Updated on
Electronic signature (or e-signature) allows you to sign documents digitally with the same legal value as a handwritten signature. This guide explains how it works, the three levels defined by the eIDAS regulation, its legal validity in France and Europe, and how to implement electronic signature in your organization.
An electronic signature is a set of data in electronic form, which is attached or logically associated with other data in electronic form and which the signatory uses to sign. This definition, from the eIDAS regulation (regulation (EU) No. 910/2014), covers a broad spectrum of technical mechanisms, from the simplest (checking a box, typing your name) to the most sophisticated (qualified cryptographic certificate).
Under French law, article 1367 of the Civil Code provides that "the signature necessary for the completion of a legal act identifies the person who affixes it" and that, when electronic, it "consists of the use of a reliable identification process guaranteeing its link with the act to which it is attached". The reliability of the process is presumed for signatures qualified under eIDAS.
Concretely, an electronic signature fulfills three functions: it identifies the signatory, it expresses their consent to the content of the document, and it guarantees the integrity of the document (any modification after signing is detectable).
The terms are often confused. Electronic signature is the legal concept (what commits the signatory). Digital signature is the underlying cryptographic technique (document hashing, asymmetric encryption with private key) that can be used to implement an advanced or qualified electronic signature. Every digital signature is an electronic signature, but not vice versa.
The mechanism rests on two pillars: the authentication of the signer and the integrity of the document.
To authenticate the signatory, one or more identification factors are used: trusted email address (single-use link), OTP code received by SMS, personal cryptographic certificate, etc. To guarantee integrity, a fingerprint (hash) of the document is calculated at the time of signature. If the document is subsequently modified, the fingerprint no longer matches — the signature is then invalidated.
In solutions like Certyneo, the process relies on PDF processing libraries that integrate these cryptographic metadata directly into the file. A timestamped audit trail (action log) completes the system by recording each step: sending, opening, OTP validated, signature, etc.
On the technical side, several security mechanisms strengthen the inviolability of the process: qualified timestamping (RFC 3161) applies certified time proof to each signature; TLS 1.3 encryption protects data in transit; the signatory's geolocation and IP address are recorded for traceability; finally, in certain flows (AES/QES), behavioral biometric data (typing speed, pressure) complement the identity fingerprint.
The concept of non-repudiation is central: thanks to the timestamped and cryptographically signed audit trail, it is technically impossible for a signatory to deny having signed a document without falsifying the chain of evidence. As for archival, French regulations (decree 2016-1673) require retention for 10 years for most commercial acts — Certyneo ensures this archival with probative value in sovereign hosting (EU).
The eIDAS regulation defines a hierarchy of three levels. The higher the level, the stronger the identification requirements and the more robust the legal presumption.
Simple electronic signature
Examples
Web form, checkbox, name typed on keyboard
Typical use cases
Quotes, internal orders, low-risk documents
Certyneo
Available on all Certyneo plans
Advanced electronic signature
Examples
SMS OTP + email, strong signer authentication
Typical use cases
Employment contracts, NDAs, major commercial agreements
Certyneo
Standard and Business plans — dual-channel OTP (email + SMS)
Qualified Electronic Signature
Examples
QTSP certificate + secure creation device
Typical use cases
Notarial deeds, very high-value contracts, public procurement
Certyneo
Via partner QTSP on request — native integration on roadmap
| Criterion | SES Simple | AES — Advanced | QES — Qualified |
|---|---|---|---|
| Signer identification | Email only | OTP SMS + email | QTSP + QSCD Certificate |
| Document Integrity | Basic | Cryptographic (hash) | Cryptographic (hash) |
| Qualified Certificate Required | No | No | Yes (eIDAS Service Provider) |
| Presumption of Handwritten Signature Equivalence | No | Partial | Full (art. 25 eIDAS) |
| Reversal of Burden of Proof | No | No | Yes (in favor of the signer) |
| Typical Use Cases | Quotes, Orders | HR Contracts, NDAs, Employment Agreements | Notarial Acts, Public Procurement |
| Certyneo Availability | All Plans | Standard and Business | Via Partner QTSP |
Key legal point — reversal of burden of proof: For QES only, article 25 of the eIDAS regulation establishes a legal presumption of equivalence with handwritten signature. In case of dispute, it is for the challenger to prove that the signature is invalid — not for the signatory to prove its validity. This reversal is a considerable advantage in contractual disputes.
