Three types of electronic signature

Types of electronic signature

Differences between a simple, advanced and qualified electronic signature

The e-signature can be divided into three different types:
  • the simple electronic signature (SES).
  • the advanced electronic signature (AES).
  • and the qualified electronic signature (QES).
The basis for this in the European Union (EU) is the eIDAS Regulation (Electronic Identification And Trust Services). This regulates electronic identification and trust services for electronic transactions in the European Community. It defines the legal framework and sets out the requirements for the individual forms.

The term “electronic signature” is defined by eIDAS as follows:
„Electronic signature means data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign.“​

Simple electronic signature

The simple electronic signature (EES) must contain no possibility of identification or show a change in the document. This is simply data that is attached in electronic form to other electronic data. This is used for signing purposes.

This form of signature is very simple and quick to perform but less verifiable than the other two forms – AES and QES – as the SES cannot be clearly assigned to a person.

A classic case of a simple electronic signature is the textual name at the end of an e-mail, a scanned signature, or a click on an “I agree” checkbox.

For some documents, a simple electronic signature may be sufficient, depending on the content:
  • General terms and conditions
  • Client information
  • Documentations
  • Internal protocols

Advanced electronic signature

For almost all agreements in the free private sector, the advanced electronic signature (AES) is the best choice because it is verifiable as well as simple, quick and easy to execute. The data collected allows for a subsequent identity check of the signatory to be performed.

According to the eIDAS Regulation, an electronic declaration of intent must meet the following requirements in order to comply with the character of an AES:
  • The electronic signature is uniquely linked to the signatory;
  • it is capable of identifying the signatory;
  • it is created using electronic signature creation data that the signatory can, with a high level of confidence, use under his sole control; and
  • it is linked to the data signed therewith in such a way that any subsequent change in the data is detectable.
The e-signature solution inSign generates an advanced electronic signature by default. All the aforementioned requirements are met. In addition to the signature image, biometric data such as writing speed, writing direction or writing pauses are recorded. This can be used to prove that the signature actually comes from the person who signed it. The PDF document is electronically sealed after signature to exclude subsequent changes. (You can find more information on the issue of verifiability here.)

The following documents are typical use cases for AES:
  • Privacy statements
  • Permanent employment contracts
  • Insurance applications
  • Disclaimers
  • Powers of attorney
  • SEPA mandates
  • Non-disclosure agreements
  • Offers

Qualified electronic signature

With the qualified electronic signature (QES), the identity of the person must be verified before signing. In the case of online contracts, this can be done by video identification, for example. Afterwards, a certified trust centre issues an electronic certificate which bears the name of the signatory. This allows the person signing to subsequently trigger qualified signatures (once or multiple times, depending on the certificate type).

With a signature creation device this concerns a configured piece of software or hardware that is used to create a signature (Art. 3 No. 22 Regulation (EU) No. 910/2014).

The qualified form thereof must fulfil additional conditions with regard to security and the possibility of identification. It must be provided by a qualified trust service provider (Art. 3 23 in conjunction with Annex II Regulation (EU) No. 910/2014).

An essential feature of a qualified certificate is that the identity of the signatory is immediately recognisable when the document is opened, if the software used is able to retrieve the data from the signature servers. This is ensured by extensive requirements for a qualified certificate (Annex I Regulation (EU) No 910/2014).

The process of identification can be carried out according to the currently valid standards, for example, by means of the Post-Ident procedure or the Video-Ident procedure. Other forms are being considered but have not yet been released for use. Both procedures mean additional work for the signatory, some of which is considerable in its scope. Therefore, the acceptance for this procedure will essentially depend on the significance of the performance of the qualified electronic signature for the signatory.

The most important requirements according to eIDAS for a QES can be summarised as follows:
  • All requirements for an AES are also met.
  • The QES is provided by a certified trust service provider.
  • The identity of the signatory was validated before the signature.
  • The signature key must be located in a qualified electronic signature creation device (QSCD).
The legislator requires the so-called written form for some documents. This can only be fulfilled by a handwritten signature on paper or a qualified electronic signature.

Examples of documents for which a qualified electronic signature is required:
  • Fixed-term employment contracts
  • Guarantees
  • Life insurance for third party life
Although the QES is virtually equivalent to a handwritten signature on paper, there are documents for which the legislator prescribes a paper copy, such as contracts to be notarised or the termination of an employment relationship.
OUR CONCLUSION
Before purchasing a software solution, we recommend that you check which documents and processes you want to handle digitally in the future. You should also know the three forms of e-signature with their advantages and disadvantages. It is also important to know which number of transactions are to be incurred for the respective signature type.

We find the AES for daily work to be useful, as it is verifiable and practical. The advanced electronic signature is the standard used within the Software solution inSign. The qualified electronic signature (QES) is also possible with inSign. We use seamless interfaces to our cooperation partners for this purpose.

Further information on the legal certainty of inSign can be found here. You are also most welcome to establish contact with us. We will get back to you as soon as possible.