Advanced electronic signatures

What are advanced electronic signatures? Let us analyze the features needed for a signature to be considered advanced according to the European eIDAS regulation. In addition, we will compare it with other formats and discuss the available options to obtain it and use it effectively..

The eSignatures world involves a set of regulations and technical aspects that can give you a headache if they are not properly explained.

This article will focus on advanced electronic signatures. We will analyze their features, differences with the other types and on the ways of signing remotely.

Different types of electronic signatures

eSignatures contain a set of rules and technical issues that can turn into an undecipherable puzzle unless they are explained properly. They are regulated by Regulation (EU) No. 910/2014 on electronic identification and trust services for electronic transactions in the internal market (eIDAS).

According to the above mentioned regulation, there are 3 types of electronic signature:

Simple electronic signatures (SES)

The eIDAS Regulation defines simple electronic signature as follows:

“Data in electronic form attached to or logically associated with other electronic data that is used by the signatory to sign.”

Advanced electronic signatures (AES)

They are defined as:

“The electronic signature that meets the requirements contemplated in article 26”.

But what are these requirements for a signature to meet the requirements set forth in article 26?

• To be uniquely linked to the signatory;
• Allows identification of the signer;
• The signature must have been created using electronic signature creation data that the signatory can use, with a high level of confidence, under his exclusive control
• It must be linked to the data signed so that any subsequent modification of the data is detectable.

When we refer to “electronic signature creation data”, we mean the unique data used by the signatory to create an electronic signature, a definition that is also included in Article 3 of eIDAS.

Qualified electronic signatures (QAES)

The qualified electronic signature can be considered an extended form of AES:

‘‘Advanced electronic signature with a qualified digital certificate that has been created by a qualified signature creation device’’.

Greater legal validity than the simple type

The simple type differs from the advanced in the fact that the latter secures the identity of the signatory. This is essential when signing sensitive information and/or important documents.

Simple electronic signatures are scanned handwritten signatures or those drawn with the mouse or trackpad, without storing any other type of biometric data. This does not guarantee the signer’s identity. For all these reasons, the level of security is low.

Advanced or qualified options provide high levels of security and legality, without sacrificing features or UX.

How to get an advanced electronic signature?

There are several ways to meet the requirements set out by eIDAS for an electronic signature to be considered advanced. Generally speaking, either with or without a digital certificate. 

AES without certificate

An electronic signature can achieve the advanced level without the need to use any signature certificate. For this, we will need to add some electronic evidence to the document.

We can use OTP Code or Biometric signature to meet eIDAS requirements.

AES using digital certificate signature

These certificates include all necessary data for creating the signature, they are managed by the signatory and can detect changes for invalidation.

It is important to make a clear distinction between electronic signatures involving the use of qualified certificates.

Qualified signature certificates are stored on a peripheral device (e.g. SmartCard reader), or are generated and stored on a secure HSM (Hardware security module). If we choose the last option, we can access the server through robust or two-factor authentication so these certificates can be used like those ones installed on your device.

Suite Viafirma: Agile and secure solutions

Viafirma provides companies, citizens and public entities with solutions for creating and managing AES. These tools allow remote and face-to-face signatures, without the need of using digital certificates.