![[STAGING] e-Signature.eu](https://staging.e-signature.eu/wp-content/uploads/2020/05/logo-e-signature-horizontal-1.svg){kind=logo}
Checking eIDAS compliance of electronic signatures
A complete guide to validating the authenticity and regulatory compliance of your electronic signatures with the European Commission’s official tool.
The eIDAS (Electronic Identification and Trust Services) regulation, which came into force on July 1, 2016, establishes a harmonized legal framework for electronic signatures and digital trust services within all 27 member states of the European Union. Its main aim is to guarantee the legal certainty, interoperability and validity of cross-border digital transactions.
In this European regulatory context, it is becoming essential for companies, public administrations and individuals to be able to verify the technical and legal conformity of an electronic signature. Fortunately, the European Commission has made available a free, high-performance tool for carrying out this verification simply and reliably.
🔍 Why check eIDAS compliance?
Verification ensures that the electronic signature is valid, that the certificate has not been revoked, that the document has not been modified after signing, and that the signatory is who he or she claims to be.
The three levels of electronic signatures under eIDAS
Before verifying a signature, it is important to understand the three levels of electronic signature defined by the eIDAS regulation, as they do not all offer the same level of legal and technical security.
1. Simple electronic signature (SES)
The basic level is the simple electronic signature. It is any data in electronic form that is attached to or logically linked with other data, and serves as a method of authentication.
Common examples: typing your name in an email, checking an “I accept” box, using a scanned image of your handwritten signature, or clicking on a “Validate” button.
Features :
- Suitable for exchanges with low legal value
- Does not rely on advanced cryptographic security mechanisms
- Low probative value in the event of dispute
- Easily challenged in court
2. Advanced electronic signature (AES)
The advanced electronic signature must meet four strict technical requirements defined in article 26 of the eIDAS regulation:
- It is uniquely linked to the signatory
- It identifies the signatory
- It is created using signature creation data that the signatory can, with a high level of confidence, use under his exclusive control.
- It is linked to the associated data in such a way that any subsequent modification of the data is detectable.
Technical mechanisms: uses a Public Key Infrastructure (PKI), generates a unique cryptographic signature for each document, any modification of the document after signature automatically invalidates the signature.
Legal value: legally recognized in the EU with greater probative value than the SES, but not automatically equivalent to a handwritten signature.
3. Qualified electronic signature (QES)
The qualified electronic signature represents the highest level of security and legal recognition. It combines the requirements of an advanced signature with strict additional guarantees:
- Created with a certified Qualified Signature Creation Device (QSCD)
- Based on a qualified certificate issued by a qualified trust service provider (QTSP)
- QTSP has been assessed by an accredited compliance body and is supervised by national authorities.
- The identity of the signatory has been rigorously verified (face-to-face or via electronic identification)
⚖️ Maximum legal value
According to article 25.2 of the eIDAS regulation: “A qualified electronic signature has a legal effect equivalent to that of a handwritten signature.” It benefits from mandatory cross-border recognition in all EU member states and a legal presumption of authenticity.
Comparative table of the three levels
| Criteria | SES | AES | QES |
|---|---|---|---|
| Legal recognition | Yes | Yes | Yes |
| Handwritten signature equivalent | No | No | Yes |
| Probationary value | Low | Medium to high | Maximum |
| Qualified certificate required | No | No | Yes |
| Cross-border recognition | Discretionary | Discretionary | Mandatory |
| Burden of proof in the event of a dispute | On the signatory | On the signatory | On the challenger |
The European Commission’s Digital Signature Service (DSS) tool
The European Commission is providing a free online platform, the Digital Signature Service (DSS), to enable any user to check the technical validity and regulatory compliance of electronic signatures to eIDAS standards.
DSS tool features
The DSS tool automatically performs a series of complex technical checks:
- Verification of document integrity: the document has not been modified since signature.
