Advanced electronic signature with national eID: legal value for businesses and professionals

National eID schemes notified under eIDAS are now a routine way to sign contracts, mandates and onboarding forms across the EU: itsme in Belgium, DigiD in the Netherlands, the German identity card, SPID in Italy. With the eIDAS 2.0 Regulation deadlines approaching and the European Digital Identity Wallet moving into production, adoption is accelerating. But an advanced electronic signature eID flow gets routinely confused with something else: activating a signature certificate by identifying yourself via eID. The two produce different documents with different evidential weight. So what legal value does an eID-signed document actually carry?

It is valid and admissible anywhere in the Union, but unlike a digital signature (QES) it carries no presumption of attribution. It holds up only insofar as the party relying on it can demonstrate document integrity and the context of signing. The wider framework sits in our guide to the advanced electronic signature and the eIDAS Regulation.

This insight is part of our guide: Advanced Electronic Signature: What It Is, How It Works, and eIDAS Regulation

Signing with an eID and activating a certificate via eID are two different things

These are two distinct legal constructs. In the first, the authentication event is itself the act of signing. In the second, the eID only proves who you are at enrolment, and the signing happens afterwards through a certificate issued in your name. The identity scheme is the same in both cases. The signature, and what it is worth as evidence, is not.

Signing with a national eID is an electronic signing method in which a Service Provider authenticates the signatory through a notified Identity Provider, then seals the resulting document with its own electronic seal. It satisfies the Article 26 conditions for an advanced electronic signature, but it produces no certificate held by the signatory.

The distinction matters commercially, because providers market both under similar names. Where an eID enrols a customer for a signing kit, the certificate does the signing and the eID has already finished its job. Where an eID signs, the Identity Provider sits inside the transaction. Which one your workflow implements decides who proves what when the document is challenged.

Axis eID-based signature Certificate activated via eID Digital signature (QES)
What it identifies The identity holder, authenticated by the Identity Provider at the moment of signing The certificate holder; the eID only identifies them at enrolment The holder of the qualified certificate
Legal basis Art. 26 eIDAS, plus the national rules governing the notified scheme Art. 26 eIDAS; the certificate carries the signature Art. 25(2) eIDAS, Regulation (EU) 910/2014
Evidential weight Admissible, weighed by the court, no presumption of attribution Admissible, stronger link to the holder through the certificate Equivalent to a handwritten signature across the EU
Excluded transactions Acts reserved to a QES by Member State law (real estate, company filings, some notarial acts) Depends on whether the certificate is qualified None

What eIDAS requires for an eID-based signature

Article 26 of Regulation (EU) 910/2014 sets four conditions. The signature must be uniquely linked to the signatory, capable of identifying them, created using data under the signatory's sole control, and linked to the signed data so that any later change is detectable.

Read in the abstract, that looks like a checklist for one product. In an eID flow it is not. No single actor satisfies all four: the requirements split across two parties, and that split is where the evidential exposure sits.

Levels of assurance and the roles of Identity Provider and Service Provider

eIDAS defines three levels of assurance for notified eID schemes: low, substantial and high. Low rests on a single factor and is not accepted for signing. Substantial combines credentials with a one-time code, and is the practical floor. High binds a factor to a certified device or certificate, and public administrations increasingly require it for higher-risk transactions.

The division of labour follows from there. The Identity Provider authenticates the person and returns identity attributes to the Service Provider, covering the first two Article 26 conditions. Sole control turns on the level of assurance, and substantial or above is what makes that claim defensible. The fourth condition falls entirely to the Service Provider, which renders the document and applies its own electronic seal and a qualified timestamp.

Which is why an eID-signed PDF contains no certificate in the signatory's name. What it carries is the provider's seal and an attestation that authentication took place.

