When a party needs to rely on signed electronic data (e.g. a signed document), it is very often important that it can verify:

  • The integrity of the signed data;
  • The authenticity of the signed data.

The requirements for the validation of qualified electronic signatures are, in particular, described in Article 32 of the eIDAS Regulation. In this context,

  • Integrity means that no modification has been made to the signed data after it has been signed;
  • Authenticity means that the signature is supported by a qualified certificate identifying the signatory, and that only the signatory can produce the signature.

A summary and non-exhaustive overview of the steps involved in the validation process for qualified electronic signatures would be:

  • The verification of the integrity of the data;
  • The verification of the validity of the certificate;
  • The verification of the qualified status of the certificate and;
  • The verification if the signature was created by a qualified electronic signature creation device.

Finally, as numerous steps are involved in this validation process, the answer to a validation request can take the form of a validation report that contains the set of answers to the various verifications and steps involved during the validation process.

Looking to get accredited? Contact us