A qualified electronic signature is an electronic signature that is compliant to EU Regulation No 910/2014 (eIDAS Regulation) for electronic transactions within the internal European market. It enables to verify the authorship of a declaration in electronic data exchange over long periods of time. Qualified electronic signatures can be considered as digital equivalent to handwritten signatures.
The purpose of eIDAS was to create a set of standards to ensure that electronic signatures could be used in a secure manner while conducting business online or while conducting official business across borders between EU Member states. The qualified electronic signature is one such standard that has been outlined under eIDAS.
A qualified electronic signature is an Advanced Electronic Signature with a qualified digital certificate that has been created by a qualified signature creation device (QSCD). For an electronic signature to be considered as a qualified electronic signature, it must meet three main requirements: First, the signatory must be linked and uniquely identified to the signature. The second point is that data used to create the signature must be under the sole control of the signatory. And last it must have the ability to identify if the data that accompanies the signature has been tampered with since the signing of the message.
It is important to note that creating a qualified electronic signature is more than merely adding a qualified certificate to an advanced electronic signature. The signature must also be created using a qualified signature creation device (QSCD). This device is responsible for qualifying digital signatures by using specific hardware and software that ensures that he signatory only has control of their private key. In addition, a qualified trust service provider manages the signature creation data that is produced. The signature creation data must remains unique, confidential and protected from forgery
Qualified electronic signatures that comply with eIDAS may be technically implemented through three specific digital signature standards XAdES, PAdES and CAdES that were developed by the European Telecommunications Standards Institute (ETSI) and then need to be complemented with a qualified digital certificate through the procedures described above: