4 min read

Time as digital proof

In the physical world, postmarks, public records, or notarial acts have historically fulfilled an essential function: to attest to the moment when something occurred. In the digital environment, that function is assumed by electronic timestamping, a technical evidence that demonstrates that a file, message, or signature existed at an exact date and time, and that its content has not been modified since then.

Without timestamping, no digital evidence would have persistent value: it would be impossible to prove when something actually occurred.

What is an electronic timestamp

According to Regulation (EU) 910/2014 eIDAS, an electronic timestamp is a set of data that links a date and time to a specific document or information, so that it can be proven that this data did not exist before and has not been altered after the moment of timestamping.

In simple terms, it is a digital signature issued by a Time Stamping Authority (TSA) that certifies the existence and integrity of content at a precise moment.

A timestamp includes:

  • A unique digital fingerprint (hash) of the content.
  • The exact date and time in UTC format.
  • The electronic signature of the issuing authority (TSA).
  • The TSA certificate, which allows verifying its authenticity.

How the process works step by step

  1. Generation of the digital fingerprint
    The system calculates a fingerprint (hash) of the document or message. This fingerprint uniquely represents its content, without revealing the content itself.

  2. Sending to the timestamping authority (TSA)
    Only the fingerprint is sent, never the complete file, guaranteeing confidentiality.

  3. Creation of the timestamp
    The TSA adds the exact date and time, digitally signs the set with its private key, and generates a timestamp token (TST).

  4. Return and storage of the timestamp
    The system that requested the timestamping incorporates the token into the digital evidence (signed document, certified email, log record, etc.).

  5. Subsequent verification
    At any time, it can be verified that the document’s hash matches the timestamped one and that the TSA certificate remains valid.

TST Info:
Version: 1
Policy: 1.3.6.1.4.1.13762.3
Time accuracy: 1 second
Serial number: 0x0123A8B4
Time stamp: Fri Nov 7 11:45:23 2025 GMT
TSA: CN=eEvidence Qualified TSA, O=eEvidence, C=EU

Types of timestamping according to eIDAS Regulation

  • Standard electronic timestamp:
    Issued by a trust service provider, with technical guarantees of integrity and accuracy.

  • Qualified electronic timestamp:
    Issued by a qualified provider listed in the EU Trusted List. It must be synchronized with official time sources and meet the accuracy and security requirements established by ENISA.

In eEvidence, all evidence services —such as certified email, electronic signature, or technical records— incorporate qualified timestamps, which grants reinforced probative force before courts or audits.

Practical applications of timestamping

Timestamping is a cross-cutting tool in digital trust services. Among its main uses are:

  • Certified email: certifies the exact date and time of sending, content, and delivery of the message.
  • Advanced electronic signature: links the signing action with a verifiable instant.
  • Audit logs and technical evidence: ensures that logs and metadata have not been altered.
  • Document protection: guarantees the integrity of reports, contracts, or critical files archived digitally.

Why timestamping is essential

The value of digital evidence does not lie only in its content, but in its ability to demonstrate that it has not changed over time. Timestamping is what gives persistence, integrity, and verifiability to that evidence.

Additionally:

  • Allows independent verification of the record’s authenticity.
  • Guarantees the long-term legal validity (LTV) of the proof.
  • Reinforces the technological and legal security of any communication or signature.

In trust services, time is not only measured: it is certified.

Frequently asked questions (FAQ)

What is the difference between a timestamp and an internal timestamp?

An internal timestamp is simply a local system record. A timestamp, on the other hand, is issued and signed by a recognized external authority (TSA), which gives it legal validity.

Why is it important for the timestamp to be “qualified”?

Because qualified timestamps have presumption of legal validity throughout the European Union according to eIDAS, and can be used as full proof without the need for additional expert opinion.

Does a timestamp expire?

No, but the associated certificates can expire. That is why evidence must be preserved in LTV (Long-Term Validation) format, which maintains its verifiability over time.

What happens if the document is modified after applying the timestamp?

Any alteration generates a different fingerprint, and the timestamp becomes invalid. That is precisely the integrity guarantee that the system provides.

Conclusion

Timestamping is one of the strongest pillars of the digital trust ecosystem. It allows demonstrating in a verifiable way when a document, message, or signature existed, and that its content has remained intact since then.

In eEvidence, every certified email, electronic signature, or technical record is accompanied by qualified timestamps, guaranteeing authenticity, integrity, and traceability with full legal validity.

In the digital age, truth also has a date and time. The timestamp is the proof.

Ready to get started?

Contact us to share your business project or register now to start trying our services today

Contact us Register now