What an eID-signed document is worth in court

Admissible, but not self-proving. Article 25(1) of eIDAS guarantees that a signature cannot be denied legal effect or admissibility solely because it is electronic or falls short of QES requirements. Only a QES gains equivalence to a handwritten signature under Article 25(2). An eID-based signature is evidence the court weighs on its merits, with no presumption of attribution to lean on. Businesses use TrueScreen to build a verifiable chain of custody over eID-signed documents, reducing the evidential burden if attribution is challenged.

Who bears the burden of proof

Denying an eID signature is cheap. Under most Member State procedural systems the disputing party simply contests it, with none of the heightened threshold a QES would impose. The burden then lands on whoever produced the document: they must show that the signing process met the Article 26 conditions, and that the file in front of the judge is the file that was signed. With a digital signature the asymmetry runs the other way, and the certificate holder is the one explaining how their signing device came to be used without them. Our guide sets out the evidential validity of an advanced electronic signature in more detail. This evidential gap can be closed with forensic certification tools such as TrueScreen, which document both content and context at the moment of signing.

Transactions that still require a QES

eIDAS harmonises recognition, not form requirements. Each Member State decides which acts must take a particular form, and several reserve whole categories for a QES: real estate conveyancing, long-term leases, filings with the commercial register, certain notarial acts. Where national law imposes that form, an eID-based signature does not meet it, and a contract signed that way risks being void. Cross-border workflows have to map this jurisdiction by jurisdiction. The boundary itself is drawn in our guide on the differences between AES and QES.

How do you prove document integrity and signing context?

TrueScreen, the Data Authenticity Platform, certifies the integrity of the document and the context in which it is signed, complementing the signature without replacing it. An eID proves who signed. It does not prove what was signed at that moment, or in what context. When the file is disputed, the burden of showing that the document in court is identical to the one signed falls on the party producing it, and the Identity Provider's logs will not carry it: they record the authentication, not the content. Forensic acquisition closes the gap. The document is captured at source, its hash computed, and the result sealed with a qualified timestamp and an electronic seal applied through integrated third-party QTSPs. Out of that comes a verifiable chain of custody with a trusted date, assertable against third parties. Certification via API plugs into the signing flow you already run.

An equipment leasing company has its contracts signed with a national eID. Eighteen months later a customer challenges a clause, arguing that the PDF filed in court is not the one they signed. The eID proves their identity. It says nothing about which version of the file was on their screen that day. Certification of integrity and context, applied alongside the signature, reconstructs content and timing and settles the point without a court-appointed expert. That is the case for pairing an eIDAS advanced electronic signature with certification at source.

FAQ: advanced electronic signature with eID

Can a national eID replace a digital signature?
No. An eID authenticates identity, it does not sign. Notified schemes can be used to sign with the effects of an advanced electronic signature, but acts reserved to a QES by Member State law, real estate transfers and commercial register filings among them, stay out of reach. Use the wrong signature type there and the act is void, not merely weak.
Does having an eID mean you have an advanced electronic signature?
Not automatically. Holding an eID activates no signing function. An eID signature exists only where the Service Provider has implemented the signing process and the Identity Provider exposes it. It depends on the service, not on the identity.
What can you sign with an eID-based signature?
Documents that need to satisfy written form and be usable as evidence: contracts between private parties, purchase orders, mandates, enrolment forms, declarations to public authorities. Anything a Member State reserves for a digital signature is excluded.
Which level of assurance is needed to sign?
Substantial, meaning credentials plus a one-time code. Low, a single factor, is not accepted. High binds a factor to a certified device or certificate.
Is an eID-signed document admissible in court?
Yes. Article 25(1) of eIDAS guarantees admissibility across the EU. But the evidential burden sits with the party producing it, and the court weighs the security and integrity of the signing process on the facts.
Can an eID-based signature be issued to a company?
No. Notified eID schemes identify natural persons. Attribution to the company comes from powers of representation, which have to be documented separately. Organisations pair professional-use identities with an electronic seal for entity-level attribution.

Certify the integrity and context of the documents you sign

With TrueScreen you capture the document at source and certify its integrity, trusted date and signing context, producing a verifiable chain of custody.

mockup app