Your organisation is digitising its contracts. Your clients now expect signatures without the need to print, and electronic signatures have therefore become the natural alternative to handwritten signatures. Yet behind this single concept lie four distinct legal levels, each offering very different evidential guarantees.
Choosing the right level of signature is the first step in ensuring that a document is admissible as evidence. But there is a second, lesser-known dimension that is equally decisive: the quality of the accompanying evidential file. Several court decisions handed down in the first half of 2025[1] have invalidated electronic signatures, even qualified ones, due to insufficient technical documentation. Having an electronic signature does not automatically guarantee its admissibility before a judge.
In this guide, you will discover the four signature levels and their differences, how to select the appropriate level based on identified risks, how to obtain a certificate, and, most importantly, how to strengthen evidential value in light of increasing judicial scrutiny.
Table of content
- What is an electronic signature?
- The 4 levels of electronic signature
- Legal value and evidential limits of the electronic signature
- Strengthening the evidential value of an electronic signature
- How to choose the right level of electronic signature
- How to obtain an electronic signature certificate
- Electronic signatures and evidential value: ensuring long-term proof
Key points to remember about electronic signatures
- Electronic signatures apply to natural persons; this differs from the electronic seal, which applies to legal entities.
- Under the eIDAS Regulation, there are four levels of electronic signature: simple, advanced, advanced with a qualified certificate, and qualified.
- Only the qualified electronic signature benefits from a presumption of reliability.
- The choice depends on a risk-based assessment: regulatory obligations, likelihood of litigation, and severity of consequences.
- Qualified timestamping enhances the evidential value of non-qualified signatures.
What is an electronic signature?
An electronic signature is a technical process that identifies the signer of a digital document and guarantees the integrity of its content. Unlike a handwritten signature, it relies on cryptographic mechanisms to bind the signer to the document in a verifiable manner.
Technical operating principles
The principle is based on asymmetric cryptography: a pair of keys (public and private) is generated. The private key, held by the signer, is used to create the signature. The public key is used to verify its authenticity. A unique digest of the document (fingerprint or “hash”) is created and encrypted with the private key. Any subsequent modification to the document automatically invalidates the signature.
The 4 levels of electronic signature
The European eIDAS Regulation (EU 910/2014) defines four levels of electronic signature, each with different technical requirements and evidential guarantees:
- Simple electronic signature
- Advanced electronic signature
- Advanced signature with qualified certificate
- Qualified electronic signature
Before detailing each level, it is essential to understand a key legal principle: not all signature levels have the same evidential value. The distinction lies in who bears the burden of proof in case of litigation.
Only the qualified electronic signature benefits from a presumption of reliability: the party contesting the signature must prove its invalidity. For the other three levels, the opposite applies: the party relying on the signature must demonstrate its validity. This explains why some signatures are rejected by courts.
| Level | Simple | Advanced | Advanced with qualified certificate | Qualified |
| Qualification | Basic | Standard | Intermediate | Maximum |
| Definition | Tick-box, email, scanned handwritten signature | Meets the 4 eIDAS requirements (unique link to signer, identifies signer, created under sole control, detects modifications) | Advanced signature + certificate issued by a QTSP | Equivalent to handwritten signature (Art.25 eIDAS) |
| Authentification | Low | Enhanced (two-factor authentication) | Strong (strict ID verification) | Strong (QTSP) |
| Qualified certificate | No | No | Yes | Yes |
| QSCD (Qualified Signature Creation Device) | No | No | No | Yes |
| Presumption of validity | No | No | No (but stronger with qualified timestamping) | Yes |
| Burden of proof | On the relying party | On the relying party | On the relying party (mitigated via qualified timestamping) | On the contesting party |
| Typical use cases | Forms, internal documents | B2B contracts, HR, purchase orders, T&Cs | Public tenders, IP office filings (mandatory) | Public procurement, notarial acts, high-stakes T&Cs |
Legal value and evidential limits of the electronic signature
Recent judicial requirements
The first half of 2025 marked a significant shift. Several French Courts of Appeal invalidated electronic signatures, even qualified ones, due to shortcomings in the evidential file:
- Rouen Court of Appeal (10/04/2025)[3]: unusable file
- Paris Court of Appeal (03/04/2025)[4]: “electronically signed” note deemed insufficient
- Douai Court of Appeal (27/03/2025)[5]: inability to identify signer
- Riom Court of Appeal (19/03/2025)[6]: lack of proof of integrity
- Versailles and Paris Courts of Appeal (04 and 05/2025)[7]: documentation too complex
A failure to clearly explain the authentication, validation, or traceability methods can lead to evidence being rejected, even for a qualified signature.
The 3 criteria Courts examine
Regardless of signature level, judges systematically assess these 3 elements:
- Identity of the signer: are technical means sufficient to identify the person unambiguously? Is the authentication process documented? Are connection logs usable and timestamped?
- Integrity of the document: can it be proven that the document was not altered after signing? Are cryptographic mechanisms (hash, digital signature) explained? Is a timestamp available to certify the date?
- Reliability of the process: is the evidential file intelligible to non-technical readers? Are the steps traceable? Has the provider produced a structured and accessible audit file for the judge?
Strengthening the evidential value of an electronic signature
For non-qualified signatures (simple, advanced, or advanced with qualified certificate), several mechanisms mitigate the absence of a legal presumption and address increasing judicial requirements.
The role of qualified timestamping: giving the document a legally certain date
Defined under Articles 41 and 42 of the eIDAS Regulation, qualified timestamping attaches a legally recognised date and time to a digital file. This timestamp, issued by a qualified trust service provider, guarantees that the document has not been modified since that moment.