- Certificate validation: the certificate used is valid and issued by a recognized authority
- Revocation check: the certificate has not been revoked by the QTSP
- Timestamp validation: the electronic timestamp is valid and reliable
- eIDAS compliance: the signature meets the technical requirements of the regulation
- Certification chain: the entire chain up to the root certification authority is verified
Step-by-step guide: How to verify a signature
Step 1: Access the platform
Visit the European Commission’s official validation tool at: https: //ec.europa.eu/digital-building-blocks/DSS/webapp-demo/validation
Step 2: Import the signed document
Click on the download button and select the PDF, XML or other signed format you wish to analyze. The tool supports numerous signature formats: PAdES (PDF), XAdES (XML), CAdES (documents), ASiC (containers).
Step 3: Launch automatic analysis
Once the document has been loaded, the tool automatically launches a complete analysis that checks :
- Document cryptographic integrity
- The validity of the certificate(s) used
- Revocation status with certification authorities
- Compliance with eIDAS technical requirements
- Validity of the electronic timestamp
Step 4: View the validation report
By default, the ‘Simple Report’ is displayed. It provides the essential information:
- Overall signature status (valid, invalid, undetermined)
- Signatory and certificate information
- Date and time of signature
- eIDAS signature level detected (SES, AES, or QES)
You can also view the ‘Detailed Report’ for the highest level of technical detail, including the complete certification chain, OCSP/CRL checks, and cryptographic details.
Step 5: Print or download the report
The tool lets youprint or download the report as a PDF file. This is particularly useful if you need to :
- Share proof of validation with third parties
- Archive verification for your files
- Present validation in a legal or audit context
⚠️ Important: Interpreting results
A “VALID” status means that all technical checks have been successfully completed. An “INVALID” status indicates a problem (modified document, revoked certificate, etc.). An “INDETERMINATE” status may mean that the tool was unable to perform all the necessary checks (for example, if a revocation server is temporarily unavailable).
Why is checking eIDAS compliance essential?
1. Maximum legal certainty
eIDAS verification enables you toensure legal recognition of electronically signed documents. In the event of a dispute or challenge, a positive validation report provides solid technical proof of the document’s authenticity and integrity.
For commercial contracts, legal agreements, notarial documents or financial transactions, this legal security is essential to protect your interests.
2. User and partner confidence
Systematically verifying the electronic signatures you receive reinforces the credibility of your digital processes. Your customers, partners and suppliers know that you take the security of electronic transactions seriously.
This proactive approach helps to build a climate of digital trust that is essential to modern business relations.
3. Compliance with regulatory requirements
Many sectors are subject to strict obligations in terms of storing and validating electronic documents: banking and finance, insurance, healthcare, public procurement, notaries, etc.
Regular verificationavoids any risk of non-compliance that could lead to administrative or financial penalties, and ensures that your processes meet the requirements of the RGPD and eIDAS.
4. Fraud and forgery detection
The DSS tool enables immediate detection of :
- Documents modified after signature
- Revoked or expired certificates
- Forged or invalid signatures
- Identity theft
This detection capability is an essential safeguard against document fraud in a fast-moving digital environment.
5. Archiving and long-term probative value
Some documents need to be kept for many years (10, 30 or more). Regular verification and archiving of validation reports helps maintain the probative value of signatures over the long term, even if certificates or technologies evolve.
Practical use cases for eIDAS verification
For companies
- Validation of electronically signed customer contracts before archiving
- Verification of orders and delivery notes signed by suppliers
- Control of HR documents (employment contracts, amendments) signed by employees
- Compliance audit of electronic signature processes
For public administrations
- Validation of documents submitted by citizens for administrative procedures
- Checking electronically signed responses to public procurement contracts
- Verification of official declarations and regulatory forms
For legal professionals
- Verification of the authenticity of contracts presented as evidence
- Validation of electronically signed notarial deeds
- Checking document conformity in legal proceedings
For private customers
- Verification of bank or property loan contracts signed online
- Validation of leases and real estate documents
- Control of insurance or service contracts
Key points to remember
- Free official tool: The European Commission provides the DSS, a professional and reliable tool for verifying the eIDAS compliance of electronic signatures, free of charge.
