What is timestamping?4 December 2019
Types of Qualified Certificates4 December 2019
The European legal system defines the electronic signature as “electronic data attached to other electronic data or logically associated with them that the signer uses to sign”.
According to the European legal system, there is no other possible interpretation than the fact that in the preparation of an electronic signature an electronic signature creation device must be used; it has been defined as a “software or hardware used to create electronic signatures” through electronic signature creation data.
The current Spanish Electronic Signature Law states:
“The subjects that make the use of the electronic signature possible are the so-called certification service providers. For this purpose they issue electronic certificates,… ”
Art. 3.1: The electronic signature is the set of data in electronic form, entered together with others or associated with them, that can be used as a means of identification of the signer. ”
What types of electronic signature are recognized by the Law?
Within electronic signatures, the eIDAS
Regulation defines subtypes of electronic signatures (Art. 3 eIDAS)
that provide a growing legal guarantee up to the highest level, the qualified electronic signature, which is characterized by legal equivalence to the handwritten signature:
- Electronic signature (basic)
- Advanced electronic signature (AdES): The one made with a qualified electronic signature certificate and meets the security requirements referred in Article 26 of the eIDAS Regulation. The advanced electronic signature guarantees by itself, according to article 26 of the eIDAS Regulation:
A. be linked to the signer only;
B. allow the signer's identification;
C. have been created using electronic signature creation data that the signer can use, with a high level of trust, under his exclusive control, and
D. be linked to the data signed by it in such a way that any subsequent modification thereof is detectable.
- Qualified electronic signature (QES): An advanced electronic signature that provides an additional level of guarantee on the identity of the signer and improved protection and a level of security on the creation of the signature. This is because it is created by a qualified electronic signature creation device (QSCD). A qualified electronic signature has the equivalent legal effect of a handwritten signature and is recognized as a qualified electronic signature in all member states of the European Union.
Properties of the electronic signature (Advanced and Qualified)...
- The qualified electronic certificate guarantees the identification of the signer with a very high level of security, thanks to the controls of the qualified provider on the one hand, but also thanks to the requirements on the content of the electronic certificate imposed by the eIDAS Regulation.
- Data Integrity: The use of public key cryptography of the electronic signature guarantees the integrity of the data. This means that any change in the data or signed document will be detected.
- Non-repudiation: The use of public key cryptography of the electronic signature provides the property of non-repudiation, this means that the signer cannot deny having signed.
- Legal equivalence to the handwritten signature (only referred to Qualified signature): It has full legal recognition thanks to the eIDAS Regulation that legally equals it with the handwritten signature.
It is important to keep in mind that, like handwritten signatures, electronic signatures are created by natural persons. According to the eIDAS
Regulation, a legal person does not have legal authorization to sign electronically. Rather, the eIDAS
Regulation allows legal persons to electronically seal the data. From it derives the qualified certificate of electronic seal
, unlike qualified certificates of electronic signature (of Natural Person, Legal Representative, Public Employee).
The concept of electronic seal for legal person is very similar or equivalent to the concept of electronic signature for natural person.