cloudfoxy.com

What It Is

CloudFoxy is an enterprise-grade digital signature and smart card access platform from Smart Arcs Ltd, positioned as a “web-service in a box.” It wraps secure chips, smart cards, or SSCDs as RESTful API/TCP services, allowing business systems to call high-security signing capabilities much like they would use a cloud service. It is mainly used for PDF, document, and file signing, as well as eIDAS-related scenarios.

Core Capabilities

In terms of protection focus, CloudFoxy is centered on key security and digital signatures rather than traditional firewall/EDR functions. The materials emphasize connectivity with high-security hardware processors and mention FIPS140-2 L3/4 and Common Criteria EAL5+ grade hardware, but they do not state that the platform itself has obtained these certifications. Deployment is a major highlight: a 1U server, Enterprise Module, 50/100 smart card options, and a modular design supporting up to 120 smart cards, all capable of running on-premises without depending on an external cloud. Integration is relatively open, with support for RESTful API, TCP/IP, FoxyRest, Java drivers, JSignPdf, CLI, APDUPlay, and transparent access for Windows/Linux smart card applications.

Pricing and Service

Pricing is not publicly listed on the official website, and all hardware options are quote-based. The site mentions usage under a fixed support fee, with a delivery timeline of around 1–4 weeks; eIDAS scenarios involving integration with a new trust service provider take around 1–6 weeks. A support email is provided, but there is no clear information on SLA, response times, maintenance scope, or payment methods.

Pros and Cons

The main advantage is that CloudFoxy can abstract complex smart card, signing chip, and cryptographic workflows into APIs, making it suitable for bulk signing, centralized card management, and building compliant signing infrastructure. It can also support a low-barrier “file in, signed file out” workflow via shared folders. The drawbacks are that it is more of a hardware and integration project than a ready-to-use SaaS e-signature product; details on the management interface, auditing, alerts, permissions, and key lifecycle management are limited; and there is no China-specific compliance information.

Who It’s For and Access from China

CloudFoxy is suitable for enterprises, CAs/trust service-related organizations, and development teams that need eIDAS, X.509, S/MIME, bulk PDF signing, or centralized smart card management. Its accessibility from China cannot be determined from the available materials. If it is intended for contract signing in China or for commercial cryptography compliance, users should evaluate local network access, payment, legal validity, and requirements around SM cryptography and MLPS, and compare it with Fadada, BestSign, Qiyuesuo, or local HSM/e-signature solutions.