cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Legality of SAP's eSignature

anishkumar4
Discoverer

on ‎12-12-2023 7:43 AM

0 Kudos

Trying to move from DocuSign to SAP’s eSignature and as not every e-signature is considered a formal signature as it has to be technically fully certain that the signature belongs to the person. There are in any case European rules to be met (eIDAS) To be precise it will need to be a QES signature:

  1. An advanced electronic signature (AdES) is an electronic signature that fulfils additional requirements. Article 26 of eIDAS provides that an AdES must also be:
    • uniquely linked to the signatory;
    • capable of identifying the signatory;
    • created using electronic signature creation data (a private key) that the signatory can, with a high level of confidence, use under his sole control; and
    • linked to the signed data in such a way that any subsequent change in the data is detectable.
  1. A qualified electronic signature (QES) is an AdES that :
    • is created by a qualified electronic signature creation device (QESCD) (Article 22, eIDAS). For example, a physical smartcard held by the signer with an associated pin code or hardware security module operated remotely by a qualified trust service provider (QTSP) in the cloud;
    • is based on a qualified certificate for electronic signatures issued by a QTSP (Article 3(23), eIDAS); and
    • meets technical and security requirements set out in Annexes I and II of eIDAS.

AdES and QES are available from Acrobat Sign and Adobe’s network of QTSPs. AdES and QES are commonly known as digital signatures. A digital signature provides a higher level of assurance and is a more technologically sophisticated electronic signature. A digital signature relies on public key infrastructure (PKI) technology and digital certificates issued by trust service providers (TSPs) to confirm the link between the signatory and their public and private keys. PKI is further discussed below.

Could you please confirm the Legal effect and admissibility

Our starting point in determining the legal effect of electronic signatures is Article 25 of eIDAS:

  • An electronic signature shall not be denied legal effect and admissibility as evidence in legal proceedings solely on the grounds that it is in an electronic form or that it does not meet the requirements for QES.
  • A QES shall have the equivalent legal effect of a handwritten signature.
  • A QES based on a qualified certificate issued in one EU Member State shall be recognised as a qualified electronic signature in all other EU Member States.
Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (0)

Ask a Question