euro-toolhub.eu

Last checked: 12. Juli 2026

eIDAS signature levels explained: SES, AES and QES compared

The three electronic signature levels under eIDAS explained clearly: simple (SES), advanced (AES) and qualified signature (QES) – with legal validity, a decision guide, QTSP and European providers.

By the Euro Toolhub editorial team · editorially reviewed

Electronic signatures save time and paper – but not every signature carries the same weight. The EU eIDAS Regulation distinguishes three levels: the simple (SES), the advanced (AES) and the qualified electronic signature (QES). Which one you need depends on the use case. This guide explains the levels clearly, shows their legal validity and helps you make the right choice.

It is editorial guidance, not legal advice. European providers compared are on our DocuSign alternative page and in the e-signature category.

The essentials in brief

  • eIDAS defines three levels: SES (simple), AES (advanced) and QES (qualified).
  • Only the QES is legally equivalent to a handwritten signature (Art. 25 eIDAS).
  • For most business contracts the AES is enough; formally strict cases require QES.
  • QES requires a qualified trust service provider (QTSP) on the EU Trusted List.
  • You are data-sovereign if you choose a European QTSP with EU/Swiss data residency.

What is the eIDAS Regulation?

eIDAS stands for "electronic IDentification, Authentication and trust Services". It is EU Regulation No 910/2014, which since 2016 has created a uniform legal framework for electronic identification and trust services across the entire EU – including electronic signatures, seals, timestamps and registered delivery.

The benefit: a qualified signature created under eIDAS must be recognised in all EU member states. Instead of 27 national frameworks there is one common standard – making cross-border business easier and more legally secure. eIDAS applies directly in all member states; national laws (in Germany, for instance, the Trust Services Act) only supplement it in details. For companies this means a correctly created signature is enforceable EU-wide.

The three signature levels at a glance

The three levels differ in their technical requirements and therefore in their evidential weight. The higher the level, the stronger the legal proof.

The three eIDAS signature levels: SES (simple), AES (advanced) and QES (qualified) – with increasing evidential weight and legal validity.
The three eIDAS signature levels: SES (simple), AES (advanced) and QES (qualified) – with increasing evidential weight and legal validity.
LevelRequirementEvidential weightTypical use
SESsimple consent (click, typed name)lowinternal approvals, non-critical consents
AESuniquely linked to the person, tamper detectionmedium to highmost business contracts
QESqualified certificate + secure creation devicehighest (= handwritten)formally strict cases, authorities, finance

SES: the simple electronic signature

The simple electronic signature (SES) is the lowest level. It covers anything that expresses consent electronically – ticking a checkbox, a typed name under an email or a scanned image of a signature.

The SES is not legally worthless: under Art. 25(1) eIDAS, a signature must not be denied legal effect solely because it is electronic. Its evidential weight in court is low, however, because authorship and integrity are hard to prove. For non-critical, internal or everyday consents it is nonetheless practical and sufficient.

AES: the advanced electronic signature

The advanced electronic signature (AES) meets four requirements under Art. 26 eIDAS: it is uniquely linked to the signatory, capable of identifying them, created using means the signatory can keep under their sole control, and linked to the data so that any subsequent change is detectable.

In practice: the AES proves the signatory far more strongly than the SES and detects tampering with the document. It usually comes with an identity check (e.g. by email, SMS or ID) and an audit trail. For the vast majority of business contracts – quotes, orders, NDAs, many employment contracts – the AES is the appropriate, efficient choice.

QES: the qualified electronic signature

The qualified electronic signature (QES) is the highest level. It is based on a qualified certificate and created with a qualified signature creation device. It is issued or backed by a qualified trust service provider (QTSP).

Its decisive advantage: under Art. 25(2) eIDAS, the QES has the same legal effect as a handwritten signature. It is therefore the only level that can satisfy a statutory written-form requirement. The QES usually needs a stronger identity check (e.g. video ident or eID). It is mandatory wherever the law requires written form – and recommended for especially high value or risk.

Which level do you need?

The rule of thumb: as high as necessary, as low as possible. The QES is the most secure but also the most involved and expensive level; requiring it for every transaction slows things down unnecessarily.

Use caseRecommended level
Internal approval, confirming a quoteSES / AES
Employment contract, order, NDAAES
High-value ongoing obligationsAES / QES
Statutory written form (e.g. certain terminations)QES
Consumer credit, real-estate-related declarationsQES
Authorities, public tendersQES

If in doubt – especially for formally strict or dispute-prone contracts – have the specific requirement checked legally.

How signing works in practice

The process is similar at most providers:

1. Upload the document and place the signature fields. 2. Invite signatories – via an email link, without them needing an account. 3. Verify identity – depending on the level, by email/SMS (AES) or video/eID ident (QES). 4. Sign – the signatory confirms; for QES the qualified certificate is included. 5. Completion and proof – everyone receives the signed PDF plus an audit trail documenting time, identity proof and integrity.

The audit trail is central to evidential weight: it records traceably who signed what and when.

Costs of the signature levels

Costs rise with the level. SES and AES are usually billed via a subscription per user per month, often with a quota of signatures. The QES is more involved – because of the certificate and identity check, additional costs per signature or per ident process are common. For selection this means: estimate your volume and the share of formally strict cases. If you mostly need AES and QES only occasionally, you are best served by a provider that flexibly combines both levels.

What is a trust service provider (QTSP)?

A qualified trust service provider (QTSP) is a provider audited by a national supervisory body and listed on the EU Trusted List. Only a QTSP may issue qualified certificates for signatures and seals and thus enable legally valid QES.

