate Generation tSd0104 3.01
    Approval Profile for Certificate Dissemination tSd0105 3.01
    Approval Profile for Certificate Status Management tSd0106 3.01
    Approval Profile for Certificate Status Validation tSd0107 3.01

Back to Grant details

What the tScheme Approved Service Mark signifies

When a trust service carries the tScheme Mark, you can be secure in the knowledge that:

For each service, tScheme approval is regularly reviewed and may be withdrawn.

This Grant of Approval does not affirm or endorse any claims of conformance to standards or adherence to guidelines not explicitly listed as forming part of the service assessment.


Approved Service - Service Description

The subject service of this Grant of Approval is the Radianz Messaging Service from BT Global Banking and Financial Markets.

BT owns and operates a fully managed secure messaging infrastructure through which services are delivered to customers in the Financial Services Community.

The security of the infrastructure and services is based upon an underlying PKI, for which BT operates as the Certificate Authority (CA) providing two types of Certificates, Qualified Signing Certificates conforming to the requirements of [EC Directive 1999/93/EC on a Community framework for electronic signatures] and Encryption Certificates. The PKI architecture includes an online Certificate Issuing CA and an off-line Root CA, both of which are in scope of the tScheme certification.

The PKI services include:

The PKI Service is utilised as part of the Secure Network Solution which is delivered to community members. The RA and CA Certificate Subscription and Issuance models are defined within the Registration Guide.

A Certificate Policy and a Certification Practice Statement are produced which govern how the PKI services are managed. These are published at

The Qualified Certificates are used for:

The Encryption Certificates are used for:

The PKI delivers electronic trust services to its member Community. The end-entities within that Community are represented by Gateways (computer-based applications) fitted with hardware cryptographic devices to facilitate the security-enforcing features of the PKI.

BT management systems also use Certificates issued by the CA.

BT has a dedicated support team which provides 24x7 cover for the infrastructure and the services provided across that infrastructure, including the electronic trust services. The support operation is accessible through a single point of contact.

(Issue 1.9, Feb 2016)


The tScheme Code of Conduct

Participants in the electronic trust services industry strive: