The EU Regulation No. 910/2014/EC on electronic identification and trust services (eIDAS Regulation) came into force on July 1, 2016. It ensures standardization of the electronic signature in order to achieve cross-border acceptance throughout the EU. The regulation serves to create a "Digital Single Market" within the European Union. The goal is secure digital electronic transactions. The eIDAS Regulation defines three types of electronic signatures with the following requirements:
Standard electronic signatures
An electronic signature is "any data in electronic form, which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign." These minimum requirements show that this simple type of electronic signature does not say anything about its protection against manipulation and its evidential capability in the event of a dispute. It therefore depends very much on the respective implementation of the solution whether and how this type of signature can represent an evidential capability.
Advanced electronic signatures
These must meet all the requirements of Article 26 of the eIDAS Regulation.
In addition to the requirements for advanced electronic signatures, a qualified electronic signature must be created by a qualified electronic signature creation device and be based on a qualified certificate for electronic signatures. A "qualified electronic signature certificate" is an electronic signature certificate issued by a qualified trust service provider (also called a trust center) that meets the requirements of Annex I of the eIDAS Directive.
The eIDAS Regulation is a major step towards supporting the cross-border acceptance of electronic signatures. However, there are (still) differences between member states resulting from national laws. StepOver offers a wide range of products that ensure compliance with electronic signatures under the eIDAS Regulation.
Our team will be happy to advise you on all your questions about electronic signatures, eIDAS and your individual requirements.
Standard electronic signatures
An electronic signature is "any data in electronic form, which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign." These minimum requirements show that this simple type of electronic signature does not say anything about its protection against manipulation and its evidential capability in the event of a dispute. It therefore depends very much on the respective implementation of the solution whether and how this type of signature can represent an evidential capability.
Advanced electronic signatures
These must meet all the requirements of Article 26 of the eIDAS Regulation.
- it is uniquely linked to the signatory;
- it is capable of identifying the signatory;
- it is created using electronic signature creation data that the signatory can, with a high level of confidence, use under his sole control;
- it is linked to the data signed therewith in such a way that any subsequent change in the data is detectable.
In addition to the requirements for advanced electronic signatures, a qualified electronic signature must be created by a qualified electronic signature creation device and be based on a qualified certificate for electronic signatures. A "qualified electronic signature certificate" is an electronic signature certificate issued by a qualified trust service provider (also called a trust center) that meets the requirements of Annex I of the eIDAS Directive.
The eIDAS Regulation is a major step towards supporting the cross-border acceptance of electronic signatures. However, there are (still) differences between member states resulting from national laws. StepOver offers a wide range of products that ensure compliance with electronic signatures under the eIDAS Regulation.
Our team will be happy to advise you on all your questions about electronic signatures, eIDAS and your individual requirements.
