eIDAS is the EU regulation that makes electronic signatures admissible across member states and defines three levels of assurance. Marketing pages often blur the tiers — “eIDAS compliant” can mean anything from a basic email link to a qualified certificate from a trust service provider. For procurement and legal teams, the distinction matters because only qualified electronic signatures (QES) carry the same legal presumption as handwritten signatures EU-wide.
The three signature tiers
Simple Electronic Signature (SES)
Basic data in electronic form attached to or associated with a document — typed name, click-to-sign, email link. Valid and admissible for most everyday B2B contracts when combined with strong evidence of intent and integrity.
Advanced Electronic Signature (AES)
Must meet Article 26 criteria: uniquely linked to the signer, capable of identifying the signer, created with means under the signer’s sole control, and linked to data so tampering is detectable. Stronger identity and tamper evidence than SES.
Qualified Electronic Signature (QES)
An advanced signature created by a qualified electronic signature creation device and based on a qualified certificate issued by a qualified trust service provider (QTSP). Has the equivalent legal effect of a handwritten signature across the EU. Required or expected for some regulated, public-sector, or high-value transactions.
eIDAS 2.0 — what is changing
eIDAS 2.0 expands the framework with European Digital Identity Wallets and qualified trust services for broader cross-border use. Timelines roll out by member state through the mid-2020s. Practical impact for most B2B teams today: SES and AES with solid audit evidence still cover the majority of commercial contracts; QES demand clusters in finance, public procurement, and regulated sectors.
When you need QES vs when SES is enough
| Scenario | Typical tier | Why |
|---|---|---|
| B2B NDA or MSA | SES / AES | Commercial practice + audit evidence |
| Cross-border SaaS agreement | SES / AES | Counterparty acceptance + record retention |
| EU public procurement | Often QES | Legal presumption requirements |
| Regulated financial instrument | QES / AES+ | Sector rules may mandate QTSP |
| Employment contract (most EU states) | SES / AES | Confirm local labor rules |
Where SumoSign fits
SumoSign delivers defensible standard electronic signatures with append-only audit trails, certificates of completion, and eIDAS-style evidence practices — appropriate for most B2B agreements. We do not market eIDAS QES or QTSP integration until shipped; customers requiring qualified signatures should evaluate enterprise trust-service partnerships explicitly. Do not confuse “audit-grade SES” with QES in procurement questionnaires — name the gap honestly.
Most B2B teams need evidence, not a QTSP on day one.
SumoSign focuses on branded multi-party signing with exportable audit artifacts — QES remains Enterprise roadmap when customer demand funds it.
Get startedFrequently asked questions
Is a US e-signature valid in the EU?
Cross-border validity depends on applicable law, document type, and evidence. eIDAS mutual recognition frameworks and private international law are complex — involve counsel for high-value EU deals.
Can SumoSign produce QES today?
Not as a marketed product tier. QES requires qualified certificates from a QTSP. SumoSign targets strong SES/AES-style evidence for commercial contracts.
What is the difference between AES and QES in procurement?
Procurement checklists often say “eIDAS” when they mean QES. Ask whether a qualified trust service provider and qualified certificate are mandatory, or whether advanced evidence and identity steps suffice.