Complying with QES: A practical guide to Qualified Electronic Signatures

  • TrustCloud
  • Sign

Share This:

TrustCloud | Complying with QES: A practical guide to Qualified Electronic Signatures

The Qualified Electronic Signature (QES) is widely recognised for its ability to ensure the identity of the signer and the integrity of a document. This straightforward guide provides a practical framework for meeting the necessary requirements for using these signatures.

What is a Qualified Electronic Signature? 

A

Qualified Electronic Signature (QES) is the type of electronic signature that offers the highest level of security and trust, equivalent to a handwritten signature in the digital realm. It is based on a qualified electronic signature certificate and its use is regulated by Regulation (EU) No 910/2014, also known as Electronic Identification, Authentication and Trust Services (eIDAS). 

The main characteristics that make QES a robust resource are authenticity, which guarantees the identity of the signer; integrity, which ensures that the content of the document has not been altered; and non-repudiation, which means the signer cannot deny having signed the document. 

QES is especially relevant in transactions that require a high degree of legal assurance, such as contracts, submissions to public authorities, or tenders. 

Properly applying this signature format is not a complex task, but it is essential to understand a series of key steps. 

Step 1: Finding a Trust Service Provider 

The first step to comply with QES is to find a Qualified Trust Service Provider (QTSP), such as TrustCloud. These providers are commercial entities that have been recognised as qualified members of the European Union Trust Scheme and meet a series of strict requirements regarding structure, procedures, and risk management. To facilitate the search and selection of a QTSP, you can use the Trusted List Browser, an accessible tool available at this link. 

The creation and maintenance of this browser is a collaboration between the Member States of the European Union and the European Commission. It provides an updated list of all qualified trust service providers, ensuring that the services offered by these providers will be recognised and accepted in all EU Member States. 

Anyone, whether residing inside or outside the European Union, can obtain these qualified trust services with the assurance that they are complying with the highest standards of security and legal recognition, including, of course, their alignment with eIDAS. 

Step 2: Verifying Identity 

Once a Qualified Trust Service Provider (QTSP) has been selected, the next step is to obtain a qualified electronic signature certificate. This certificate is essential for creating a QES, as it contains the necessary information to verify the signer’s identity and the integrity of the signed document. 

To enable the certificate, QTSPs require thorough verification of the applicant’s identity. This can be done in various ways, such as by presenting official identification documents (passport, ID card, driving licence) or through a video call supervised by a QTSP agent. 

TrustCloud supports a robust video identification process that integrates with the on-demand generation of a digital certificate to carry out the qualified electronic signature ceremony. 

Request more information about TrustCloud QES

After verifying the signer’s identity and generating the certificate, it can be installed on a secure device. These secure devices, such as smart cards, USB tokens, or hardware security modules (HSMs), are designed to protect the certificate from unauthorised access and ensure that only the legitimate owner can use it to sign documents. 

Step 3: Signing the Document 

Once your qualified certificate is installed on a secure device, the next step is to proceed with electronically signing the document. For the qualified electronic signature to be accepted, especially in environments requiring a high degree of legal assurance such as the European Union, certain essential criteria must be met. 

Firstly, the identity of the signer must be clearly stated in the qualified digital certificate used to produce the QES. This certificate contains the signer’s personal information and ensures that the signature is authentic and legally linked to the individual. 

Secondly, the QES must be produced within a Qualified Signature Creation Device (QSCD). A QSCD is a secure device that protects the digital certificate and ensures that the electronic signature cannot be altered or used fraudulently. Using a QSCD guarantees that the electronic signature meets the highest security standards and is legally recognised in all EU Member States. 

Step 4: Verifying if the document is signed with QES before sending 

Before sending any electronically signed document, it is crucial to verify that it is correctly authenticated with a Qualified Electronic Signature (QES) and not with an advanced electronic signature or another less secure type of signature. This verification ensures that the document will meet the required legal and technical standards. 

To verify the qualified electronic signature in your document, users can use the online demonstration validation tool called DSS. By uploading the document, this tool will automatically verify the certificate used for the signature, displaying the number and type of valid signatures in the document. 

It is essential to look for the message “Qualification: QESig”, as it indicates that the document is signed with a qualified electronic signature that complies with the legal standards established by the eIDAS Regulation. This confirms that the signature is suitable for transactions requiring a high degree of legal certainty. In addition to checking this message, users should review any other relevant information provided by the DSS tool to ensure there are no warnings or errors that could affect the validity of the electronic signature. This process ensures that the document is correctly authenticated before sending, thereby meeting the security and trust requirements for digital transactions. 

By following these straightforward steps and with the support of a Qualified Trust Service Provider, you can be confident in meeting all the requirements of a qualified electronic signature. From selecting an appropriate QTSP to verifying the signature before sending, this guide ensures the authenticity, integrity, and legal validity of electronic signatures. This approach allows you to fully leverage the benefits offered by QES. 

Request a free demo of TrustCloud QES now

Back To Top

International Technical Support (EU): +44 (20) 80891215 & (US): +1 312 248 7781 | support@trustcloud.tech