With effect from July 1, 2016, the existing European Union directive on electronic signatures, known as the eSignatures Directive 1999/93/EC, was replaced by the new European Union Regulation (EU) No. 910/2014 on electronic identification and trust services, often known as the eIDAS regulation. It ensures development in online transactions for individuals, organisations, and public administrations in two areas: electronic identification services and trust services, as well as advancement in online transactions for financial institutions.
The eIDAS law was enacted in order to allow seamless digital transactions between individuals and businesses across borders within the European Union’s member states. When it comes to online and digital transactions in the EU, the new legislation will go a long way toward building a climate of trust among citizens.
eIDAS, as well as the concept of an electronic signature
The eIDAS Regulation distinguishes between three forms of electronic signatures: simple electronic signatures, advanced electronic signatures, and qualified electronic signatures.
Simple electronic signature is everything you need (or just Electronic signature)
A simple electronic signature (also known as an electronic signature) is described by the European Institute of Data Security (eIDAS) as data in electronic form that is attached to or conceptually related with other electronic data and that serves as a way of authentication. Because this is a technology-neutral approach, any electronic form or technology that is generally accepted can be used. The final electronic signature should clearly indicate the intent of the signer, be created by the person who is associated with the signature, and be irreversibly linked to the document that the signer intended to sign in the first place.
eIDAS and legal admissibility of electronic signatures
Electronic signatures that are more advanced
A sort of electronic signature called an advanced electronic signature is one that is required to meet certain specified standards, such as those relating to signer identity, security, and document sanctity, before it may be used. The requirements given by eIDAS are as follows:
It has a one-of-a-kind connection to the signatory.
Is capable of identifying the person who signed the document.
Obtains its existence through the use of electronic signature generation data that the signatory can use under his personal control with a high degree of confidence.
Is linked to the data associated with it in such a way that any subsequent change in the data can be detected.
A qualified electronic signature is one that has been approved.
The Qualified Electronic Signatures (QES) are the last type of signature described by the eIDAS standard (QES). Advanced and Qualified Electronic Signatures are both tied to the signer by a unique identifier, while Qualified Electronic Signatures are based on Qualified Certificates, which are not. Certificates of Qualification (QC) can only be granted by a CA that has been accredited and monitored by authorities designated by EU member states and that complies with the standards of the eIDAS system. It is also required that qualified certificates are held in the possession of a qualified signature creation device such as a smart card, a USB token, or a cloud-based trust service, as we do not operate as a TSP (Trusted Service Provider).
eIDAS and the legal acceptability of electronic signatures are two terms that come to mind.
In accordance with Article 25 of the eIDAS legislation, eSignatures are once again considered legally admissible, as stated below:
Because it is in electronic form and does not meet the requirements for qualified electronic signatures, an electronic signature shall not be denied legal effect or admissibility as evidence in a legal proceeding solely on the basis that it is in electronic form or does not meet the requirements for qualified electronic signatures.
However, the Commission Decision of 16 October 2009 (2009/767/EC) specifies that in order to simplify procedures and allow cross-border use, “procedures by electronic means should rely on simple solutions, including in the case of the use of electronic signatures.”
It goes on to state in Article 1 that the Commission will take no action to prohibit member states from accepting any sort of electronic signature, whether it is a normal signature, an advanced signature, or an accredited signature. eIDAS regulation supports this and aims to streamline the market for digital transactions and e-commerce by utilising national eIDs and electronic signatures to create a more streamlined market.
eIDAS and Signeasy
Signeasy is an Advanced Electronic Signature provider because it uses verified email for every user, two-factor authentication with a passcode and biometric authentication, an audit trail, and document verification to detect manipulation. This applies to a considerable number of daily business transactions across a wide range of industry segments.