In practice, qualified timestamping provides a legally certain date and directly responds to integrity requirements highlighted in the 2025 rulings. When an advanced signature (simple, advanced, or advanced with qualified certificate) is combined with a qualified timestamp, its evidential robustness is significantly strengthened, without needing to resort to a qualified signature, which is more costly and cumbersome.
The provider’s electronic seal to secure the evidential file
An electronic seal from the provider or digital trust platform (such as Evidency) secures the evidential file as a whole. It authenticates the professional origin of the evidence and ensures that the elements presented to the judge (audit file, certificates, technical traces, timestamps) have not been subsequently altered.
Building a structured evidential file
A compliant evidential file must include:
- A timestamped audit file detailing each step of the signature process
- Accessible documentation explaining authentication and validation mechanisms
- Usable authentication evidence
- Readable formats (annotated PDFs, summary tables)
Raw technical files (server logs, unformatted XML) without accompanying documentation are frequently dismissed by courts, as illustrated by the Rouen and Versailles rulings in 2025.
The complete evidential file may, in some cases, be sealed using an electronic seal to further strengthen its evidential value.
How to choose the right level of electronic signature
Choosing a signature level should never be arbitrary. It must be based on regulatory obligations and an assessment of litigation risk and potential consequences if the signature were invalidated.
Identify regulatory obligations
Certain use cases require a minimum signature level. For example, the decree of 22 March 2019 on electronic signatures in public procurement requires an advanced signature with a qualified certificate for tender submissions. Above EU thresholds (several million euros depending on contract type), a qualified signature is generally required.
Regulated filings with authorities, typically require a qualified signature. The French IP Office (INPI) accepts advanced signatures with qualified certificates for trademark, patent, and design filings.
Assess risk based on context
Beyond regulatory obligations, the choice depends on three factors: contract value, duration, and sector. The higher the litigation risk and potential consequences, the stronger the recommended signature level.
- Example 1 — Low risk: internal HR documents with no financial stakes (attendance certificates, leave requests). A simple signature is sufficient.
- Example 2 — Medium risk: a £15,000 B2B commercial contract in a low-litigation sector with an existing client relationship. An advanced signature combined with qualified timestamping provides adequate protection.
- Example 3 — High risk: a long-term bank loan of £200,000 over 20 years. The banking sector generates extensive litigation (all 2025 rulings cited relate to this field). A qualified signature is essential.
For high-stakes documents signed with a non-qualified signature, it is strongly recommended to apply qualified timestamping and build a structured, sealed evidential file. This approach approaches the probative strength of a qualified signature while controlling costs.
How to obtain an electronic signature certificate
Electronic signature certificates are issued by qualified trust service providers (QTSPs) listed by ANSSI on cyber.gouv.fr.
Required documents vary depending on the signature level:
- For individuals: a valid ID document and recent proof of address
- For qualified certificates: strict identity verification (in-person or certified video identification)
- For legal entities: a recent company registration extract, up-to-date statutes, and proof of the signer’s authority to bind the company (mandate, board resolution, notarised power of attorney, etc.)
The process includes the following steps:
- Application to the provider
- Identity verification
- Generation of cryptographic key pair
- Certificate issuance (valid from one to three years)
- Installation on the chosen medium
Processing times range from a few hours for advanced signatures to five to ten working days for qualified signatures.
The document remains available in read-only mode within the EDM for day-to-day use, but its evidential, tamper-proof version is stored in the EAS.
Electronic signatures and evidential value: ensuring long-term proof
The legal value of an electronic signature depends directly on the chosen level and the quality of the evidential file. The case law from early 2025 reaffirmed a crucial point: having an electronic signature, even a qualified one, is not enough. The evidential file must be structured, readable, and complete to withstand judicial scrutiny.
Selecting the appropriate signature level requires a risk analysis that considers regulatory obligations and the likelihood and severity of disputes. This method ensures that legal security is calibrated to the actual stakes of each document. For non-qualified signatures (simple, advanced, advanced with qualified certificate), qualified timestamping and electronic sealing significantly strengthen evidential value and meet stricter judicial expectations.
Evidency supports organisations in enhancing evidential security by providing qualified timestamping and electronic sealing solutions that integrate seamlessly with your existing signature processes.
Sources
[1] These court decisions are presented later in the article, in the section dedicated to recent case law requirements.
[2] Regulation (EU) No 910/2014 of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market (eIDAS): https://eur-lex.europa.eu/legal-content/FR/TXT/?uri=celex%3A32014R0910
– Updated by Regulation (EU) No 2024/1183 of 11 April 2024 amending Regulation (EU) No 910/2014 with regard to the establishment of the European framework for a digital identity (eIDAS 2): https://eur-lex.europa.eu/legal-content/FR/TXT/?uri=OJ:L_202401183
[3] CA Rouen, 10 april 2025, RG n° 24/01774
[4] CA Paris, 3 april 2025, RG n° 23/19316
[5] CA Douai, 27 march 2025, RG n° 22/05040 and RG n° 22/05041
[6] CA Riom 19 mars 2025 RG n° 24/00497
[7] CA Versailles 29 april 2025 RG n°24/04372, CA Paris 15 may 2025 RG n°24/02375
[8] Order of 22 March 2019 on the electronic signature of public procurement contracts: https://www.legifrance.gouv.fr/loda/id/JORFTEXT000038318621
Disclaimer
The opinions, presentations, figures and estimates set forth on the website including in the blog are for informational purposes only and should not be construed as legal advice. For legal advice you should contact a legal professional in your jurisdiction.
The use of any content on this website, including in this blog, for any commercial purposes, including resale, is prohibited, unless permission is first obtained from Evidency. Request for permission should state the purpose and the extent of the reproduction. For non-commercial purposes, all material in this publication may be freely quoted or reprinted, but acknowledgement is required, together with a link to this website.
