eIDAS and eSignatures

In 2014, the EU passed the eIDAS resolution, to provide a stable platform for secure, yet simple transactions on the European stage. Part of eIDAS sets out definitions for three different types of electronic signature. In the resolution text, these are referred to as electronic signatures, advanced electronic signatures, and qualified electronic signatures.

STU-530

The basic electronic signature is about the data collected. When you digitally sign a document this way, it collects data about yourself and your computer, IP address, for example, and can later be used to confirm that you signed the document when and where it is claimed.

An advanced electronic signature is a little more complicated in that there are four key areas it must comply with. It must be capable of identifying the signatory, whether that is something as advanced as facial or fingerprint recognition, or as simple as a unique user ID. It must be linked solely with the signatory, like a password or PIN number. It must be created using data that the signatory can reasonably claim is under their sole control, your signature, for example. Finally, the digital signature must be linked to the signed data in such a way to make changes to the data detectable. Good examples of advanced digital signatures are those offered by online digital signature services.

The third and final definition is the qualified electronic signature, which must cover all of the same points as an advanced electronic signature, but must also be produced on an electronic signature creation device which has been qualified by an electronic Trust Service.

An electronic Trust Service, or eTS for short, is a licensed body which issues security certificates for use with electronic signature services, providing both an additional layer of security to an electronic signature, and a reputation boost for esignature service companies.

So how does this apply to the esignature solutions we offer here at Steadlands? The esignature solutions offered by both companies produces an advanced electronic signature – produced on specific esignature hardware, individual to both the date and time of signing, as well as the signer, and using data unique to the signer, namely, their signature.

ePad Vision

A number of Wacom’s software solutions, and ePadLink’s PDF signing solution do include the option for certification – it is even possible to create your own security certificate, and this does add an additional layer of security, but in the eyes of the EU, this is not enough to turn the signature into a qualified esignature. For this, the certificate used would have to be issued by one of the companies which has registered with the EU as an electronic Trust Service.

Advanced digital signatures, despite not being backed up by a third party, are still legally binding, accurate, and cost effective, with our esignature solutions capable of wiping off up to half the cost of dealing with a paper document.

Please contact us for more information about any of our esignature solutions.