A portable electronic security module including an electronic data storage device, a secret private customer key and a public customer key stored in the electronic data storage device as a first digital key pair, a signature module configured to generate a digital customer signature from object data to be signed using the secret private customer key, a secret private key of a security provider and a public key of the security provider stored in the electronic data storage device as a second digital key pair, and a certification module, installed in the signature module, and configured to generate a digital signature certificate from the digital customer signature using the secret private key of the security provider.