In France, electronic signatures have been recognized since the Law No. 2000-230 of March 13, 2000, which amended the Civil Code to establish electronic writing and electronic signatures as equivalent to their paper counterparts. Article 1366 specifies that electronic writing "has the same evidentiary force as writing on paper medium".
At the European level, the eIDAS Regulation (EU) No. 910/2014 creates a unified legal framework for electronic signatures. Its article 25 establishes the principle of non-discrimination: "electronic signatures shall not be denied legal effect and admissibility as evidence in legal proceedings solely on the grounds that they are in electronic form". Qualified signatures (QES) furthermore benefit from a legal presumption equivalent to handwritten signatures in all 27 Member States.
For standard documents (commercial contracts, employment contracts, quotes, NDAs, mandates), an advanced signature (AES) offers an excellent balance between ease of use and legal security. Qualified signature (QES) is reserved for very high-value documents or situations where sector regulations explicitly require it.
To ensure a service provider's compliance, ANSSI publishes the French trust list (TSL — Trust Service List) of qualified providers authorized to issue QES certificates. At the European level, each Member State publishes its own TSL, all accessible via the European Commission's official portal (eidas.ec.europa.eu). Certyneo is ISO 27001 certified and hosts its data in the EU (Germany).
Beyond legal compliance, electronic signature profoundly transforms contracting and administrative processes.
Un contrat qui prenait 5 jours (impression, envoi postal, retour) se finalise en quelques heures. Les rappels automatiques éliminent les relances manuelles.
L'audit trail horodaté, le chiffrement TLS 1.3 et l'OTP double canal offrent un niveau de preuve supérieur au papier contre la falsification ou le déni.
eIDAS compliance and article 1367 of the French Civil Code. Documents signed have the same probative force as a handwritten signature and are admissible in French courts.
Élimination des coûts d'impression, d'envoi, d'archivage physique et de gestion manuelle. Le ROI est généralement atteint en moins de 3 mois.
Every step in the document lifecycle is recorded. You know exactly who opened, read, and signed, and at what time, from which IP address.
Data hosted in Germany (EU) (European Union), documented retention period, right to access and deletion. GDPR compliance is built in.
Almost all contracts and legal documents can be electronically signed. Few exceptions remain (notarized acts, handwritten wills) but they concern less than 5% of common business documents.
Even if legally recognized, an electronic signature can be contested if implemented incorrectly. Here are the most common pitfalls encountered in business.
Signing an employment contract or asset transfer agreement with SES (simple click) exposes the employer to contestation risk. Rule: any contract worth > €1,500 or with significant HR consequences must use at least AES with SMS OTP.
The signed document is only part of the proof. The audit trail — which documents each step (send, open, OTP validated, time, IP) — is the cornerstone in case of dispute. Without it, it is impossible to reconstruct the chain of events before a judge.
Biometric and identification data of signatories are sensitive personal data. Your provider must host data in the European Union and have a DPA (Data Processing Agreement) compliant with GDPR. Be cautious of US-based solutions without EU hosting.
Scanning your handwritten signature and inserting it into a PDF has no legal value under the eIDAS regulation. A true electronic signature is based on cryptographic mechanisms of integrity and authentication — not on an image.
Decree 2016-1673 requires retaining signature proof for the entire legal lifetime of the contract (10 years for commercial documents, 5 years for employment contracts). Your solution must guarantee archiving with probative value, not just standard cloud storage.
With Certyneo, you can send your first document for signature in less than 5 minutes.
Sign up on Certyneo in seconds with your email or via Google/Microsoft. No credit card required to get started.
Import your PDF or Word file. Certyneo automatically converts Word files to a signature-optimized PDF.
Enter the name and email of each signatory. Set the signing order if necessary and position the signature fields in the document.
A secure email is sent to each signatory with a unique link. For advanced signature, the signatory also receives an OTP via SMS.
From your dashboard, track the status of each envelope: sent, opened, signed, or declined. Automatic reminders follow up with inactive signatories.
Once all signatories have signed, the final PDF (with integrated audit footer) is automatically archived for 10 years and accessible at any time.
An electronic signature is a technical process allowing identification of the author of a digital document and guaranteeing the integrity of that document. It is the legal equivalent of a handwritten signature within the meaning of the eIDAS regulation (EU) No. 910/2014 and article 1367 of the French Civil Code.
