Tasked with harmonising the disparate member state legislation
that implemented the eSignatures Directive (Directive 1999/93/EC), Regulation (EU) N°910/2014 (the "eIDAS"
Regulation) became effective 1 July this year.
The eIDAS Regulation repeals the eSignatures Directive and
contains specific provisions governing electronic identification,
trust services, and a range of online authentication methods,
including electronic signatures, seals, time stamps, and registered
delivery services. The new rules are a step in furthering the
development of the Digital Single Market, improving trust in
digital authentication methods, and breaking down the barriers to
online trade and the provision of digital goods and services.
The eIDAS Regulation distinguishes between three types of
1. Electronic signatures
These shall not be denied legal effect or admissibility as
evidence in legal proceedings based purely on the fact that they
are in electronic form.
2. Advanced electronic signatures
These allow unique identification of the person who signs the
document, and act as a tamper-evident seal which can reveal any
unauthorised changes to its content. Such signatures can now be
provided on mobile devices, as well as on traditional desktop
3. Qualified electronic signatures
Similar to advanced electronic signatures but with increased
security, these are based on 'Qualified Certificates' which
can only be issued by a Certificate Authority duly accredited and
supervised by EU member state designated authorities, tasked with
ensuring that the requirements of eIDAS are met. Qualified
Certificates must be stored on a qualified signature creation
device (such as a USB token, a cloud-based trust service, or
similar). This is the only type of signature which has the
equivalent legal effect of a handwritten 'wet ink'
signature, and ensures mutual recognition across the EU.
Qualified electronic signatures provide a higher level of
security (e.g., the signing process creates a tamper-evident seal),
and combined with its mutual recognition across the EU, gives rise
to a variety of different applications. For example, it could be
particularly beneficial in the mHealth and FinTech industries; it
provides a secure method of obtaining the consent of mobile app
users for processing their sensitive personal data.
The eIDAS Regulation is a welcome update to the 17-year-old
eSignatures Directive, which struggled to cater to the demands of
an increasingly digital European economy.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
Last year proved a turbulent year for the FinTech sector. Although the industry continued to boom, the Brexit vote and the election of Donald Trump seem to have caused many investors to pause and reconsider investing in Europe and North America.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).