Table of contents
In the day-to-day operations of a company, not all documents have the same level of legal risk or the same need for signer identification. That’s why the eIDAS Regulation (European electronic identification regulation) establishes three levels of electronic signature: simple, advanced, and qualified.
The key is not to always use the most complex one, but to know when a simple signature is enough and when the probative strength of an advanced signature is indispensable.
What differentiates a simple signature from an advanced one: Probative strength
Both types of signature have legal validity, but their difference lies in the probative strength in case of a conflict and in the technical requirements they meet to link the signer to the document.
1. Simple Electronic Signature
It is the most basic way to express consent.
- Definition: Any data in electronic format attached to other electronic data or logically associated with them, which the signer uses to sign.
- Examples: A click on an “Accept” button, entering a PIN, or a biometric signature drawn on screen if the system doesn’t guarantee an exclusive link.
- Probative Strength: It is legally valid, but if the document is challenged in court, the burden of proof falls on whoever presents it. They must provide evidence showing who signed, what was signed, and when.
2. Advanced Electronic Signature
It adds technical security layers to guarantee the identity and integrity of the document.
- Requirements (eIDAS): Must be uniquely linked to the signer, allow their identification, be created using data that the signer can use under their exclusive control, and guarantee the detection of any subsequent modification of the document.
- Common mechanisms: Combination of OTP (one-time password), IP traceability, two-factor identity verification, or document validation.
- Probative Strength: Its greater technical solidity greatly reinforces its probative value. The level of evidence generated by the process (which demonstrates the signer’s exclusive control) makes any challenge extremely difficult.
In summary:
| Characteristic | Simple Signature | Advanced Signature |
|---|---|---|
| What it certifies | Consent and acceptance | Identity, exclusive control, and document integrity |
| Burden of proof | Falls on whoever presents the document | Its technical solidity makes it robust evidence |
| Ideal use | Agility, low risk, internal processes | Security, high risk, contracts with third parties |
When a simple signature is sufficient
The simple signature is perfectly valid and the most efficient option for the vast majority of internal and everyday transactions, where priority is agility and low risk.
Common cases where simple is enough:
- Acceptance of low-value quotes or orders.
- Approvals and internal Human Resources flows (e.g., vacation requests, expenses).
- Acceptance of terms and conditions or privacy policies.
- Consent or authorization documents in online processes without severe legal or economic implications.
In eEvidence, the combination of simple signature and registered email reinforces its probative value, by providing complete traceability of sending, reception, and acceptance sealed in time.
When it’s advisable to use an advanced signature
The advanced signature becomes the recommended option whenever the risk of legal conflict or the economic obligations associated with the document are relevant.
It’s advisable to use an advanced signature when:
- The document has significant economic value or generates long-term contractual commitments.
- Unambiguous identification of the external signer is needed (e.g., complex service provision contracts, B2B confidentiality agreements).
- The risk of challenge is high and a robust technical proof is required that makes signature denial difficult.
- Specific regulatory compliance is required that demands a reinforced level of identification.
In these cases, the advanced signature provides armored proof based on verifiable evidence and rigorous authentication.
How to decide the appropriate signature level
A practical rule is to evaluate the risk level in the event of a dispute:
- Legal/Economic Risk: What would the company lose if this document is annulled or challenged? (High = Advanced / Low = Simple).
- Identification Need: Do I need to formally verify the signer’s identity or is their mere intention to accept enough? (Identity = Advanced / Intention = Simple).
- Operational Friction: Does the security level compensate for the small increase in complexity for the signer? (Yes = Advanced / No = Simple).
Practical examples
| Situation | Recommended signature level | Reason |
|---|---|---|
| Acceptance of a quote or internal policy | Simple | Low economic risk and internal documentation. |
| Service provision contract or B2B agreement | Advanced | High value and need for contracting party identification. |
| Informed consent or medical authorization | Advanced | Personal implications and need for unambiguous identification. |
| Human Resources document (e.g., vacations) | Simple | Low-risk internal document. |
| Commercial or financial contract | Advanced | High economic commitments. |
| Procedures with Public Administration | Qualified | Specific legal requirement. |
Frequently Asked Questions (FAQ)
Is a simple signature legal?
Yes, fully legal. The eIDAS Regulation (Art. 25.1) establishes the principle of non-discrimination: “Legal effects and admissibility as evidence in legal proceedings shall not be denied to an electronic signature solely on the grounds that it is electronic or that it does not meet the requirements for qualified signatures.” What’s crucial is the traceability and evidence that accompanies it.
What happens if a simple signature is challenged?
If the system doesn’t generate sufficient evidence (traceability, timestamping, IPs), the challenge could succeed, since the burden of proving its validity falls on you. That’s why it’s vital to use solutions that, even with a simple signature, incorporate technical evidence from trusted third parties (like that offered by eEvidSign).
Does an advanced signature require a digital certificate?
Not necessarily. An advanced signature is not synonymous with a qualified certificate. It can be based on a combination of secure authentication factors (OTP sent to mobile, email validation, two-factor) that demonstrate the signer’s exclusive control over the process.
Conclusion
Simple and advanced signatures are complementary tools. The intelligent choice is one that balances legal security with operational efficiency.
While the simple signature offers speed without sacrificing legal validity, the advanced one provides the probative solidity necessary for higher-risk documents. With solutions like eEvidSign from eEvidence, companies can manage both signature levels flexibly, traceably, and in compliance with eIDAS regulations, always choosing the most appropriate option for each document.
Ready to get started?
Contact us to share your business project or register now to start trying our services today