The De-Mail Act provides for an accreditation of all future De-Mail service providers. This is a kind of approval issued by the competent public authority, the BSI, if there is documented proof that a set of defined requirements have been met.

The De-Mail-Akkreditierung-Prozessübersicht provides up-to-date information on which parties must be involved and which process must be performed.

The latest version of the Verfahrensbeschreibung zur Akkreditierung von De-Mail-Dienstanbietern can be viewed here.

If an IT security service provider has not yet been certified for De-Mail, you can apply to the BSI for the attestations that are required for an accreditation.

Functionality & interoperability attestations

The functionality and interoperability attestations are issued within the BSI as part of a certification according to Technical Guidelines. Please use this application form:

• Antrag auf Zertifizierung nach Technischen Richtlinien

IT security attestation

The IT security attestation is issued within the BSI either as part of a certification according to Technical Guidelines (BSI K-TR-01201, Part 6.2) or as part of a certification according to IT-Grundschutz based on ISO 27001. Please use the appropriate application form:

• Antrag auf Zertifizierung nach Technischen Richtlinien
• Antrag auf Erteilung eines ISO 27001-Zertifikats auf der Basis von IT-Grundschutz

Accreditation as a De-Mail service provider

When all the attestations required according to the De-Mail Act are on hand, an application for (re-)accreditation as a De-Mail service provider can be made to the BSI.

• Antrag auf Akkreditierung als De-Mail-Diensteanbieter gemäß De-Mail-Gesetz

A list of accredited De-Mail service providers is available at Accredited De-Mail service providers.