The electronic identification, authentication, and trust services (eIDAS) regulation is an EU law that was introduced in 2014 to create a secure and established framework for electronic identification and trust services. It defines standards for e-signatures, electronic seals, time stamps, electronic documents, and other trust services. The UK eIDAS regulation is an amended version of the EU regulation that was introduced following the UK’s withdrawal from the EU. It retains most of the original points, but tailored more closely to use in the UK.
eIDAS defines three types of electronic signatures in its framework: simple, advanced, and qualified.
Simple signatures refer to the most basic type of signature, meaning it can be any form of signature that confirms the signer’s acceptance or approval of a document. For example, this can include clicking an ‘I accept’ checkbox or using a scanned handwritten signature. There are no set requirements for security or identity verification with simple eSignatures. This makes them best suited for use on low risk or non-official documents, where there won’t be any legal implications.
Advanced signatures are required to meet set criteria in order to be legally valid under the eIDAS regulation. This means they must provide a greater level of security, ID verification, and tamper-sealing in addition to being:
Qualified eSignatures are the only type of signature to hold the same legal status as a handwritten signature. As well as meeting the requirements for advanced signatures, qualified signatures have to meet additional criteria in order to be issued with certification (only an accredited Qualified Trust Service Provider (QTSP) can issue a qualified certificate). The identity verification process for these types of signatures is multi-step, using both two-factor authentication and encrypted keys. They are typically used by highly regulated industries like banking and finance to ensure maximum security and identity verification to protect sensitive customer data.
eIDAS ensures that electronic signatures are admissible as evidence in UK and EU courts and cannot be denied any legal effect simply because it is in a digital format. However, the legal enforceability of a transaction with an electronic signature will depend on several different factors. This includes the type of signature used (simple signatures are less secure and won’t be legally binding in certain industries which regularly deal with sensitive documents) and the evidence data embedded in it.
To find out more about the eIDAS regulation, check out our guide covering the topic.