The eIDAS Regulation
E-Signature and Digital Signature Standards Driving Digital Transformation
Regulations like eIDAS in the European Union (EU), ZertES in Switzerland, and Medida Provisoria 2.200-2 in Brazil provide broad frameworks, which allow for secure digital authentication and the use of electronic and digital signatures.
There are generally three different types of electronic signatures recognized around the world with different levels of security:
- 1. Simple Electronic Signature (SES) / Basic Electronic Signatures
- 2. Advanced E-Signature (AES)
- 3. Qualified E-Signature (QES)
The Simple E-Signature is a signature at its most basic. It is effectively a handwritten signature in electronic form on an electronic document, but it lacks much of the electronic identification and security found in the other types of electronic signature used to verify the signer’s identity.
The Advanced Signature is the most commonly used signature type and includes higher identity proofing requirements than the Simple E-Signature. The Qualified Signature is an Advanced E-Signature backed by a digital certificate (qualified certificate) issued by a qualified trust service provider or certificate authority. Stringent identification and digital certificate requirements can make Qualified E-Signatures impractical for many business transactions.
Different regulations govern the use of electronic signature, their legal requirements, and legal validity in the United States, such as the Uniform Electronic Transactions Act (UETA) and the Electronic Signatures in Global and National Commerce Act (ESIGN Act). Visit the eSignature Legality Guide to learn the facts about electronic and digital signature laws around the world and their legal effect.
OneSpan Sign keeps you compliant, no matter where you do business.
Our electronic signature solution is designed to meet the requirements for all three forms of e-signature – the simple, advanced, and qualified e-signature.
OneSpan Sign provides comprehensive support for working with Trust Service Providers (TSPs) that issue certificate-based IDs used to validate the identity of signer. Our TSP partners are on the EU Trust List, enabling cross-border recognition of your electronic signatures in all member states of the EU.
OneSpan Sign supports:
Remote Digital Certificates
The individual’s signing key (digital certificate) is held remotely by a qualified TSP within an HSM on behalf of the individual and leveraged by OneSpan Sign to validate the identity of the certificate holder at the time of signing.
Local Digital Certificates
The individual’s signing key (digital certificate) is held locally on a secure signature creation device (e.g., smart card, token, etc.) and leveraged by OneSpan Sign to validate the identity of the certificate holder at the time of signing.
Our global TSP partners include:
Full-service Electronic and Digital Signature Platform
OneSpan Sign offers flexibility to deliver optimal customer and employee experiences
- No-code workflows to manage the electronic signature process
- Robust developer APIs and integration tools to support one-off or custom integrations
- Digital signature encryption and timestamping that guarantees the integrity of e-signed documents and audit trails and prevents tampering
- Global data centers with support for data residency requirements and the ability to support private cloud and on-premises deployments
- Feature-rich, out-of-the-box connectors to multiple third-party platforms and apps that businesses use every day
The Signing Process
Why OneSpan Sign?
Bring automation to your e-signature workflows and deliver optimal customer and employee user experiences
Strong Electronic Evidence
Vendor-independent audit trail that helps you deliver legally binding, admissible, and enforceable e-signatures
Global E-Signature Solution
An enterprise-grade solution that scales across geographies, use cases, and channels, and integrates with the apps you use every day
Bank-grade security, strong identity verification, and support for digital certificates that adhere to global standards (e.g., X.509 PKI)
Security & Privacy
OneSpan Sign is trusted by some of the world’s most security-conscious organizations. Security and privacy is our priority. Our solution is hosted on world-class data centers around the world and managed according to a variety of regulatory, industry, and IT standards for security and data protection, including:
eSignature Legality Guide
Learn the facts about electronic signature laws and local regulations that govern digital identities and digital certificates for e-signatures among EU member states and around the world.Read More
The information contained in this document is for information purpose only, provided as is as of the date of publication and should not be relied upon as legal advice or to determine how the law applies to your business or organization. It is recommended that you seek guidance from your legal counsel with regard to law applying specifically to your business or organization and how to ensure compliance.