1. Help Center
  2. Electronic seals

What is the difference between an advanced and a qualified/regulated electronic seal?

An advanced electronic seal serves as evidence that an electronic document was issued by a legal person, ensuring certainty of the document's origin and integrity. It corresponds to an advanced electronic signature issued by a natural person. It could be used in all cases where not explicitly qualified electronic seals are required. Since a qualified electronic seal enjoys the presumption of the data's integrity and the correctness of the origin of the data to which the qualified electronic seal is linked, the quality, integrity, and correctness of an advanced electronic seal must typically prove in case of a legal proceeding. But generally, they are admitted to be used. Advanced electronic seals of Swisscom Trust Services are audited according to the NCP+ standard, the highest standard of advanced signatures and seals of ETSI. This is also accepted with a green hook in Adobe Reader.

The Swiss Signature Act ZertES does not define advanced electronic signatures. EU regulation eIDAS provides article 36 to outline the requirements of an advanced electronic seal:

(a) it is uniquely linked to the creator of the seal;

(b) it is capable of identifying the creator of the seal;

(c) it is created using electronic seal creation data that the creator of the seal can, with a high level of confidence under its control, use for electronic seal creation; and

(d) it is linked to the data to which it relates so that any subsequent change in the data is detectable.

Since advanced electronic seals are not defined in detail, no validator exists to prove their correctness. If this is required, qualified electronic seals should be used.

Qualified or regulated electronic seals are regulated in detail in both signature laws (ZertES and eIDAS). They must follow the QCP standard according to the ETSI regulations and meet nearly the exact requirements as qualified electronic signatures for natural persons. They must be generated on qualified electronic seal creation devices and enjoy the presumption of data integrity and correctness of the origin of the data to which the qualified electronic seal is linked in legal proceedings. The correctness can be validated with the official eIDAS or ZertES validators.