DocuSign's Support for All Signer-Held Qualified Certificates on the EU Trust List
Looking back at 2016, we saw the advent of the eIDAS Regulation, an EU Regulation that sets out rules for electronic identification and trust services. It was the first time in history that electronic signatures had to be recognised as legally valid across the EU.
DocuSign accepts all qualified certificates from trust services and government organisations in the EU as long as they are part of the EU trust list.
eIDAS has previously defined the three levels of signature: standard, advanced and qualified. Usually, trust service providers or government organisations issue signing certificates at the advanced and qualified level. Trust service providers who are certified to provide these are listed on the EU trust list.
Facilitating future flexibility
DocuSign’s capability to accept all qualified certificates allows more flexibility for companies with signers in the EU, especially for use cases where a qualified signature is required.
- Millions of signers in Europe often use physical national identity cards with a built-in signing capability at the qualified level. Countries such as Germany, Belgium, and Spain use these identity cards to sign documents with their built-in certificate, using smart card readers.
- There are many trust service providers (e.g.: FirmaProfessional for Spain, Bundesdruckerei D- Trust for Germany) who issue qualified certificates for individuals so they can sign documents using a USB token or a smart card reader.
What are some examples where Qualified Signature is required?
- In Germany: any type of consumer loans (taking out a credit card, a phone lease or a personal loan) would warrant a Qualified e-signature
- In Germany: any type of temporary work agreement would also require a Qualified e-signature
- In France: life insurance agreements also require a Qualified Signature
It also comes in handy when EU countries issue national IDs with a built-in qualified signing certificate and they also issue smart card readers, so citizens can easily plug in their ID into the smart card reader, connect it to a computer and be empowered to sign agreements with it.
- In Germany, there are more than 51 million new-generation electronic identity cards in circulation
- In Belgium: The new generation of electronic ID cards is now being deployed since 2014 and over 2 million cards are delivered per year.
- In Estonia: 350M digital signatures are delivered using Estonian eID with 98% of Estonians having an ID-card
- In Spain: 43 million citizens have the Electronic ID 2.0 who will slowly transition to the new eID 3.0
How would this work for the sender and the signer?
1. Once the sender has prepared the envelope with all the necessary documents, they select the type of signature required.
Signer-Held EU Qualified* to ensure the signer is asked to provide their personal qualified signing certificate.
2. The signer receives the envelope in their email and clicks on Review document.
3. The signer proceeds to apply for the signature and is asked to provide their qualified signing certificate.
4. The signer can select their certificate that is either stored locally on their computer or stored on a USB token.
In the case of some ID cards with qualified signing certificates built in (i.e. Belgium ID card), the signing certificate will be discovered once the ID card is plugged into a smart card reader and connected to the signer’s computer.
Because the signature provider selected during the sending process was Signer-Held EU Qualified, DocuSign will filter certificates and list only the qualified ones found on the signer’s computer even if there are other types of certificates. The list above shows Qualified certificates from Keynectis and test certificates for DNI (Spanish ID) and Belgium eID.
5. The signer enters their secret PIN which has been issued to them with the signing certificate.
This is a required step to ensure assurance that the signer is who they say they are and the certificate belongs to them.
6. The agreement is signed and a record is available to validate the signature and further details such as who issued it, what level it satisfies (EU Qualified under eIDAS), timestamps and more...
Sign up for a free trial of DocuSign eSignature to get started.
* Note: The DocuSign Standards-based signature add-on must be activated to benefit from this feature and requires a subscription to the DocuSign Business or Enterprise Pro editions and a purchase of the DocuSign Express SKU