Signature Levels according to eIDAS
Understand the three levels of electronic signatures and choose the right level for your documents
The European eIDAS regulation defines three levels of electronic signatures, each with different security levels, technical requirements, and legal value.
Signature Level Comparison
| Aspect | SES | AES | QES |
|---|---|---|---|
| Security Level | Basic | Medium | Highest |
| Identity Verification | None required | Required | Face-to-face or video |
| Legal Equivalence | Limited | Strong (with proof) | Equivalent to handwritten |
| Burden of Proof | On signatory | On signatory | On disputing party |
| Cross-border Recognition | Limited | Limited | Full EU recognition |
| Price Range | €0.50 - €1.50 | €1.50 - €4.00 | €4.00 - €10.00+ |
SES - Simple Electronic Signature
Basic level for everyday use
An SES is the simplest form of electronic signature. This can be a scanned signature, a typed name, or even checking a checkbox with 'I accept'.
Technical Requirements
- No specific technical requirements
- Can be as simple as a checkbox or typed name
- Scanned signature allowed
- No identity verification needed
Suitable for
- Internal approvals and agreements
- Quotes and price offers
- Newsletter subscriptions
- Accepting terms and conditions
- Low-risk agreements
Limitations
- Can be legally dismissed simply because it is electronic
- No guarantee of integrity or authenticity
- Limited evidentiary value in disputes
AES - Advanced Electronic Signature
Cryptographically secured for business use
An AES uses cryptographic technology (PKI) to uniquely link the signature to the signatory and make any changes to the document detectable.
Technical Requirements
- PKI (Public Key Infrastructure)
- Uniquely linked to the signatory
- Signatory has exclusive control over signing data
- Any modification after signing is detectable
- Identification of the signatory is possible
Suitable for
- Employment contracts
- Commercial contracts
- Bank documents
- Lease agreements
- Purchase orders
Limitations
- In case of dispute, the signatory must prove all criteria were met
- No automatic EU-wide recognition
- Requires technical implementation
QES - Qualified Electronic Signature
Highest level - legally equivalent to handwritten
A QES is the highest level of electronic signature and has the same legal value as a handwritten signature in all EU member states according to the eIDAS regulation.
Technical Requirements
- Qualified certificate from a QTSP (Qualified Trust Service Provider)
- QSCD (Qualified Signature Creation Device)
- Face-to-face or video identity verification
- Hardware meeting FIPS 140-2 Level 3+ standard
- HSM-protected key generation (ETSI EN 319 401)
- ISO 27001 certified data centers
Suitable for
- Notarial deeds
- Real estate transactions and mortgages
- Government contracts and permits
- Medical consent forms
- Loan agreements
- International contracts within the EU
Benefits
- Legally equivalent to handwritten signature
- Burden of proof lies with the disputing party
- Automatic recognition in all EU member states
- Highest level of legal certainty
Recommended Level by Industry
Discover which signature level best suits your industry and documents
HR & Personnel
Real Estate
Finance & Banking
Healthcare
Government
SMB
Qualified Trust Service Providers in the Netherlands
QTSPs are certified providers that can issue qualified electronic signatures
In the Netherlands, the Digital Infrastructure Inspectorate (RDI) supervises qualified trust service providers. Below you will find a selection of Dutch QTSPs.
Cleverbase
Digital services for secure signing, login, and archiving
DigiCert / QuoVadis
International provider with QTSP status in the Netherlands and Belgium
Aangetekend BV
Dutch QTSP for registered mail and digital signing
EU Trusted List
View the official list of all Dutch QTSPs on the EU Trusted List
View EU Trusted List NetherlandsSupervisory Authority
Digital Infrastructure Inspectorate (RDI)
The RDI is the competent supervisory authority for electronic trust services in the Netherlands
What Docsy validates
Discover which technical validations Docsy performs and what's needed to reach a higher level
Current level: Enhanced SES
Docsy offers an enhanced form of SES with comprehensive evidence collection and PDF certificate signing.
Not all SES is created equal
Although eIDAS does not define official sub-levels within SES, there are major practical differences between implementations. The evidentiary value depends on how much information is recorded.
Minimal SES
Only a checkbox or 'I agree' button
Basic SES
Typed name as signature
Standard SES
Email verification + IP logging
Enhanced SES
Comprehensive audit trail + certificate signing
Docsy offers Enhanced SES - the highest level within SES with maximum evidentiary value.
What Docsy validates now
Email address verification
Signers receive a unique link via email
IP address logging
The signer's IP address is recorded in the audit trail
Timestamp
Exact date and time of signing are recorded
Browser information
User agent and session information are stored
Signature image
Drawn or styled signature is embedded in the PDF
Audit trail
Complete history of all actions on the document
PDF certificate signing
PDF is digitally signed with a certificate for integrity guarantee
Tamper detection
Any modification after signing is automatically detected
PAdES signature
PDF Advanced Electronic Signatures per ETSI standard
Qualified TSA
Qualified timestamps from a Time Stamping Authority
Validation per level
| Validation | SES | Enhanced SES (Docsy) | AES | QES |
|---|---|---|---|---|
| Email verification | ||||
| IP address logging | ||||
| Timestamp | ||||
| Audit trail | ||||
| PDF certificate signing | ||||
| Tamper detection | ||||
| Identity verification | ||||
| Qualified PKI certificates | ||||
| PAdES signature | ||||
| 2FA verification | ||||
| Qualified TSA | ||||
| QTSP certificate | ||||
| Video identification |
Roadmap to higher levels
To AES (Advanced)
For AES-level signing, the following enhancements are needed:
-
Planned
PKI certificates
Digital certificates for cryptographic signing
-
Planned
PAdES signatures
PDF Advanced Electronic Signatures per ETSI standard
-
Planned
Identity verification
Verification of identity via ID document or other method
-
Planned
Two-factor authentication
Additional verification step via SMS or authenticator app
-
Planned
Timestamp authority
Qualified timestamps from a TSA (Time Stamping Authority)
To QES (Qualified)
For QES-level signing, partnership with a QTSP is required:
-
Future
QTSP integration
Connection with a Qualified Trust Service Provider
-
Future
Video identification
Face-to-face or video verification of identity
-
Future
Qualified certificates
Certificates issued by a recognized QTSP
-
Future
QSCD support
Qualified Signature Creation Device (smartcard/HSM)
-
Future
eIDAS compliance
Full compliance with eIDAS regulation
Which signature level suits you?
Answer a few questions to discover which level best fits your situation
What type of document are you signing?
What is the financial risk of this document?
Is legal equivalence to a handwritten signature required?
Will the document be used internationally within the EU?
Our recommendation: SES
Based on your answers, a Simple Electronic Signature is sufficient for your situation. This is the most cost-effective option for low-risk documents.
Our recommendation: AES
Based on your answers, we recommend an Advanced Electronic Signature. This offers a good balance between security and ease of use for business documents.
Our recommendation: QES
Based on your answers, we recommend a Qualified Electronic Signature. This offers the highest legal certainty and is required for documents with high risk or legal requirements.
Ready to get started?
Upload your first document and experience how easy digital signing can be.
Upload document