QTSPs are subject to strict security and liability requirements and are audited regularly. For sovereignty it matters that some providers are themselves a QTSP (e.g. Yousign, Scrive or Namirial), while others work with recognised QTSPs (e.g. Skribble with Swisscom Trust Services and A-Trust). Both routes lead to legally valid signatures; the provider's data location and ownership structure determine sovereignty.

Electronic seals, timestamps and registered delivery

eIDAS governs not only signatures but further trust services useful in everyday business:

  • Electronic seal – the counterpart to the signature for legal persons (companies rather than individuals), e.g. for invoices or official notices.
  • Qualified timestamp – proves in a legally secure way that a document existed in this form at a specific point in time.
  • Qualified electronic registered delivery – a verifiable dispatch, comparable to registered post.

Many QTSPs offer these services in addition to signing – handy if you want to make processes legally secure end to end.

Three points from Art. 25 eIDAS are central:

  • Non-discrimination (para. 1): an electronic signature must not be rejected as evidence solely because it is electronic.
  • Equivalence of the QES (para. 2): the QES is legally equivalent to a handwritten signature.
  • EU-wide recognition (para. 3): a QES from one member state is valid in all others.

Evidential weight means how easily a court can establish who signed what and when, and that nothing was changed. Here SES is weak, AES clearly stronger, QES the strongest. This classification does not replace legal advice.

eIDAS 2.0 and the EUDI Wallet

With the eIDAS 2.0 amendment (Regulation (EU) 2024/1183), the EU is expanding the framework further. Its centrepiece is the European Digital Identity Wallet (EUDI Wallet), with which citizens can identify themselves EU-wide and use qualified attestations (such as attributes like age or qualifications) as well as signatures. For e-signatures this means, in perspective, an easier, state-backed identity check – another step toward sovereign, EU-wide digital administration. Providers such as Namirial are already advancing the necessary infrastructure.

European providers for eIDAS signatures

For legally valid signatures with European data residency, these verified providers are worth considering:

ProviderCountryQTSP statusSovereignty
YousignFranceown QTSP90
NamirialItalyown QTSP86
ScriveSwedenown QTSP84
SkribbleSwitzerlandvia partners (Swisscom/A-Trust)80

Sovereignty score (0–100), as of July 2026. All providers and details in the e-signature category; a direct comparison with the US market leader is on the DocuSign alternative page.

Where electronic signatures are used

Electronic signatures are useful in virtually every industry:

  • HR & people – employment contracts, onboarding documents, certificates (usually AES).
  • Sales – quotes, orders, framework agreements (SES/AES).
  • Legal & procurement – NDAs, supplier contracts, powers of attorney.
  • Finance & insurance – applications and agreements, often with QES due to legal requirements.
  • Real estate – form-bound declarations, frequently QES.
  • Public administration – applications, official notices and tenders, regularly with QES and seals.

Depending on the form requirement you choose the appropriate level – the decision table above helps.

Common misconceptions

  • "Electronic signature = scanned signature." An image of a signature is only an SES with low evidential weight, not an AES or QES.
  • "Every e-signature is as legally valid as a handwritten one." Only the QES is equivalent to a handwritten signature.
  • "US tools are fine in Europe too." They may work technically but can be subject to US law; for QES an EU QTSP is the more sovereign route.
  • "QES is always required." For most contracts the AES is enough – QES only where written form is prescribed.

Frequently asked questions

Is a scanned signature legally valid?

It counts as a simple electronic signature (SES) and must not be rejected solely because of its electronic form. Its evidential weight is low, however. For robust contracts, AES or QES are preferable.

When do I strictly need a QES?

Whenever the law requires written form – for example certain terminations, consumer credit or form-bound declarations. Only the QES satisfies the statutory written form.

What is the concrete difference between AES and QES?

The AES uniquely links the signature to a person and detects tampering. The QES builds on this but additionally requires a qualified certificate, a secure creation device and a QTSP – and is thereby equivalent to a handwritten signature.

Does an eIDAS signature apply internationally?

Within the EU, a QES is recognised in all member states. Outside the EU, recognition depends on the respective law; many countries have their own, sometimes similar, frameworks.

Is Switzerland part of eIDAS?

Switzerland has its own law, ZertES, modelled on eIDAS. Providers such as Skribble cover both frameworks, so signatures are possible under both EU and Swiss law.

Why choose a European alternative to DocuSign?

US providers can be subject to the CLOUD Act. European QTSPs such as Yousign, Namirial or Scrive offer eIDAS-compliant signatures with data residency in the EU – legally equivalent, but more sovereign.

What changes with eIDAS 2.0?

eIDAS 2.0 introduces the European Digital Identity Wallet (EUDI Wallet) and expands the trust services. For signatures this means, in the medium term, an easier, state-backed identity check.

Can I use different levels in one tool?

Yes. Most European providers support SES, AES and QES on a single platform. So you choose the appropriate level per document without switching tools – efficient and legally secure at once.

Do signatories need their own account or software?

Usually no. At most providers, signatories receive a link by email and sign directly in the browser – without an account or installation. For the QES a one-time identity check is required (e.g. by video ident).

How long does an electronic signature remain provable?

The validity of the signed contract depends on contract law, not on the signature itself. Long-term provability is ensured by qualified timestamps and suitable archiving: they keep the signature verifiable even once the underlying certificates eventually expire (known as long-term validation, LTV). If you must retain documents securely for many years, make sure your provider supports timestamps and LTV-capable formats.

Next step

If you want to replace DocuSign or Adobe Sign with a European option, compare the providers on our DocuSign alternative page or in the e-signature category. For the entire software stack, the guide Replacing US software helps.

This article is editorial guidance, not legal advice. In formally strict or dispute-prone cases, a legal review should be carried out.

The Sovereignty Score is an editorial orientation aid, not legal advice. How we rate.