Is Circularo compliant with EU eIDAS regulation?

Yes, our solution is compliant with (eIDAS) requirements and supports all three types of electronic signature as defined by the eIDAS Regulation – electronic, advanced electronic, and qualified electronic signatures. 

Electronic signature, as defined under eIDAS, covers the broad category of all electronic signatures’ including “any data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign.”

In other words, it is an electronic form of signature that a signatory can apply to a document as evidence of their acceptance or approval. This could include a scanned signature image or the click of an “I accept” button.

An advanced electronic signature (AES) is a type of electronic signature that must meet specific requirements providing a higher level of signatory ID verification, security, and tamper-sealing. The Regulation requires that it is:

  1. Uniquely linked to the signatory
  2. Capable of identifying the signatory
  3. Created using signature creation data that the signatory can use under their sole control
  4. Linked to the signed data in such a way that any subsequent change in the data is detectable

Finally, a qualified electronic signature (QES) is the only electronic signature type to have special legal status in EU member states, being the legal equivalent of a written signature.

It is a specific type of electronic signature that must meet advanced electronic signature requirements and be backed by a qualified certificate, meaning a certificate issued by a trust service provider that is on the EU Trusted List (ETL) and certified by an EU member state.

The trust service provider must verify the identity of the signatory and vouch for the authenticity of the resulting signature. Stringent signatory identification and signatory certificate requirements can make qualified electronic signatures impractical for many business transactions.