Differences between a simple, advanced and qualified electronic signature
- the simple electronic signature (SES).
- the advanced electronic signature (AES).
- and the qualified electronic signature (QES).
The term “electronic signature” is defined by eIDAS as follows:
Simple electronic signatureThe simple electronic signature (EES) must contain no possibility of identification or show a change in the document. This is simply data that is attached in electronic form to other electronic data. This is used for signing purposes.
This form of signature is very simple and quick to perform but less verifiable than the other two forms – AES and QES – as the SES cannot be clearly assigned to a person.
A classic case of a simple electronic signature is the textual name at the end of an e-mail, a scanned signature, or a click on an “I agree” checkbox.
For some documents, a simple electronic signature may be sufficient, depending on the content:
- General terms and conditions
- Client information
- Internal protocols
Advanced electronic signatureFor almost all agreements in the free private sector, the advanced electronic signature (AES) is the best choice because it is verifiable as well as simple, quick and easy to execute. The data collected allows for a subsequent identity check of the signatory to be performed.
According to the eIDAS Regulation, an electronic declaration of intent must meet the following requirements in order to comply with the character of an AES:
- The electronic signature is uniquely linked to the signatory;
- it is capable of identifying the signatory;
- it is created using electronic signature creation data that the signatory can, with a high level of confidence, use under his sole control; and
- it is linked to the data signed therewith in such a way that any subsequent change in the data is detectable.
The following documents are typical use cases for AES:
- Privacy statements
- Permanent employment contracts
- Insurance applications
- Powers of attorney
- SEPA mandates
- Non-disclosure agreements
Qualified electronic signatureWith the qualified electronic signature (QES), the identity of the person must be verified before signing. In the case of online contracts, this can be done by video identification, for example. Afterwards, a certified trust centre issues an electronic certificate which bears the name of the signatory. This allows the person signing to subsequently trigger qualified signatures (once or multiple times, depending on the certificate type).
With a signature creation device this concerns a configured piece of software or hardware that is used to create a signature (Art. 3 No. 22 Regulation (EU) No. 910/2014).
The qualified form thereof must fulfil additional conditions with regard to security and the possibility of identification. It must be provided by a qualified trust service provider (Art. 3 23 in conjunction with Annex II Regulation (EU) No. 910/2014).
An essential feature of a qualified certificate is that the identity of the signatory is immediately recognisable when the document is opened, if the software used is able to retrieve the data from the signature servers. This is ensured by extensive requirements for a qualified certificate (Annex I Regulation (EU) No 910/2014).
The process of identification can be carried out according to the currently valid standards, for example, by means of the Post-Ident procedure or the Video-Ident procedure. Other forms are being considered but have not yet been released for use. Both procedures mean additional work for the signatory, some of which is considerable in its scope. Therefore, the acceptance for this procedure will essentially depend on the significance of the performance of the qualified electronic signature for the signatory.
The most important requirements according to eIDAS for a QES can be summarised as follows:
- All requirements for an AES are also met.
- The QES is provided by a certified trust service provider.
- The identity of the signatory was validated before the signature.
- The signature key must be located in a qualified electronic signature creation device (QSCD).
Examples of documents for which a qualified electronic signature is required:
- Fixed-term employment contracts
- Life insurance for third party life
We find the AES for daily work to be useful, as it is verifiable and practical. The advanced electronic signature is the standard used within the Software solution inSign. The qualified electronic signature (QES) is also possible with inSign. We use seamless interfaces to our cooperation partners for this purpose.
Further information on the legal certainty of inSign can be found here. You are also most welcome to establish contact with us. We will get back to you as soon as possible.