Swisscom Trust Services - Trust Blog

Qualified electronic signature - Swisscom Trust Services

Written by Peter Amrhyn | 10/26/21 2:00 PM

Our world is becoming more and more digital. The business world is shifting its business activities into digital as employees increasingly work in their home offices. Even in our private lives, many activities occur online: we buy clothes, groceries, or electrical appliances online, take care of our banking affairs, or deal with the authorities from home without going to a branch. A lacking point in the digital space is the conclusion of online contracts with one's signature, which usually takes place on paper. A qualified electronic signature (short: QES) can help out. This guide informs you about the essential features and advantages of a QES and how you can use it.

Definition of QES

The qualified electronic signature is a secure digital signature with a legal basis according to the EU regulation eIDAS and the Swiss federal law ZertES. It has a very high probative value and liability, is equal to the handwritten signature before the law, and can be verified via a validator. Examples of these legally recognized validation options are the validator of the Swiss Federal Administration or the DSS Demonstration WebApp by the European Commission.

 

Requirement and properties of the QES according to EU Regulation eIDAS

Generally, the digital public-private key procedure creates a qualified electronic signature. The EU regulation eIDAS, which regulates the legal framework of electronic signatures and trust services in the EU, determines essential requirements for a QES. This is described in Article 3 No. 10 on electronic signatures describes an electronic signature as "data in electronic form which is attached to or logically associated with other electronic data and which is used by the signatory to sign." According to the eIDAS Regulation, the QES should fulfill these requirements. The QES must:

  • be unambiguously attributable to a person,
  • enable the unique identification of the person
  • be issued by a trust service provider, such as Swisscom Trust Services
  • be based on a qualified electronic certificate, and
  • prove that the document cannot be altered after the signature has been affixed.


Differentiation of QES from FES or EES

The qualified electronic signature is the most secure digital signature, with the highest evidential value and liability. Due to the legal requirements of the eIDAS Regulation and the Swiss Federal Law ZertES, the QES is distinguished from the advanced electronic signature (AES) and simple electronic signature (SES):

FES

The advanced electronic signature is a digital signature without legal anchoring. According to the eIDAS Regulation, a refined signature enables unique identification and assignment of the signatory (non-repudiation and authenticity) and the detection of a subsequent change on an already signed digital document (integrity). This type of signature has a high probative value but a lower liability, as there are no legally recognized validation options, and the legislator allows broad scope for the design of the advanced signature.

SES

The simple electronic signature is a digital signature with deficient liability and evidential value. There is no legal basis or specified requirements for creating this type of signature. For this reason, you can forge this type of signature very easily.

 

Advantages of QES

 

Legal validity

Only the QES is equal to the handwritten signature by law. Various legal requirements and regulations can already demand a QES from persons. In Germany, for example, these include the Anti-Money Laundering Act and the Employee Leasing Act. In Switzerland, a QES is required from a company's responsible person in certain use cases, which the Swiss Financial Market Supervisory Authority FINMA controls.

Cost and time-saving.

By introducing a QES, you save enormous costs in paper consumption, logistics, scanning, printing, or sending by post. At the same time, you can avoid the time-consuming trip to the office or customer because you sign a contract with the QES in the digital platform regardless of location and time.

Quality and security 

Depending on regulatory requirements, you must store specific signed contracts securely for a more extended period. If there is a handwritten signed paper contract, there is a risk that it will no longer be clearly legible after this retention period and will fade. By using QES on a digital contract, the signature quality remains in the original even after many years and can be securely verified via a validator.

 

Use cases of QES

 

Opening an online banking account

According to the Money Laundering Act (AML) regulations, a customer must be identified when opening an account. Traditionally, the person performed it onsite at the bank branch. Although direct and online banks have been offering the option of online identification for some time, they provide the necessary applications and documents for opening an account to the customer by post so that they sign them by hand. You can prevent this media disruption by using an electronic signature, as the customer can submit a legally secure and digital declaration of intent.

