Skip to main content
scrive logo
Try for free
Home/Resources/Knowledge Hub/Learning Centre/What is the difference between SES, AES, QES

What is the difference between SES, AES, QES

Difference between SES, AES, QES

Levels of electronic signatures as defined by eIDAS

The eIDAS regulation, the EU legal framework governing the use of electronic signatures and other electronic trust services, defines an electronic signature as “data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign”.

Under eIDAS, there are three levels of electronic signatures:

Each level builds on the previous level, with QES having the highest security standards and legal validity.

What makes a signature legally binding

Before going into the details and differences of each level of signature, it’s helpful to have a little background on the legal principles around the validity of signed agreements.

The “three I’s”

From a legal perspective, when challenging the validity of a signed document – whether electronic or pen-and-paper – the courts typically focus on three elements (the “three I’s”):

Intent – do the terms of the agreement make it clear that the signatory understood they were entering into a binding agreement?
Identity – what evidence is there that the person who executed the electronic signature is actually the named signing party?
Integrity – how can it be demonstrated that the document has not been altered or tampered with in any way after it was signed?

These three legal principles provide a useful lens when looking at the technical definitions of each level of electronic signature. How well does each level of signature satisfy these requirements? Having this understanding will help you decide what type of electronic signature to use in a given use case.

Simple (or Basic) Electronic Signature

In practice, a simple electronic signature can be any kind of signature made in an electronic environment where the signatory has manifested their intent (e.g., by clicking a button or checking a box) to become bound by the contents of the document thus signed.

As for linking the signatory’s identity to the signed document, you would have to rely on the strength of the email address or mobile phone number used to invite the signatory to the online signing process.

Regarding document integrity, eIDAS does not specify any requirements for showing that the signed document has not been altered. However, some e-signing services, such as Scrive, offer robust methods to ensure the integrity of the signed documents, even for a simple electronic signature.

Advanced Electronic Signature (AES)

According to the eIDAS Regulation, “An advanced electronic signature shall meet the following requirements:

  • it is uniquely linked to the signatory;
  • it is capable of identifying the signatory;
  • it is created using electronic signature creation data that the signatory can, with a high level of confidence, use under his sole control; and
  • it is linked to the data signed therewith in such a way that any subsequent change in the data is detectable.”

In practice, these elements of unique identity, sole control and integrity of the signed document can be achieved through different means regardless of what technology is used.

Note that identification for signing purposes need not be “electronic” to reach the advanced level. A recognized electronic identity means (eID) assures secure authentication of the signatory’s identity in the online environment. It is however important to understand that AES lacks a presumption about its status and that it is up to the courts to decide whether or not something qualifies as an advanced electronic signature.

Qualified Electronic Signature (QES)

Qualified Electronic Signatures have several benefits. One is that it is the only type of electronic signature that automatically has the equivalent legal effect of a handwritten (“wet”) signature. A second benefit is that you can be sure about its status, as QES can only be issued by a Qualified Trust Service Provider (QTSP). Becoming a QTSP requires passing a rigorous multi-phase testing process by a conformity assessment body and the national supervisory body in a member state. A third benefit is that a QES issued in one member state must be recognised as a QES in all other member states. A fourth benefit is that QES is the type of electronic signature that can be validated by the most available means.

In essence and according to eIDAS, QES is “an advanced electronic signature that is created by a qualified electronic signature creation device, and which is based on a qualified certificate for electronic signatures”.
In practice, the use of QES invokes an extra layer of assurance (or trust) that results in a special legal effect that shall be recognised by all courts in the EU.

The qualified certificate, which must be issued by a Qualified Signature Creation Device (QSCD), guarantees the identity of the person signing the document and provides a method for detecting if the document has been tampered with or altered in any way after it was signed. This qualified certificate can only be issued by a Qualified Trust Service Trust Provider (QTSP), approved by a member state subject to a rigorous auditing process. Scrive AS is a Qualified Trust Service Trust Provider that provides Scrive QES. Scrive has also partnered with several other QTSPs to provide a variety of QES solutions, to ensure a fit for any type of customer and workflow.

Difference between QES and AES

Related articles