SER Blog  Customer Stories & Use Cases

The eIDAS regulation

The EU legal framework for electronic identification and trust services – explained in simple terms

The eIDAS regulation introduced in 2016 establishes uniform standards for signing electronic documents in the EU. Its goal is to provide a common framework for the cross-border use of electronic IDs and trust services in Europe. In this article, we take a closer look at the eIDAS regulation and how an enterprise content management system (ECM system) can help your business to ensure compliant electronic identification processes.

eIDAS Verordnung einfach erklärt

What is the eIDAS regulation?

The eIDAS regulation (Electronic Identification And Trust Services) provides standardized guidelines for electronic IDs and trust services in the EU. It enables the recognition of electronic signatures in court as legally binding evidence and defines qualified signatures that have the same legal status as handwritten signatures.

Who has to comply with the eIDAS regulation?

As an EU regulation, the eIDAS regulation is directly applicable to all 27 member states of the European Union, as well as in the United Kingdom, Iceland, Norway and Liechtenstein. The regulation applies to all public administration and stipulates that cross-border identification must be based on mutual recognition of the national electronic ID systems of member states.

What types of electronic signatures are there?

An electronic signature (also known as an eSignature) confirms the signature of an electronic document, serves as proof of identity, and can be accepted as evidence before EU courts in accordance with the eIDAS regulation. Companies use them, for example, to process POs, orders and invoices online or to furnish contracts, notices of termination, and other digital documents with the required signature.

The eIDAS regulation distinguishes differing types of eSignatures:

Simple electronic signature

In the context of the eIDAS regulation, the term "electronic signature" means the digital form of a signature that the signer uses to confirm or approve a document, for example, a scanned handwritten signature. This documents the originator. However, their identity remains unchecked. As a result, this is a “simple” form of eSignature.

Advanced electronic signature 

Advanced electronic signatures require clear assignment to the signer, enable identification, use signature creation data, and are linked in such a way that subsequent changes to the data are recognized.

Qualified electronic signature

The qualified electronic signature has a special legal meaning within the EU member states, and is equivalent to the conventional handwritten signature. Its use requires careful identification and a corresponding qualified certificate.

Note: In addition to the qualified eSignature, it is possible to add a qualified time stamp to a document. This ensures that the document was actually created at the time specified.

Tip: Under "eSignatures: A technology with big value", you can learn more about the different types of eSignatures and when to use each.

When is an electronic seal used?

In addition to the electronic signature, there is also the electronic seal. Here’s how it differs from an eSignature: a seal can only be assigned to legal entities and is used exclusively as proof of origin. It is used wherever a personal signature is not required, but proof of authenticity is desired, for example, in the case of official notifications.

What is the role of trust service providers in electronic identification?

In cases with high legal relevance, you need a certification service from a government-accredited trust service provider. After registration, which is often accompanied by clear identification using methods such as video identification, you will be given access to the system. You will now be able to electronically sign documents with special software.

Note: Ideally, your document management system (DMS) has an interface to the signature software that will enable you to digitally sign documents directly from your DMS.

What does the Trust Services Act regulate?

The Trust Services Act (VDG) forms the core of the eIDAS regulation and regulates various electronic trust services, including the issuing of eIDAS certificates for advanced and qualified signatures. Providers who offer trust services for electronic transactions have to obtain a corresponding qualification status from the responsible supervisory body. DocuSign and Adobe Acrobat Sign are examples of two qualified trust service providers.

What does eIDAS not cover?

The eIDAS regulation governs the recognition of electronic signatures and trust services in the EU, but not the specific requirements or the type of signature. This is left to the national laws of the member states.

  • In Germany, the Act on the General Terms for Electronic Signatures and for Changing Other Regulations (Signature Act – SigG) governs the national signature law. It implements the requirements of the eIDAS regulation, defines requirements for different signature types and trust service providers and sets rules for the legal recognition and use of electronic signatures.
  • Switzerland regulates the use of electronic signatures and trust services in the Federal Law on Electronic Signatures (ZertES). It defines different types of signatures and specifies requirements for their use in order to ensure legal recognition and the interoperability of trust services.
  • In Austria, the Federal Law on Electronic Signatures governs the use of electronic signatures and trust services.

Why is an ECM system valuable for electronic identification?

The eIDAS directive for electronic transactions in the EU imposes strict compliance requirements to identify signers and ensure the authenticity of signed documents. With advanced and qualified electronic signatures, for example, it is important to be able to clearly identify who signed the document, when, and whether changes were made subsequently.

ECM software helps substantially to meet these high compliance requirements. An ECM system achieves through the following capabilities:

  • Ensuring transparency throughout the entire authoring and signature process
  • Protecting documents and data against unauthorized changes, overwriting and deletion
  • Providing differentiated access security for documents
  • Enabling the secure exchange of signed documents and data

Legal certainty with Doxis

Do you want to be sure that you are meeting all legal requirements? Doxis, a certified ECM software, ensures full compliance with legal requirements and all industry standards.

 

Read now

The eIDAS regulation simplifies electronic processes

The introduction of the eIDAS signature has established uniform European standards for electronic identification and trust services. It enables the legally binding recognition of electronic signatures as evidence and equates qualified signatures with handwritten signatures. A modern ECM system supports this compliance and ensures transparency, document protection and secure data exchange.

FAQs about the eIDAS regulation

What is the eIDAS regulation?
The eIDAS regulation is EU legislation that sets standards for the recognition and use of electronic IDs in cross-border online transactions.
How do I get a qualified electronic signature?
To obtain a qualified electronic signature, you must contact an accredited provider that is authenticated and authorized to issue such signatures under the provisions of the eIDAS regulation.
Who must comply with the eIDAS regulation?
The eIDAS regulation applies to citizens, companies and authorities in the European Union, the United Kingdom, Iceland, Norway and Liechtenstein, and promotes the recognition and use of electronic IDs for cross-border transactions.
What is a trust service provider?
A trust service provider is an organization or body that provides electronic trust services such as electronic signatures, seals, time stamps and certificates in accordance with the eIDAS regulation to ensure the security and trustworthiness of online transactions.

Compliance

Go back

You might also be interested in

Customer Stories & Use Cases

Input management at its best

Every company that daily processes a large number of documents needs a robust input management strategy. Automating this process is thus a crucial step in business transformation.

Read more

Customer Stories & Use Cases

336% ROI: Total Economic Impact™ study reveals benefits of modern ECM

As the demand for ECM solutions grows, organizations are seeking to justify their investments by discerning the potential return value. And quite right, too. We commissioned Forrester Consulting …

Read more

White Paper

Unleashing Industry 5.0 in Manufacturing

To unlock the potential of Industry 5.0 and overcome many ongoing challenges, leaders in the manufacturing sector are making digital transformation a top priority. In this industry report, we …

Read more

The latest digitization trends, laws and guidelines, and helpful tips straight to your inbox: Subscribe to our newsletter.

How can we help you?

+49 (0) 30 498582-0

Your message has reached us!

We appreciate your interest and will get back to you shortly.

Contact us