The industry experts at Swisscom Trust Services will analyze your needs for QES in the financial sector, your challenges, and your existing processes before preparing a proposal. Depending on the use case, this can include integrating a standardized partner solution or a development tailored to your use case.

 

Digitalization of the healthcare industry

Comprehensive digitization of the healthcare industry can standardize and accelerate processes, thereby increasing efficiency and reducing costs. This frees up resources for better patient care. With an electronic patient record, patients have all their health information in one central digital location. This allows documents to be easily exchanged between GPs, specialists, and clinics. With the QES, making legally secure and efficient online declarations of intent in such a process is possible.

The industry experts at Swisscom Trust Services analyze the need for QES in the healthcare sector, the problems, and the previous processes of interested parties in detail before preparing an offer. Depending on the use case, this can include integrating a standardized partner solution or a development tailored to the use case.

 

Signature on employee leasing contracts

Due to the shortage of skilled workers, many industries are in the so-called "war of talents." In this context, the time factor must be addressed. Companies constantly run the risk of an applicant receiving a better offer while the employment contract is on its way by post. Although the application documents and the interview are submitted online, the complete digital onboarding of a new employee often fails because of the handwritten signature on the employment contract. This can be digitally mapped using a QES. Especially in the employee leasing market, the legislator in Germany requires a qualified signature on the employee leasing contract.

The industry experts at Swisscom Trust Services analyze the needs of their HR department, the problems, and the previous processes of interested parties in detail before preparing an offer. Depending on the use case, this can include integrating a standardized partner solution or a development tailored to the use case.

 

How the signature with a QES works

This step-by-step guide explains how you can successfully sign a digital document with a qualified electronic signature.

Step 1: Choice of signature partner application with integrated signing service

Depending on your specific application or the legal significance of the digital document you need to sign, could you select a suitable signature partner application? These applications have successfully integrated the Signing Service of Swisscom Trust Services so you can use sign documents with a qualified electronic signature.

Step 2: One-time identification and registration for QES.

According to the legal requirements (EU Regulation eIDAS or Swiss Federal Law ZertES), a person must be identified and registered once to be authorized for QES. To use the QES in your chosen signature application, you will get identified via the integrated Smart Registration Service with your preferred identification method. During identification, your identity will be paired with your mobile phone number, and a two-factor authentication means used as a signature approval method (e.g., Mobile ID or Password and SMS Code method). To complete the identification and registration for the QES, you will automatically receive an SMS with a link to the terms of use of the Signing Service. You can use the QES in your selected signature application once you have accepted and confirmed these.

Step 3: Upload the document and invitation to sign

Now upload the paper to the signature application. In some of our partners' applications, you can start a signature workflow to invite other signing persons to sign. You can also visually place your signature on the document before you begin the signing process.

Step 4: Signature approval through 2-factor authentication

After starting the signing process in the application, you will receive a signature request on your mobile phone. To digitally express your will, you approve your QES with the 2-factor authentication you stored in the identification process (Step 2).

Step 5: Creating the signature

Through your authentication, the document is signed with a QES in the signature application and can be downloaded or forwarded by you.

 

The encryption of a QES?

The technical basis for the electronic signature is a public-private infrastructure (PKI). To create an electronic signature, the PKI uses a cryptographic algorithm to generate a key pair with two keys for the person signing, which have a specific length in the encoding. One of the keys is public, and the other is private. In addition, this key pair must be uniquely assigned to the signing person to generate the electronic signature. During the digital signing process in a partner application, Swisscom Trust Services, as a provider of trust services, combines the private and public keys of the person and creates a qualified electronic certificate and time stamp for it. These are applied to the digital document with the signature.

 

The significance of encryption

The technical encryption of an electronic signature makes it possible to guarantee the document's integrity and the authenticity of the person on the digital document. In other words, once an electronic signature has been applied, the document can be checked for authenticity and can no longer be changed. The electronic signature can also be used to verify the unique identity of the signatory afterward.