Electronic signatures and eIDAS

The goal of the eIDAS regulation, which started in 2016, is to facilitate the flow of commerce in the EU through transparency, security, technical neutrality, cooperation, and interoperability. In pursuit of these values, eIDAS:

• Standardizes the use of electronic identification (eID)
• Defines a new class of “electronic trust services” (eTS)
• Clarifies and ensures the legal validity of electronic signatures
• Creates a European internal market within the EU for electronic trust services
  
  

Different levels of electronic signatures

The eIDAS regulation defines three types of electronic signatures: (Basic) Electronic Signature, Advanced Electronic Signature, and Qualified Electronic Signature. According to eIDAS, an electronic signature is defined as “data in electronic form which is attached to or logically associated with other data in electronic form and is used by the signatory to sign”.

Basic electronic signature

A basic electronic signature can be any kind of signature made in an electronic and digital environment, where the signatory has manifested their intent (e.g. by clicking a button or checking a box) to become bound by the contents of the document signed.

Advanced electronic signature

According to eIDAS, an advanced electronic signature shall meet the following requirements:

1. It is uniquely linked to the signatory;
2. It is capable of identifying the signatory;
3. It is created using electronic signature creation data that the signatory can, with a high level of confidence, use under their sole control; and
4. It is linked to the data signed therewith in such a way that any subsequent change in the data is detectable.

These elements of unique identity, sole control, and integrity of the signed document can be achieved through different means regardless of what technology is used. It should be noted that identification for signing purposes may or may not be “electronic” to reach the advanced electronic signature level. A recognized eID assures secure authentication of the signatory’s identity in the online environment.

Qualified electronic signature

According to eIDAS, “‘qualified electronic signature’ means an advanced electronic signature that is created by a qualified electronic signature creation device, and is based on a qualified certificate for electronic signatures.” The use of Qualified Electronic Signatures includes an extra layer of assurance and trust that results in a special legal effect that shall be recognized by courts in the EU.