Skip to content
menu-toggle
menu-close

Addo Sign complies with eIDAS

Digital transactions and remote collaboration have become an integral part of everyday life for both private and public organizations. To ensure these interactions are reliable and compliant with current legislation, the eIDAS Regulation – Electronic Identification, Authentication and Trust Services – plays a crucial role. It establishes the legal framework for electronic signatures in the EU and ensures that digital signatures have the same legal validity as physical ones.

This article explains why eIDAS is a recognized and secure standard for digital signing – and how Addo Sign supports the requirements in practice.

 

twoday-staircase-1200x1200-01

What is eIDAS?

eIDAS stands for electronic identification, authentication and trust services and is an EU Regulation that entered into force in July 2016. Its purpose is to ensure a uniform, secure and cross-border digital identity and signature infrastructure across the EU, enabling citizens, businesses and public authorities to interact digitally with confidence and efficiency.

Legal recognition and standardisation

The eIDAS Regulation establishes common rules for the validity of electronic signatures and identification across EU Member States. This means that a digital signature created in one EU country must be recognised as legally valid in all other Member States – just like a handwritten signature. Each Member State is required to maintain a public list of qualified trust service providers (QTSPs) that comply with the Regulation’s security requirements.

Three levels of assurance

eIDAS defines three levels of electronic signatures with increasing security and legal effect:

  • Electronic Signature (SES): A simple electronic signature, for example a typed name in an email or a checkbox in a digital form.
  • Advanced Electronic Signature (AES): A signature that is uniquely linked to the signer, capable of identifying the signer, and created in a way that allows detection of any subsequent changes to the data. This is the level used in the vast majority of commercial contracts and legally binding business agreements.
  • Qualified Electronic Signature (QES): The highest level of assurance. It requires the use of a qualified signature creation device and a qualified certificate issued by a QTSP. QES is typically only used in situations where legislation explicitly requires it or where specific regulatory requirements apply.

In practice, a qualified signature is only necessary in specific cases. For most businesses, an advanced electronic signature is fully sufficient and legally binding across the EU.

Addo Sign and eIDAS

Addo Sign supports Simple (SES) and Advanced (AES) Electronic Signatures in accordance with the eIDAS Regulation. The solution is designed to ensure strong evidentiary value, full traceability and document integrity throughout the signing process.

For the vast majority of commercial and legal use cases, AES is the relevant and sufficient level. Only where legislation explicitly requires a qualified signature will QES be necessary.
In practice, organisations subject to such requirements will typically already be aware of this through their regulatory or legal frameworks.

When eIDAS certificates are applied, Addo Sign uses the Italian company InfoCert as its certification provider. InfoCert is an EU-approved Qualified Trust Service Provider (QTSP) and is listed on the official EU eIDAS Trusted List.

Addo Sign itself is not a Qualified Trust Service Provider and therefore does not appear directly on national trusted lists. Certification services are delivered via InfoCert in accordance with the EU regulatory framework, ensuring that the applied signatures meet the relevant technical and legal requirements under eIDAS.

Signatures executed through Addo Sign are legally binding and recognised across the EU in accordance with eIDAS.

Advanced cryptography and security

Digital signatures created under the eIDAS framework rely on advanced cryptographic mechanisms to protect data integrity and authenticity. Technologies such as asymmetric encryption, hashing functions and secure key management are core components of the signing process and make it extremely difficult for unauthorised parties to alter or forge content.

Cross-border recognition

One of the key advantages of eIDAS is the mutual recognition of electronic signatures across the EU. Regardless of which Member State a digital signature is issued in, it must be granted the same legal validity in all other EU countries.

eIDAS 2.0 and the European Digital Identity

In 2024, the eIDAS Regulation was updated through what is commonly referred to as eIDAS 2.0. The most significant development is the introduction of the European Digital Identity Wallet – a digital wallet enabling citizens and businesses to identify themselves digitally and securely share documentation across borders. Addo Sign closely follows the implementation and works to ensure continued compliance with future regulatory requirements and standards.

A secure and future-proof solution

Addo Sign is built on the principles of the eIDAS Regulation and complies with all relevant technical and legal requirements for digital signing within SES and AES. By combining modern technology with EU-recognised certification services, Addo Sign delivers a solution that is secure, reliable and legally binding – now and in the future.

You can find the official EU Trusted List here: EU eIDAS Trusted List

Read more about the eIDAS Regulation here: EU Regulation 910/2014