eIDAS explained: SES, AES, and QES signature tiers in the EU
eIDAS is the EU regulation governing electronic signatures across all member states. It defines three tiers: a Simple Electronic Signature (SES) is the basic level, like a typed name or a click; an Advanced Electronic Signature (AES) is uniquely linked to the signer, can identify them, and detects any later change to the document; and a Qualified Electronic Signature (QES) is an advanced signature made with a qualified device and a qualified certificate. Only a QES automatically carries the same legal effect as a handwritten signature across the EU. Higher tiers mean stronger legal presumptions but require more identity verification.
One regulation, three tiers
In the European Union, electronic signatures are governed by eIDAS — the regulation on electronic identification, authentication, and trust services. Unlike the U.S. approach, which treats most electronic signatures as one broad category, eIDAS defines a ladder of three tiers, each with a different level of assurance and legal weight. Knowing where a signature sits on that ladder tells you how much evidentiary strength it carries.
This article is general information, not legal advice. For a specific situation, consult qualified counsel in the relevant EU jurisdiction.
Simple Electronic Signature (SES)
The Simple Electronic Signature is the baseline. eIDAS defines an electronic signature very broadly: data in electronic form attached to or logically associated with other data, used by the signer to sign. In practice, an SES can be:
- Typing your name into a field
- Clicking an "I agree" or "Sign" button
- Applying a scanned image of your signature
- Drawing a signature with a mouse or touchscreen
An SES is legally valid and admissible — eIDAS says a signature can't be denied legal effect just because it's electronic or because it isn't qualified. But its evidentiary weight depends on context, and if a signature is challenged, the party relying on it may need to prove who signed and that the document is intact. For everyday, lower-risk agreements, an SES supported by a solid audit trail is often sufficient.
Advanced Electronic Signature (AES)
The Advanced Electronic Signature raises the bar. Under eIDAS, an AES must meet four requirements. It must be:
- Uniquely linked to the signer.
- Capable of identifying the signer.
- Created using data that the signer can use under their sole control.
- Linked to the signed data such that any subsequent change is detectable.
In practice, an AES is usually built on public-key cryptography (PKI) — a certificate tied to the signer plus a cryptographic seal over the document. That's what makes it tamper-evident and traceable to a specific person. An AES carries more evidentiary weight than an SES because the identity link and tamper-evidence are built into the signature itself.
Qualified Electronic Signature (QES)
The Qualified Electronic Signature is the top tier and the only one eIDAS treats as automatically equivalent to a handwritten signature across all member states. A QES is an AES that additionally requires:
- A qualified certificate for electronic signatures, issued by a qualified trust service provider (QTSP) listed on an EU Trusted List.
- Creation using a qualified signature creation device (QSCD), such as a secure hardware token or a certified remote signing service.
Because a QES depends on verified identity and a qualified device, it also requires the strongest identity verification up front — often a face-to-face or equivalent remote identity check. In return, a QES benefits from a legal presumption of integrity and authenticity, and reverses the burden of proof: a party disputing it generally has to disprove it.
Which tier do you actually need?
There's no universal answer — the right tier depends on the transaction, its risk, and any sector-specific rules. As a rough guide:
- SES — routine, lower-risk agreements: internal approvals, standard commercial terms, consent forms.
- AES — higher-value or more sensitive documents where you want built-in identity linkage and tamper-evidence.
- QES — transactions where the law or the counterparty specifically requires a signature equivalent to handwritten, or where the stakes justify the strongest legal presumption. Certain regulated documents in some member states require a QES.
Choosing a higher tier than necessary adds friction (more identity verification) without proportional benefit; choosing too low can leave you with weaker evidence in a dispute. Match the tier to the risk.
eIDAS 2.0 and the EU Digital Identity Wallet
eIDAS has been updated (often called eIDAS 2.0) to introduce the EU Digital Identity Wallet, which aims to let EU residents identify themselves and sign electronically across borders using a government-recognized wallet on their phone. The three-tier structure (SES, AES, QES) remains the backbone; the wallet is intended to make higher-assurance signing — especially QES — more accessible. If cross-border, high-assurance signing matters to you, this is the trend to watch.
How this maps to a signing tool
Most signing platforms deliver an SES with a supporting audit trail by default, and some offer AES or QES through integrations with qualified trust service providers. When evaluating a tool for EU use, confirm which tier it produces and whether it can escalate to AES or QES when a transaction demands it.
PearSign captures each signer's consent and a detailed audit trail and seals completed documents with a tamper-evident, AATL-backed digital certificate. Whether a given transaction requires an SES, AES, or QES under eIDAS depends on the document and jurisdiction, so confirm your tier requirements before relying on a particular signature level.
FAQ
What are the three types of electronic signature under eIDAS?
eIDAS defines a Simple Electronic Signature (SES), an Advanced Electronic Signature (AES), and a Qualified Electronic Signature (QES). They form a ladder of increasing assurance, identity verification, and legal weight.
What is the difference between AES and QES?
An AES is uniquely linked to the signer, can identify them, is under their sole control, and detects later changes to the document. A QES is an AES created with a qualified certificate from a qualified trust service provider and a qualified signature creation device. Only a QES automatically has the same legal effect as a handwritten signature across the EU.
Is a simple electronic signature legally valid in the EU?
Yes. eIDAS says an electronic signature can't be denied legal effect solely because it's electronic or not qualified. An SES is valid and admissible, though its evidentiary weight depends on context and the supporting audit trail.
Which eIDAS tier do I need?
It depends on the transaction and its risk. SES suits routine, lower-risk agreements; AES suits higher-value documents needing built-in identity and tamper-evidence; QES is for cases where the law or counterparty requires a signature equivalent to handwritten. Check any sector-specific rules.
What is a qualified trust service provider?
A qualified trust service provider (QTSP) is an organization audited and listed on an EU Trusted List that can issue qualified certificates and provide qualified signing services. A QES relies on a certificate from a QTSP.
Does PearSign support eIDAS signatures?
PearSign captures consent and a full audit trail and seals documents with a tamper-evident, AATL-backed certificate. The eIDAS tier required for a given transaction depends on your document and jurisdiction, so confirm your tier needs before relying on a specific level.
Ready to send your first document with PearSign?
AI drafts it, places the fields, and collects every signature — sealed and audit-trailed.
This article is general information about electronic signatures and related standards — not legal advice. For your specific situation, consult qualified counsel in your jurisdiction.