What is an electronic signature?
An electronic signature is an electronic indication of a person’s intent to agree to the content of a document or a set of data to which the signature relates. Like its handwritten counterpart in the offline world, an electronic signature is a legal concept capturing the signatory's intent to be bound by the terms of the signed document.
Electronic signatures in the European Union
Electronic signatures were first recognised in European legislation through the Directive on a Community framework for electronic signature (eSignature Directive) adopted in 1999. Since 1 July 2016, electronic signatures in the EU are governed by the Electronic Identification and Trust Services (eIDAS) Regulation. eIDAS provides a predictable regulatory environment directly applicable to all EU Member States to enable secure and seamless electronic interactions between businesses, citizens and public authorities.
Three types of electronic signatures
The eIDAS Regulation defines three levels of electronic signature: 'simple' electronic signature, advanced electronic signature and qualified electronic signature. The requirements of each level build on the requirements of the level below it, such that a qualified electronic signature meets the most requirements and a 'simple' electronic signature the least.
'Simple' Electronic Signatures
An electronic signature is defined as "data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign" (eIDAS Article 3) . Thus, something as simple as writing your name under an e-mail might constitute an electronic signature.
Advanced Electronic Signatures (AdES)
An advanced electronic signature (eIDAS Article 3) is an electronic signature which is additionally:
- uniquely linked to and capable of identifying the signatory;
- created in a way that allows the signatory to retain control;
- linked to the document in a way that any subsequent change of the data is detectable.
The most commonly used technology able to provide these features is the use of a public-key infrastructure (PKI), which involves the use of certificates and cryptographic keys.
Qualified Electronic Signatures (QES)
A qualified electronic signature (eIDAS Article 3) is an advanced electronic signature which is additionally:
- created by a qualified signature creation device;
- and is based on a qualified certificate for electronic signatures.
Signature creation devices come in many forms to protect the electronic signature creation data of the signatory, such as smartcards, SIM cards, USB sticks. "Remote signature creation devices" can also be used where the device is not in the physical possession of the signatory, but managed by a provider. Those remote qualified signature solutions offer an improved user experience while maintaining the legal certainty offered by qualified electronic signatures.
Qualified certificates for electronic signatures are provided by (public and private) providers which have been granted a qualified status by a national competent authority as indicated in the national 'trusted lists' of the EU Member State. Those lists can be accessed through the Trusted List Browser. Many providers of qualified certificates will deliver the corresponding private key on a qualified signature creation device.
While different levels of electronic signatures may be appropriate in different contexts, only qualified electronic signatures are explicitly recognized to have the equivalent legal effect of hand-written signatures all over the EU.
When to use an electronic signature?
Electronic signatures can be used in a variety of situations. As their legal effects are equivalent to the ones of handwritten signatures, qualified electronic signatures can be used in any situation, even cross-border, where handwritten signatures are used, such as:
- Contracts (sales, employment, lease, insurance, etc.)
- Transactions (e-commerce, online banking, etc.)
- Administrative procedures (tax declarations, requests for birth certificates, etc.)
Electronic signatures and the CEF eSignature building block
Electronic signatures, often abbreviated as 'e-signatures', are supported by the eSignature building block of the European Commission's Connecting Europe Facility (CEF), "CEF eSignature" for short. Through the CEF eSignature building block, the European Commission supports the use of electronic signatures across European countries. This website is dedicated to the CEF eSignature building block, as well as the other building blocks of CEF.
Learn more about CEF eSignature.