What is an electronic or digital signature?
A digital or electronic signature is electronic data linked to other digital information, used by a signatory to sign. For example, when approving an invoice electronically, a manager might use a secure digital signature to confirm the transaction’s validity. This serves as the digital equivalent of a handwritten signature, ensuring authenticity and intent.

Types of electronic signatures
The European Union’s eIDAS regulation as well as the Swiss ZertES regulation define three primary types of electronic signatures, each offering varying levels of security and legal recognition:

1. Simple Electronic Signature (SES): The most basic form of electronic signature, used for low-risk transactions where security is not a priority. An SES is similar to confirming an agreement via email or clicking an “Accept” button in a digital document. While legally valid in many cases, it lacks the identity verification and security of advanced or qualified electronic signatures.
   Learn more about SES
2. Advanced Electronic Signature (AES): AES provides a higher level of security by uniquely linking the signature to the signatory and enabling their identification. It ensures that any subsequent changes to the signed data are detectable. AES is ideal for scenarios requiring enhanced security and signer authentication.
   Learn more about AES
3. Qualified Electronic Signature (QES): QES offers the highest level of security and is legally equivalent to a handwritten signature across Switzerland and the EU. It requires identity verification by a qualified trust service provider and the use of a qualified certificate. QES is mandated for transactions that demand the utmost legal assurance, such as notarial acts or certain financial agreements.
   Learn more about QES

Technological differences between SES, AES, and QES
The key differences between SES, AES and QES lie in their level of security, identity verification process, and protection against forgery or tampering.

An SES is the most basic form and does not require any encryption or authentication. It can be as simple as a typed name, a scanned signature, or clicking an acceptance checkbox. Because SES lacks cryptographic security measures, it does not provide a reliable way to verify the signer’s identity or detect modifications after signing. While convenient, SES is not suitable for documents requiring legal certainty or strong evidence in case of disputes.

An AES introduces cryptographic security measures to ensure the integrity of a document and the authenticity of the signatory. AES is uniquely linked to the signer and created using data that only they can control, involving multi-factor authentication and digital certificates issued by a trust provider. This means that if the document is altered after signing, the signature becomes invalid, providing a higher level of security and legal certainty than SES. However, while AES enhances trust, it does not automatically carry the same legal weight as a handwritten signature.

A QES offers the highest level of security and legal assurance. It is based on a qualified digital certificate issued by a trusted provider under EU eIDAS or Swiss ZertES regulations. To obtain a QES, the signer’s identity must be strongly verified, typically through face-to-face or remote video identification.
QES is created using a highly secure system that ensures the signature cannot be altered or forged. Because of these strict requirements, it is the only type of electronic signature recognized as legally binding under both Swiss and EU regulations, making it the digital equivalent of a handwritten signature.

To better understand the differences between SES, AES, and QES, you can explore a detailed comparison table available on the DeepSign website. 

In summary, SES is convenient but lacks security, AES provides a balance between usability and protection, and QES guarantees the highest level of identity verification, integrity, and legal certainty. The choice between them depends on the specific requirements of the transaction and the level of security needed.