- Three signature levels: Understanding the differences between SES, AES and QES is essential for assessing the legal and probative value of a signed document.
- Comprehensive technical checks: The tool automatically checks certificate integrity, validity, revocation status and regulatory compliance.
- Enhanced legal security: Systematic verification protects against fraud, ensures compliance with regulatory obligations and guarantees the probative value of documents.
- Exportable documentation: Validation reports can be downloaded in PDF format for archiving, sharing with third parties or presentation in a legal context.
Conclusion
The eIDAS verification of electronic signatures is a key step in securing digital exchanges in a professional or personal context. Thanks to the free Digital Signature Service tool offered by the European Commission, this operation becomes simple, accessible and reliable for all users, whatever their technical level.
By systematically integrating this verification into your document processes, you guarantee the legal validity of your documents, reinforce confidence in your electronic transactions, and ensure full regulatory compliance with the eIDAS framework.
In a digital environment where documents circulate rapidly and where the legal and financial stakes are high, the ability to verify the authenticity and conformity of electronic signatures is no longer an option, but a necessity for any modern organization.
Create eIDAS-compliant electronic signatures
e-Signature.eu lets you create eIDAS-compliant qualified electronic signatures with itsme®, Evrotrust and Adacom certified service providers. No subscription, pay-as-you-go, credits never expire.
How do you check the eIDAS compliance of an electronic signature?
Comprehensive guide to verifying electronic signatures with the European Commission’s DSS tool
Why verify an electronic signature?
In a context where digital transactions are multiplying, verifying the eIDAS compliance of an electronic signature has become essential to guarantee the legal validity of signed documents and protect against fraud.
The European eIDAS regulation (n°910/2014) establishes a unified legal framework for electronic signatures in the European Union. To ensure that a signature complies with this framework, the European Commission provides a free, professional tool: the Digital Signature Service (DSS).
🔍 Free official tool
DSS enables instant verification of the technical and regulatory validity of any eIDAS-compliant electronic signature.
The three eIDAS signature levels
Before verifying a signature, it is important to understand the three levels defined by eIDAS:
1. Simple electronic signature (SES)
Basic level: any electronic data used as an authentication method.
Examples: typing your name in an email, checking “I accept”, scanned signature image.
Features :
- Suitable for exchanges with low legal value
- No advanced cryptographic security mechanisms
- Low probative value in the event of dispute
2. Advanced electronic signature (AES)
Must meet four strict technical requirements (article 26 eIDAS):
- Uniquely linked to the signatory
- Identifies the signatory
- Created under the exclusive control of the signatory
- Detects any subsequent changes to data
Mechanisms: PKI, unique cryptographic signature, detectable modification.
Legal value: Legally recognized in the EU, with greater evidential value than SES, but not automatically equivalent to a handwritten signature.
3. Qualified electronic signature (QES)
Highest level of security and legal recognition. Combines AES requirements with additional guarantees:
- Created with QSCD-certified device
- Based on qualified certificate issued by QTSP
- QTSP evaluated and supervised by national authorities
- Signatory identity rigorously verified
⚖️ Maximum legal value
Article 25.2 eIDAS: “A qualified electronic signature has a legal effect equivalent to that of a handwritten signature.” Mandatory cross-border recognition throughout the EU.
Comparison of the three levels
The European Commission’s DSS tool
The European Commission provides a free online platform, the Digital Signature Service (DSS), to check the technical validity and regulatory compliance of electronic signatures.
