What is a Qualified Electronic Signature (QES)?

Why should I use a Qualified Electronic Signature?

A qualified electronic signature provides four things that no other signature type can guarantee simultaneously.

Automatic legal standing. Under Article 25(2) of eIDAS, a QES has the same legal effect as a handwritten signature and must be recognised by courts and public authorities across all EU member states. Simple and advanced signatures do not carry this presumption — their validity can be challenged and must be proven by the party relying on them.

Regulated identity verification. The identity proofing process required for QES issuance must meet ETSI TS 119 461 standards — a face-to-face equivalent process that verifies the signatory against a government-issued identity document. This is not optional or configurable. A QTSP that cannot demonstrate conformity loses its qualified status.

Liability with the trust service provider. Under Article 13 of eIDAS, a QTSP is liable for damages caused to any natural or legal person due to a failure to meet its regulatory obligations. QTSPs must hold mandatory insurance, the details of which are published in their public repository. With simple or advanced signatures, liability typically falls on the organisation that deployed the signing tool.

Self-validating signatures. A QES can be validated by anyone using standard PDF software — without contacting the issuer. The signature contains a qualified certificate, a qualified timestamp, and a cryptographic proof of document integrity. If the document is altered after signing, the signature shows as invalid. Advanced signatures generally cannot be validated independently in this way.

For a detailed comparison of all five benefits, see What are the benefits of a qualified electronic signature?

When should I use a Qualified Electronic Signature?

Not every document requires QES. For routine internal approvals, standard NDAs, and many commercial contracts, a simple or advanced signature may be adequate depending on jurisdiction and risk appetite.

QES becomes essential in three circumstances:

When the law requires it. Across the EU, at least 10 to 15 document categories per member state require qualified signatures by law. Common examples include consumer credit agreements, mortgage documents, powers of attorney, certain employment contracts, regulatory filings, and public procurement submissions. Under Article 27 of eIDAS, public authorities cannot require a signature level higher than QES — meaning QES meets the requirement for every regulated transaction involving EU public bodies.

When a counterparty could challenge the signature. If a signatory could later dispute that they signed, or claim their identity was not properly verified, a QES removes that risk. The identity verification process is regulated, audited, and documented — and the burden of proof in any dispute shifts to the challenging party rather than the organisation relying on the signature.

When cross-border enforceability matters. A QES signed in any EU member state is automatically recognised by courts and authorities in all other member states. Advanced signatures do not carry this guarantee — their recognition varies by jurisdiction and can require additional evidence in cross-border disputes.

What are the legal effects of a Qualified Electronic Signature?

Under Article 25(2) of eIDAS, a qualified electronic signature has the equivalent legal effect of a handwritten signature. This is a statutory presumption, not a technical claim — it means courts and public authorities across all 27 EU member states are required to recognise a valid QES as equivalent to a wet ink signature, without the need for additional evidence or expert testimony.

Simple and advanced signatures are also legally valid under eIDAS — under Article 25(1), no electronic signature can be denied legal effect solely because it is in electronic form. However, this is not the same as having the legal presumption of a handwritten signature. If a simple or advanced signature is challenged in court, the party relying on it must demonstrate its validity — through technical logs, issuer confirmation, or other evidence. A QES reverses this: the party challenging it must prove it invalid.

This reversal of the burden of proof is the most practically significant legal difference between QES and the other signature types.

Want to get a free consultation?

When are Qualified Electronic Signatures most commonly used?

QES is used across any sector where high-value or legally sensitive documents are exchanged remotely.

The most common categories include:

• Financial services — consumer and corporate lending, mortgage agreements, investment mandates, and KYC onboarding for regulated financial products. DORA (Regulation (EU) 2022/2554) increases the digital operational resilience requirements for financial institutions, making qualified identity assurance increasingly important in documentation processes.
• Legal services — powers of attorney, notarised documents, court submissions, and client onboarding under AML regulation. See Why sending client documents over email is an AML compliance problem for a detailed analysis of the compliance risks for law firms.
• Human resources — employment contracts, termination agreements, and remote onboarding where identity verification is required for regulatory or internal compliance purposes.
• Real estate — purchase contracts, lease agreements, and mortgage-related documentation in jurisdictions that require or strongly recommend QES.
• Public sector — procurement submissions, regulatory filings, and citizen-to-government interactions. Under Article 27 of eIDAS, public bodies cannot require a signature higher than QES.
• Healthcare — clinical trial approvals, pharmaceutical regulatory submissions, and patient consent for remote consultations in jurisdictions where QES is mandated.

How do I know if a document has been signed with a Qualified Electronic Signature?

Validation is one of the greatest benefits of using a Qualified Electronic Signature (QES). Cryptographic evidence in combination with the guaranteed verification of identity are aspects that are highly desirable when it comes to checking and confirming an electronic signature.

There are two ways to validate a QES:

• Adobe Reader
  As long as the software is updated with a current version of the EU Trusted List, Adobe Reader can be used to validate a QES, free of charge. This action is done automatically when Adobe Reader is started and does not require any user interaction. You can also choose to open the Signature Panel to investigate the signatures and associated certificates more in-depth.
  
  
• EU DSS Tool
  The EU DSS Tool is a demonstration web app managed directly by the European Commission. To validate a QES, you simply upload the signed document and receive a report of validation.

What is changing with eIDAS 2.0?

Regulation (EU) 2024/1183 — known as eIDAS 2.0 — entered into force on 20 May 2024. It amends rather than replaces the original eIDAS framework. The core QES requirements, including the QTSP requirement and the Article 25(2) legal presumption, remain unchanged.

The main addition is the European Digital Identity Wallet (EUDIW): a government-issued digital identity application that every EU member state must make available to citizens by 2026. The EUDIW will support qualified electronic signatures, enabling citizens to sign documents to QES standard directly from a smartphone wallet. QTSPs and existing QES infrastructure continue to operate alongside the EUDIW throughout the transition and beyond.

For organisations currently using QES, no changes to existing workflows are required. Systems should be tested to accept EUDIW-based signatures once member states begin issuing wallets, but existing qualified certificates and QTSP relationships remain valid.

Does my signing platform provide QES?

Probably not at standard subscription tiers. Most generic signing platforms produce simple or advanced electronic signatures by default. Some offer QES as an enterprise add-on through a third-party QTSP partnership, but this is typically a separate integration at a higher price point — not the product most organisations use day to day.

To verify whether your provider offers genuine QES: check whether the provider or its certificate-issuing partner appears on the EU Trusted List with "granted" status for the QCert for ESig service type. Then confirm that your specific contract tier includes QES — not just advanced signatures with identity verification.

For a detailed breakdown of why most platforms don't provide QES by default and what to ask vendors, see What Is a Qualified Electronic Signature, and Why Your Signing Platform Probably Does Not Provide One.

As a Qualified Trust Service Provider listed on the EU Trusted List and supervised by the Swedish Post and Telecom Agency (PTS), ZealiD provides QES by default through every signature. Identity verification is completed remotely via the ZealiD app in under three minutes, supporting over 150 identity document types across more than 50 nationalities. Every signature meets Article 25(2) requirements across all 27 EU member states.