Advanced Electronic Signature (AES), Simple (SES) and Qualified (QES): The 3 eIDAS Levels

The advanced electronic signature (AES) is the most widely used level in B2B and the only one offering a legal presumption of integrity without requiring a smart card from the signer. Alongside simple signature (SES) and qualified signature (QES), it comprises the three levels defined by the European eIDAS regulation. Here's how to choose the right level based on the nature of your document, its expected evidentiary value, and acceptable friction for the signer.

What is an Advanced Electronic Signature (AES)?

The advanced electronic signature is the intermediate level defined by Article 26 of the eIDAS regulation. It must meet four cumulative conditions: (1) be uniquely linked to the signer, (2) allow their identification, (3) be created using data under their exclusive control, (4) allow detection of any subsequent modification of the signed document. In practice, these conditions are met through strong authentication (email + SMS OTP), a timestamped audit trail, and cryptographic hashing of the PDF.

AES benefits from a legal presumption of integrity and origin that reverses the burden of proof before the judge: it is the party contesting the signature who must prove its falsity, not the signer who must prove its validity. This is what fundamentally distinguishes AES from SES, where reliability is assessed on a case-by-case basis by the judge.

The Three Levels Defined by eIDAS

The eIDAS regulation (No. 910/2014) organizes electronic signature into three levels, corresponding to progressively increasing requirements regarding signer identification and proof reliability. Understanding these levels clearly allows you to choose the signature adapted to each document, without over-engineering the process.

Level 1: Simple Electronic Signature (SES)

The simple electronic signature is the basic level. It corresponds to any manifestation of electronic consent: a click on "I Accept," a checkbox, a paraph drawn on a touchscreen.

• Requirements: clear consent, minimal identification (email)

• Proof: weak to medium, varies depending on the provider

• Use cases: quotes, purchase orders, internal agreements, general terms and conditions

• Signer friction: almost none — the signer does not create an account

SES is sufficient for the vast majority of routine commercial exchanges where the risk of dispute is low. It remains legally valid, with the judge assessing the reliability of the process on a case-by-case basis.

Level 2: Advanced Electronic Signature (AES)

The advanced signature strengthens signer identification and establishes a unique link between them and the document. It is based on four criteria set by Article 26 of eIDAS:

• it is linked to the signer unequivocally

• it allows identification of the signer

• it is created using means that the signer keeps under their exclusive control

• it is linked to the document in a way that detects any subsequent modification

In practice, AES requires two-factor authentication: unique link sent by email + OTP code received by SMS. The final PDF incorporates a timestamp and a detailed audit trail.

• Use cases: employment contract, lease, mandate, commercially significant contract, NDA

• Signer friction: low — an SMS code to enter in addition to the email

• Proof: strong, rebuttable presumption of validity

Level 3: Qualified Electronic Signature (QES)

The qualified signature is the highest level. It is based on a qualified certificate issued by a qualified trust service provider (QTSP) listed on the trust list of an EU Member State, and on a secure signature creation device (e.g., YubiKey, smart card).

• Legal value: equivalent to a handwritten signature throughout the EU

• Use cases: authentic acts, public procurement, certain notarial acts

• Signer friction: high — face-to-face identity verification or video KYC

• Cost: significantly higher than SES/AES

For most businesses, QES is rarely necessary on a daily basis. It becomes essential when the law requires it (court proceedings, certain public tenders) or when the contract has exceptional value.

Quick Comparison Table

Criterion | Simple | Advanced | Qualified

Identification | Email | Email + SMS OTP | Qualified certificate + identity verification

Legal value | Evidence to be assessed | Presumption of validity | Equivalent to EU handwritten signature

Friction | Almost none | Low | High

Typical use case | Quotes, purchase orders | Employment contract, lease | Notarial acts, public procurement

Cost | Low | Moderate | High

How to Choose the Right Level

Simple rule: align the level with the document's stakes.

• If the document is disputed, what is at stake? A few hundred euros or a contract worth tens of thousands?

• Is the relationship with the signer known (long-standing customer) or unknown (first contact)?

• Does the document fall under a legal framework requiring a specific level (e.g., employment contract, lease)?

As a general rule: SES for simple agreements, AES for anything touching HR, real estate, finance, QES only when the law requires it.

Common Mistakes

• Systematically taking QES "to be safe": unnecessary friction for the signer, high cost, often over-engineered.

• Settling for SES for everything: in case of a dispute over an employment contract, the absence of strong authentication can weaken the evidence.

• Confusing validation with signature: an acknowledgment of receipt is not a signature.

How Certyneo Helps You

Certyneo natively supports simple (SES) and advanced (AES) levels, with double OTP email + SMS via Twilio Verify for AES. For cases requiring QES, Certyneo interfaces with several qualified European providers (Docaposte Certigna, Universign, CertEurope) to trigger qualified signature without changing tools.

You can define the signature level document by document based on stakes — or by template if you have industrialized a process.

Discover the Certyneo electronic signature solution

FAQ

Can I mix levels in the same envelope?

Yes. A multi-document envelope can include a quote signed in SES and a contract signed in AES, for example. Each signer sees the authentication adapted to the document they must sign.

Is advanced signature recognized internationally?

Within the EU yes, under the principle of mutual recognition of eIDAS. Outside the EU, recognition depends on the local legal framework — to be verified depending on the jurisdiction concerned.

Do I need a personal certificate to sign in AES?

No. AES can be obtained without a prior personal certificate thanks to double OTP. This is what makes AES very accessible, whereas QES requires a qualified certificate.

Is qualified signature mandatory for an employment contract?

No. The employment contract accepts advanced signature (AES), which already offers strong presumption of validity. For more details, see electronic signature of the employment contract.

How do I verify the level of a signed document?

Open the PDF in Adobe Acrobat Reader: the signature properties display the level, signer and timestamp. You can also use an online verifier.

Conclusion

Choosing the right level of electronic signature means finding the balance between evidentiary value and friction for the signer. Start simple, move up a notch when the legal stakes require it.

Try Certyneo to send, sign and track your documents online simply, quickly and securely.