Advanced Electronic Signature (AES), Simple (SES) and Qualified (QES): the 3 eIDAS Levels

The Advanced Electronic Signature (AES) is the most widely used level in B2B and the only one to offer a legal presumption of integrity without imposing a smart card on the signatory. Alongside Simple Signature (SES) and Qualified Signature (QES), it comprises the three levels defined by the European eIDAS regulation. Here is how to choose the right level based on the nature of your document, its expected evidentiary value and the acceptable friction for the signatory.

What is Advanced Electronic Signature (AES)?

Advanced Electronic Signature is the intermediate level defined by Article 26 of the eIDAS regulation. It must meet four cumulative conditions: (1) be uniquely linked to the signatory, (2) allow them to be identified, (3) be created from data under their exclusive control, (4) allow any subsequent modification of the signed document to be detected. In practice, these conditions are met via strong authentication (email + OTP SMS), a time-stamped audit trail and cryptographic hashing of the PDF.

AES benefits from a legal presumption of integrity and origin which reverses the burden of proof before the judge: it is up to the person contesting the signature to prove its falsity, not the signatory to prove its validity. This is what fundamentally distinguishes AES from SES, where reliability is assessed on a case-by-case basis by the judge.

The Three Levels Defined by eIDAS

The eIDAS regulation (No. 910/2014) organises electronic signatures into three levels, corresponding to increasing degrees of requirement in terms of signatory identification and strength of evidence. Understanding these levels well allows you to choose the signature adapted to each document, without over-dimensioning the process.

Level 1: Simple Electronic Signature (SES)

Simple Electronic Signature is the basic level. It corresponds to any manifestation of electronic consent: a click on "I accept", a checkbox, a paraph drawn on a touchscreen.

• Requirements: clear consent, minimal identification (email)

• Evidence: weak to medium, varies by provider

• Use cases: quotes, purchase orders, internal agreements, general terms and conditions

• Signatory friction: almost none — the signatory does not create an account

SES is sufficient for the vast majority of routine commercial exchanges where the risk of dispute is low. It remains legally valid, with the judge assessing on a case-by-case basis the reliability of the procedure.

Level 2: Advanced Electronic Signature (AES)

Advanced Signature strengthens signatory identification and establishes a unique link between them and the document. It is based on four criteria set out in Article 26 of eIDAS:

• it is linked to the signatory in a univocal manner

• it allows the signatory to be identified

• it is created with means that the signatory keeps under their exclusive control

• it is linked to the document in a way that allows any subsequent modification to be detected

In practice, AES involves dual-factor authentication: unique link sent by email + OTP code received by SMS. The final PDF incorporates a timestamp and a detailed audit trail.

• Use cases: employment contract, lease, mandate, commercial contract at stake, NDA

• Signatory friction: low — an SMS code to enter in addition to the email

• Evidence: strong, rebuttable presumption of validity

Level 3: Qualified Electronic Signature (QES)

Qualified Signature is the highest level. It is based on a qualified certificate issued by a Qualified Trust Service Provider (QTSP) listed on the trust list of an EU Member State, and on a secure signature creation device (e.g. YubiKey, smart card).

• Legal value: equivalent to a handwritten signature throughout the EU

• Use cases: authenticated deeds, public procurement, certain notarial acts

• Signatory friction: high — face-to-face identity verification or video KYC

• Cost: significantly higher than SES/AES

For most organisations, QES is rarely necessary on a daily basis. It becomes essential when the law requires it (legal proceedings, certain public procurement) or when the contract has exceptional value.

Quick Comparison Table

Criterion | Simple | Advanced | Qualified

Identification | Email | Email + OTP SMS | Qualified certificate + identity verification

Legal Value | Evidence to assess | Presumption of validity | Equivalent to handwritten signature EU

Friction | Almost none | Low | High

Typical use case | Quotes, purchase orders | Employment contract, lease | Notarial deeds, public procurement

Cost | Low | Moderate | High

How to Choose the Right Level

The simple rule: align the level with the stakes of the document.

• If the document is contested, what is at stake? A few hundred pounds or a contract worth tens of thousands?

• Is the relationship with the signatory known (long-standing customer) or unknown (first contact)?

• Does the document fall within a legal framework requiring a specific level (e.g. employment contract, lease)?

As a general rule: SES for simple agreements, AES for anything involving HR, real estate, finance, QES only when the law requires it.

Common Mistakes

• Systematically taking QES "to reassure yourself": unnecessary friction for the signatory, high cost, often over-dimensioned.

• Settling for SES for everything: in the event of a dispute over an employment contract, the lack of strong authentication can weaken the evidence.

• Confusing validation and signature: an acknowledgement of receipt is not a signature.

How Certyneo Helps You

Certyneo natively supports simple (SES) and advanced (AES) levels, with dual OTP email + SMS via Twilio Verify for AES. For cases requiring QES, Certyneo interfaces with several qualified European providers (Docaposte Certigna, Universign, CertEurope) to trigger qualified signature without changing tools.

You can define the signature level document by document depending on the stakes — or by template if you have industrialised a process.

Discover Certyneo's electronic signature solution

FAQ

Can I mix levels in the same envelope?

Yes. A multi-document envelope can include a quote signed in SES and a contract signed in AES, for example. Each signatory sees authentication adapted to the document they need to sign.

Is Advanced Signature Recognised Internationally?

Within the EU yes, under the eIDAS mutual recognition principle. Outside the EU, recognition depends on local legal framework — to be verified depending on the jurisdiction concerned.

Do I Need a Personal Certificate to Sign in AES?

No. AES can be obtained without a prior personal certificate thanks to dual OTP. This is what makes AES very accessible, whereas QES requires a qualified certificate.

Is Qualified Signature Mandatory for an Employment Contract?

No. The employment contract accepts Advanced Signature (AES), which already provides strong presumption of validity. For more details, see electronic signature of the employment contract.

How do I verify the level of a signed document?

Open the PDF in Adobe Acrobat Reader: signature properties display the level, signatory and timestamp. You can also use an online verifier.

Conclusion

Choosing the right level of electronic signature is about finding the balance between evidentiary value and friction for the signatory. Start simple, move up a notch when the legal stakes require it.

Try Certyneo to send, sign and track your documents online simply, quickly and securely.