eIDAS (Regulation EU 910/2014) is the framework that makes electronic signatures legally recognised across the European Union. Rather than treating every e-signature the same, it sorts them into three tiers of increasing assurance: Simple, Advanced, and Qualified.
Understanding which tier a document needs — and how to stay compliant when you are signing or verifying from outside the EU — is the difference between a signature that holds up in court and one a counterparty can challenge. This guide breaks down the three tiers, when each applies, and where verification fits after signing.
What are the three eIDAS signature tiers?
eIDAS defines three tiers: Simple Electronic Signature (SES), Advanced Electronic Signature (AdES), and Qualified Electronic Signature (QES), each building on the one below it. An SES is any data in electronic form used to sign — a typed name, a scanned signature, or a clickwrap acceptance — and captures basic intent to be bound. An AdES adds technical assurance: it must be uniquely linked to the signer, capable of identifying them, created under their sole control, and linked to the document so any later change is detectable. A QES is an AdES created with a qualified signature creation device (QSCD) and based on a qualified certificate issued by a Qualified Trust Service Provider (European Commission eSignature FAQ). Each step up adds identity assurance and legal weight.
How do SES, AdES, and QES compare?
The practical differences come down to identity assurance, tamper detection, and legal standing. Only QES carries automatic legal equivalence to a handwritten signature across all 27 EU member states; courts cannot reject it solely for being electronic, and the burden of proof shifts to the party challenging it.
| Tier | Identity assurance | Tamper-evident? | Legal standing in EU | Typical use |
|---|
| SES (Simple) | Low — no verified identity | No | Admissible, but weight must be argued | Internal approvals, low-risk consent |
|---|
| AdES (Advanced) | Medium — signer uniquely linked | Yes | Strong, widely accepted | Commercial contracts, HR documents |
|---|
| QES (Qualified) | High — qualified certificate + QSCD | Yes | Equal to handwritten signature, EU-wide | High-value, regulated, or disputed deals |
|---|
When does each eIDAS tier apply?
Pick the tier by legal risk, not convenience. SES suits low-stakes internal sign-offs and consent clicks where the relationship and intent are not in dispute. AdES is the common default for commercial agreements, employment paperwork, and B2B contracts, because it uniquely identifies the signer and makes tampering detectable — strong protection without the certificate overhead of QES. QES is reserved for situations where the law specifically requires a qualified signature or where the value and dispute risk justify the highest assurance: notarial acts, certain financial transactions, and cross-border deals that must hold up uniformly across member states. When in doubt, regulated and high-value documents warrant AdES or QES. The same logic applies to electronic signatures vs digital signatures: the legal act and the cryptographic proof are distinct decisions.
Can you comply with eIDAS from outside the EU?
Yes — organisations outside the EU can produce eIDAS-compliant signatures, but QES requires a qualified certificate from an EU-recognised Qualified Trust Service Provider, which non-EU signers must obtain through an accredited provider. SES and AdES have no such gatekeeping and are widely used by non-EU companies signing with EU counterparties. US teams should note that eIDAS governs EU recognition, while domestic enforceability in the United States runs through the ESIGN Act and UETA — different regimes with overlapping principles. If you operate across both, see our comparison of the ESIGN Act vs UETA to understand how US rules differ. Whichever tier you use, eIDAS proves who signed and that the file is unaltered at signing — it does not host a recipient-facing way to re-verify the finished document later.
Where does verification fit after signing under eIDAS?
eIDAS proves a signature at the moment of signing; it does not give a recipient an easy, ongoing way to confirm the finished document is authentic. A QES is cryptographically strong, but most recipients lack the software to validate it, and a signed PDF can still be screenshotted, altered, and re-shared. VerifyDoc.ai complements eIDAS by attaching QR-backed verification and a hosted, issuer-controlled proof page to the issued document, so any recipient can confirm authenticity in seconds — no login, no validation software. To understand the broader model, see our pillar guide on how to verify document authenticity and the related guide to issuing a certificate of authenticity.