DSS tool features
The DSS tool automatically performs :
- Integrity check: document not modified since signature
- Certificate validation: valid certificate issued by a recognized authority
- Revocation check: certificate not revoked by QTSP
- Timestamp validation: a valid and reliable electronic timestamp
- eIDAS compliance: meeting the technical requirements of the regulation
- Certification chain: complete chain up to the verified root authority
Step-by-step guide: Verifying a signature
Step 1: Access the platform
Go to: ec.europa.eu/digital-building-blocks/DSS/webapp-demo/validation
Step 2: Import the signed document
Click on download and select PDF, XML or other signed format. The tool supports: PAdES (PDF), XAdES (XML), CAdES (documents), ASiC (containers).
Step 3: Launch analysis
Once loaded, the tool automatically launches a complete analysis that checks :
- Document cryptographic integrity
- Validity of the certificate(s) used
- Revocation status with the authorities
- Compliance with eIDAS technical requirements
- Validity of electronic time stamping
Step 4: View the validation report
By default, the ‘Simple Report’ is displayed with :
- Global status (valid, invalid, undetermined)
- Signatory information and certificate
- Date and time of signature
- eIDAS signature level detected (SES, AES, or QES)
The ‘Detailed Report’ provides all the technical details, including complete certification chain, OCSP/CRL checks, and cryptographic details.
Step 5: Print or download the report
The tool allows you toprint or download the report in PDF format. Useful for :
- Share proof of validation with third parties
- Archive verification for your files
- Present validation in a legal or audit context
⚠️ Interpretation of results
Status “VALID” = all technical checks passed. “INVALID” = problem (modified document, revoked certificate). “INDETERMINATE” = the tool was unable to perform all checks (revocation server temporarily unavailable).
Why checking eIDAS compliance is essential
1. Maximum legal certainty
eIDAS verification ensures legal recognition of signed documents. In the event of a dispute, a positive validation report provides solid technical proof of authenticity and integrity.
2. User and partner confidence
Systematic signature verification reinforces the credibility of your digital processes. Your customers and partners know that you take transaction security seriously.
3. Compliance with regulatory requirements
Numerous sectors subject to strict obligations: banking, insurance, healthcare, public procurement, notary’s office. Regular verification avoids any risk of non-compliance.
4. Fraud detection
The DSS tool immediately detects :
- Documents modified after signature
- Revoked or expired certificates
- Forged or invalid signatures
- Identity theft
5. Archiving and long-term probative value
Some documents need to be kept for 10, 30 or more years. Regular checking and archiving of reports helps maintain the probative value of signatures over the long term.
Practical use cases
For companies
- Validation of signed customer contracts before archiving
- Checking supplier orders and delivery notes
- Control of HR documents (employment contracts, amendments)
- Compliance audit of signature processes
For public administrations
- Validation of documents submitted by citizens
- Control of signed responses to public contracts
- Verification of official declarations and forms
For legal professionals
- Verifying the authenticity of contracts as evidence
- Validation of electronically signed notarial deeds
- Compliance monitoring in legal proceedings
For private customers
- Verification of bank or property loan contracts
- Validation of leases and real estate documents
- Control of insurance or service contracts
Key points to remember
The European Commission provides the DSS, a professional and reliable tool for verifying the eIDAS compliance of electronic signatures, free of charge.
Understanding the differences between SES, AES and QES is essential for assessing the legal and probative value of a signed document.
The tool automatically checks certificate integrity, validity, revocation status and regulatory compliance.
Systematic verification protects against fraud, ensures compliance with regulatory obligations and guarantees the probative value of documents.
Validation reports can be downloaded in PDF format for archiving, sharing with third parties or presentation in a legal context.
Conclusion
eIDAS verification of electronic signatures is a key step in securing digital exchanges. The European Commission’s free DSS tool makes this operation simple, accessible and reliable for everyone.
By systematically integrating this verification, you can guarantee the legal validity of your documents, reinforce confidence in your electronic transactions, and ensure full regulatory compliance with the eIDAS framework.
Create eIDAS-compliant signatures
e-Signature.eu lets you create eIDAS-compliant qualified electronic signatures with itsme®, Evrotrust and Adacom. No subscription, pay-as-you-go, credits never expire.