Electronic signature is a fast-growing market, but also a domain where architecture decisions are frequently miscalibrated: too much rigour where it is not needed, not enough where it truly is.
The eIDAS regulation defines three levels of electronic signature. Choosing the right level means finding the balance between evidential value, user experience and implementation cost. Here is how to reason through it.
The three eIDAS levels: what they actually mean
SES: Simple Electronic Signature
SES is the basic level. It includes anything that can be considered an expression of an intent to sign: clicking “I agree,” a scanned signature, a ticked box, a confirmation email.
What it proves: that someone performed an action associated with a document. It does not prove with certainty who signed or that the document was not altered.
Legal value: admissible as evidence, but contestable. In the event of a dispute, the burden of proof falls on the party invoking the signature.
Typical use: terms and conditions, internal acknowledgements, approval workflows without significant financial or legal stakes.
AES: Advanced Electronic Signature
AES must meet four criteria defined by eIDAS:
- It is uniquely linked to the signatory
- It is capable of identifying the signatory
- It is created using data under the signatory’s sole control
- It is linked to the signed data in such a way that any subsequent modification can be detected
What it proves: the identity of the signatory (at a varying level of assurance depending on implementation) and the integrity of the document.
Legal value: strong presumption of validity. It is the most commonly used level in routine professional uses.
Typical use: commercial contracts, mandates, purchase orders, partnership agreements, HR documents.
QES: Qualified Electronic Signature
QES is the highest level. It is created by a “qualified signature creation device” (QSCD) and relies on a qualified certificate issued by a qualified trust service provider (QTSP), listed on the Member State’s trust list (TSL).
What it proves: legal equivalence to a handwritten signature throughout the European Union. It is the only electronic signature that benefits from an irrefutable legal presumption of validity under European law.
Legal value: equivalent to a handwritten signature. Recognised without question in all Member States.
Typical use: electronic notarial acts, real estate contracts, public procurement, regulatory documents (SEPA Direct Debit Mandate, certain banking instruments), signatures in high-stakes cross-border contexts.
The decision matrix
The right level of signature is chosen according to three dimensions:
1. Legal and financial stakes
| Stakes | Recommended level |
|---|---|
| Internal, no contractual value | SES |
| Standard commercial contract (< €50k) | AES |
| Significant commercial contract | Enhanced AES or QES |
| Instrument with mandatory legal value | QES |
| Public procurement, regulated instruments | QES |
2. Sector and regulatory obligations
Certain sectors have explicit requirements:
Financial sector: SEPA mandates, certain PSD2 documents, life insurance contracts in some countries require a minimum AES level, sometimes QES.
Public procurement: bid applications and commitment documents require an AES with a qualified certificate (in practice, often assimilated to a QES).
Healthcare: electronic prescriptions and certain medical instruments require a QES.
Real estate: preliminary contracts and electronic authenticated instruments require a QES (electronic authenticated instrument via a notary).
Employment law: a permanent employment contract (CDI) can be signed with AES. Agreed terminations follow the DREETS procedure which imposes its own format.
Regulated professions: accountants (experts-comptables) filing company formalities at the INPI Guichet Unique (registration, amendment, deregistration) must use an AES with a qualified certificate. This level ensures the signatory is a qualified professional, with certificate quality equivalent to that of a QES.
3. Cross-border exposure
If your documents are intended to be enforceable in multiple Member States, only QES guarantees recognition without question. AES is technically recognised but can be challenged on its implementation modalities.
Implementation: what really differs between levels
For SES
No particular technical constraint. A checkbox, a timestamp, retention of consent is sufficient. The key point: traceability. In the event of a challenge, you must be able to prove who performed the action and when.
Recommended retention: timestamped log with IP address, session identifier, hash of the document at the time of the action.
For AES
AES requires:
- A certificate associated with the signatory (can be a non-qualified certificate, depending on implementation)
- A private key under the exclusive control of the signatory (HSM, secure software token)
- A cryptographic signature of the document hash
- A timestamp (TSA, Timestamp Authority) to guarantee the date of signing
In practice, most SaaS electronic signature solutions (DocuSign, Yousign, Universign, ARX CoSign) implement an AES. What they call “advanced signature” corresponds to this level.
The key watch point: the level of identification of the signatory at the time of enrolment (how were they authenticated? simple email? MFA? identity verification?) determines the strength of the AES in the event of a challenge. An AES with identity verification (e-KYC) is significantly stronger than an AES with email authentication.
AES with a qualified certificate. A practical variant of AES applies in regulated contexts that require certified identity assurance without mandating a QSCD: AES backed by a qualified certificate, issued by an accredited QTSP. The rigour of identification is identical to that of a QES. The signing infrastructure remains lighter than a strict QES. This is the level we implemented from 2025 on jesignexpert, enabling accountants to sign their INPI Guichet Unique filings directly from their business tool.
For QES
QES necessarily requires:
- A qualified certificate issued by a QTSP listed on the national TSL
- A QSCD (Qualified Signature Creation Device): historically a physical key (USB token, smart card), now possible via a remote QSCD managed by the QTSP
- Prior identity verification compliant with the eIDAS “high” assurance level (face-to-face or PVID high-level equivalent)
Remote Signing (remote qualified signature) is the evolution that has democratised QES in recent years. The QSCD is hosted by the QTSP in a certified environment. The signatory activates their key via strong authentication (OTP, biometrics). The qualified signature is produced without the signatory needing a physical key.
QTSP providers in France: Certigna, Certinomis, CertEurope, DocuSign (qualified via its European entity), Universign.
Signature formats: PAdES, XAdES, CAdES
The signature format is independent of the eIDAS level, but conditions interoperability.
PAdES (PDF Advanced Electronic Signature): signature embedded in a PDF file. The most common format for commercial documents. Readable and verifiable in any compatible PDF reader.
XAdES (XML Advanced Electronic Signature): signature of XML documents. Used in structured B2B exchanges, electronic invoices, public procurement.
CAdES (CMS Advanced Electronic Signature): signature of any type of file (container format). Used for binary files or in contexts where the final document format is not PDF.
For most common uses: PAdES. For public procurement and electronic invoicing: XAdES. For specific cases: CAdES.
Archiving with evidential value
Signature is only half the problem. A QES-signed document that is no longer verifiable in 10 years because the certificates have expired and the QTSPs have disappeared creates a serious evidentiary problem.
Archiving with evidential value (digital safe, evidential electronic archiving) ensures that documents remain verifiable over time via:
- Regular timestamping: re-timestamping of signatures to maintain their validity beyond the lifetime of the certificates
- Evidential logging: unalterable chain of evidence on operations performed on the document
- Format migration: conversion to durable formats (PDF/A) without loss of evidential value
For any long-retention document (> 5 years), the question of evidential archiving must be raised at the design stage.
Conclusion
The choice of electronic signature level is not a technical decision. It is a legal and business decision with technical implications. Starting from the actual need (which document, what stakes, what legal exposure, what retention period) avoids the two symmetrical errors: over-engineering with a QES where an AES suffices, or under-dimensioning with a SES where evidential value is genuinely needed.
The right answer is often to have several levels coexisting, depending on document flows, with routing logic towards the appropriate level integrated into the signature orchestrator.
Are you designing or redesigning an electronic signature journey? Let’s talk about your target architecture.