Distinctions are made between (simple) electronic signatures, advanced electronic signatures and qualified electronic signatures.
While simple and advanced electronic signatures can be used as evidence, only the qualified electronic signature has a legal status equal to the handwritten signature.
A qualified signature creation device is required to create a qualified electronic signature. Such a device could for example be a hardware security module hosted by a trust service provider (TSP); this is the case with the ‘Handy-Signatur’ mobile phone signature. In other cases, a smart card (e.g. bank card, e-card), a suitable smart card reader and matching software are required to create a qualified electronic signature. You also need a qualified certificate, which certifies the identity of the signatory.
A qualified electronic signature is necessary in cases requiring a handwritten signature in electronic form. Certificates for qualified electronic signatures are issued by various providers. Such certificates can be purchased at numerous registration points, including bank branches, or even online.
Yet, a qualified electronic signature cannot be used in every situation. For example, qualified electronic signatures cannot be generated automatically, because a PIN code has to be entered in order to activate the signature function. Apart from that, certain software components are currently only available for specific operating systems.
An advanced electronic signature is an electronic signature that has some of the features of a qualified electronic signature (see above) but has not necessarily been created using a secure signature creation device and is not required to be based on a qualified certificate. An advanced electronic signature was mainly required for the electronic transmission of invoices (except when using the EDI process) and continues to be recognised for that purpose, provided that the underlying certificate can be verified by the signature verification service operated by RTR or by an equivalent verification process. Here also, a certificate issued by a trust service provider is required. Many trust services that are suitable for advanced electronic signatures, as defined in the specific policy statement (e.g. the certificate policy and the certification practice statement), are recognised by RTR’s signature verification service.
Based on the eIDAS Regulation, electronic seals will be introduced from 1 July 2016 onwards. There is no difference between such a seal and an electronic signature in technical terms. The differences are found in the areas of use and in the legal implications. Whereas electronic signatures can be created only by natural persons, only legal persons (i.e. legal entities) can create electronic seals. While electronic signatures are used to sign documents, electronic seals serve as evidence of the origin and integrity of data. A qualified electronic signature has the same legal effect as a handwritten signature; in the case of a qualified electronic seal, there is the presumption of the integrity of the data to which the qualified electronic seal is linked and the correctness of the origin of that data. As with electronic signatures, distinctions are made between simple, advanced and qualified electronic seals.
Various special forms of electronic signatures are significant only for specific purposes. The ‘typical’ user becomes aware of these special forms only as the need arises.
Documents issued by authorities (e.g. official decisions) can be furnished with an official signature. The special feature of such a signature is the visual representation of the electronic signature. It is possible to verify an official signature even if the signed data are available only on paper.