Yes. Electronic signatures have been legally recognized in France since the law of March 13, 2000 (article 1367 of the French Civil Code) and throughout the European Union under the eIDAS Regulation. They have the same legal value as handwritten signatures provided that conditions for signatory identification and document integrity are met.
The eIDAS regulation defines three levels. Simple signature (SES) corresponds to the basic level: click, check a box or type your name. Advanced signature (AES) requires identification of the signatory (OTP SMS/email, for example) and a unique link with the document. Qualified signature (QES) additionally requires a certificate issued by a qualified trust service provider (QTSP) and a secure signature creation device — it offers the strongest legal presumption.
Nearly all contractual and commercial documents can be electronically signed: employment contracts, quotes and purchase orders, NDAs, service contracts, amendments, mandates, agreements, and transfer deeds. Certain authentic acts (notarial deeds, civil status documents) require specific conditions.
With Certyneo, the sender uploads their PDF document, adds the signatories and defines the fields. Each signatory receives a secure link by email. For an advanced signature (AES), a dual OTP email + SMS (our SMS OTP provider) authenticates the signatory. The final PDF integrates a timestamped audit footer and is archived for 10 years.
Yes. The eIDAS regulation is directly applicable in the 27 Member States of the European Union. A qualified signature issued in one member country is recognized in all other member countries. Simple and advanced signatures also have probative value but may be subject to assessment by the judge.
Certyneo offers a free plan (5 envelopes/month), a Personal plan at €9/month, a Standard plan at €19/month and a Business plan at €39/month (Business) or €99/month (Business Pro). Advanced eIDAS signature (AES) is available from the Personal plan (€9/month) onwards.
An audit trail is a timestamped log of all actions performed on an envelope: sending, opening, viewing, signing, declining, expiration. It provides proof of the chronology of events and enhances the evidentiary value of the signed document in case of dispute.
Yes, an eIDAS-compliant electronic signature is technically safer than a handwritten signature. It combines: (1) signatory identification by SMS OTP or certificate, (2) cryptographic fingerprint (SHA-256 hash) of the document — any modification after signature immediately invalidates the signature, (3) qualified timestamping certifying the exact time, (4) signed and encrypted audit trail preserving the complete history. None of these protections exist for a paper signature.
The duration depends on the document type: 10 years for commercial contracts (art. L.110-4 French Commercial Code), 5 years for employment contracts, 30 years for real estate matters. Decree 2016-1673 requires that archiving be performed under conditions guaranteeing document integrity and readability. Certyneo ensures such archiving with probative value hosted in the European Union.
Non-repudiation is the legal and technical property that prevents a signatory from denying having affixed their signature. It is guaranteed by the combination of: the timestamped and cryptographically signed audit trail, the OTP sent to the signatory''s phone number (proof of possession), and the unique fingerprint of the document. In case of judicial dispute, non-repudiation constitutes a strong presumption in favor of the signature beneficiary.
For a reliable and compliant solution, verify: eIDAS qualification (ANSSI trust list for QES), ISO 27001 certification (information security), GDPR compliance with hosting in the EU, HDS compliance if you process health data, and ideally ANSSI SecNumCloud qualification for cloud-hosted solutions. Certyneo hosts all of its data in Germany (EU).
Certyneo Legal Team
Electronic signature and contract law experts
This guide is written and maintained by Certyneo's legal and technical team, specializing in electronic contract law, eIDAS compliance, and data protection (GDPR). Each article is reviewed quarterly to reflect the latest regulatory developments.
Last revision :
The digitalization of delivery notes and invoices is revolutionizing logistics and road transportation. Discover how eIDAS-compliant electronic signature transforms your processes starting in 2026.
The construction sector is drowning in paper documents: quotes, contracts, amendments, reception reports. Electronic signature changes everything — speed, legal security, and eIDAS compliance guaranteed.
Payslip digitalization is accelerating in 2026 thanks to electronic signature. Discover everything you need to know for compliant and effective implementation.
Electronic signature transforms the offer letter into a legally reliable act starting in 2026. Discover how to secure this key document in your recruitment process.
Sign your documents without leaving Outlook or Gmail thanks to native electronic signature integration. Discover best practices and solutions for 2026.
Connecting electronic signature to your ERP transforms your document flows and reduces signature delays by 70%. Discover how to integrate it effectively.
We use cookies to improve your experience on our site. Cookies strictly necessary for the service to function are always active. Learn more