A standard electronic signature (SES) is any digital indication of a person's intent to agree to or authenticate a document — a typed name, a drawn signature, a checkbox, or a click. It covers the vast majority of business contracts and is legally enforceable in most jurisdictions worldwide without any additional technical requirements.

Three tiers of electronic signature exist globally: A standard electronic signature (SES) is any digital indication of intent — sufficient for NDAs, service agreements, employment offers, and most commercial contracts. An advanced electronic signature (AES) uses PKI cryptography to uniquely link the signature to the signer and detect any subsequent document changes — used in financial services, regulated HR, and high-value cross-border contracts. A qualified electronic signature (QES)is an AES backed by a qualified certificate from an accredited trust service provider — the highest tier under eIDAS, used for formal legal acts and notarial equivalents in the EU. For everyday business, SES with a robust audit trail is the right choice. Upgrade to AES or QES only when regulation or counterparty requirements specifically demand it.

What Is a Standard Electronic Signature (SES)?

A standard electronic signature is the broadest category of e-signature. Under the United States ESIGN Act (Electronic Signatures in Global and National Commerce Act, 2000), an electronic signature is defined as “an electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign.” Under eIDAS (EU Regulation 910/2014), it is defined in Article 3 as “data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign.”

In practical terms, an SES can be:

A typed name at the bottom of an email or document
A drawn signature using a mouse, stylus, or finger on a touchscreen
A scanned image of a handwritten signature inserted into a PDF
A click on an “I Agree” button on a website
A PIN or password used to authenticate a transaction

Standard e-signatures do not require any cryptographic certificate or identity verification process. Their legal enforceability rests on the surrounding evidence: an audit trail showing who signed, when they signed, what IP address was used, and what version of the document was presented. Platforms like SignZA capture this audit trail automatically on every document.

More than 95% of all commercial contracts — NDAs, service agreements, employment contracts, sales orders, lease agreements, and supplier terms — are validly executed with an SES. Courts in the US, EU, UK, and most common law jurisdictions treat them as admissible evidence of intent.

What Is an Advanced Electronic Signature (AES)?

An advanced electronic signature adds a layer of cryptographic assurance that a standard e-signature does not provide. Under eIDAS Article 26, an AES must satisfy four requirements:

It is uniquely linked to the signatory
It is capable of identifying the signatory
It is created using signature creation data that the signatory can use under their sole control
It is linked to the signed data in such a way that any subsequent change in the data is detectable

The technical mechanism that delivers these properties is Public Key Infrastructure (PKI). Here is how it works in practice:

The signer holds a private key — a large cryptographic number stored on their device or on a hardware security module (HSM). This key never leaves their control.
When signing, the platform computes a document hash — a unique mathematical fingerprint of the document at the moment of signing.
The private key encrypts this hash, producing the digital signature value that is embedded in the document.
A corresponding public key certificate, issued by a Certificate Authority (CA), is attached. Anyone with the public key can verify that the signature was made by the holder of the matching private key and that the document has not changed since signing.

If even a single character in the document changes after the AES is applied, the hash no longer matches and the signature shows as invalid. This tamper evidence is the core technical advantage of AES over SES.

AES is commonly used in financial services contracts, regulated healthcare documentation, cross-border procurement, regulated HR documents (such as those subject to employment law record-keeping requirements), and any context where a counterparty or regulator demands a higher standard of identity assurance.

What Is a Qualified Electronic Signature (QES)?

A qualified electronic signature is an AES that is additionally backed by a qualified certificate issued by a qualified trust service provider (QTSP)— an entity that has been audited and officially recognised by a national supervisory body under eIDAS. In the EU, the list of QTSPs is published in the EU Trust List.

Under eIDAS Article 25(2), a QES has the equivalent legal effect of a handwritten signature across all EU member states. This is the only category of e-signature with that explicit legal equivalence under EU law. Obtaining a QES typically requires in-person identity proofing (or a supervised remote video verification) to ensure the certificate is tied to a real, identified individual.

QES use cases include:

Formal legal deeds and notarial acts in EU jurisdictions that permit electronic notarisation
Financial instruments and regulated agreements under MiFID II and similar frameworks
Cross-border EU public sector transactions where national law requires the highest tier
Corporate resolutions and constitutional documents in jurisdictions that explicitly require QES

For most businesses operating outside highly regulated EU contexts, QES is neither required nor practical — the onboarding friction and cost of QTSP certificates is significant. AES meets the requirements of most regulated scenarios, and SES handles everything else.

Standard vs Advanced vs Qualified: Side-by-Side Comparison

Type	Definition	Security level	Identity verification	Typical use cases	Legal framework
SES	Any digital indication of intent	Basic	None required	Business contracts, NDAs, service agreements, employment offers	ESIGN Act, eIDAS Art. 3
AES	Uniquely linked to signer & detects document changes via PKI	Medium – High	Linked to signer identity via certificate	High-value contracts, HR records, regulated industries, cross-border contracts	eIDAS Art. 26
QES	PKI certificate from a qualified trust service provider	Highest	In-person or equivalent identity proofing required	Legal deeds, notarisation equivalents, formal financial instruments	eIDAS Art. 28

Which Type of Signature Do Most Documents Need?

The answer, for the overwhelming majority of business documents, is a standard electronic signature.

Both the ESIGN Act and eIDAS operate on a technology-neutral, intent-based model. Neither law requires a specific technical standard for most commercial contracts. What matters legally is:

The signer had capacity and intent to sign
The signer had access to the document at the time of signing
There is evidence linking the signer to the signed document

A modern e-signature platform satisfies all three requirements through an audit trail that records the signer's email address, IP address, geolocation, browser fingerprint, timestamp, and document hash at the moment of each action. This audit trail — not a PKI certificate — is the primary evidence base in any legal dispute over an SES.

Tip: For most contracts — NDAs, service agreements, employment offers, sales orders, supplier terms — a standard e-signature with a full audit trail is sufficient and legally enforceable under ESIGN, eIDAS, and most national e-signature laws. You do not need AES or QES unless a specific regulation, sector requirement, or counterparty agreement explicitly demands a higher tier. When in doubt, check your industry's regulatory guidance rather than upgrading the signature tier unnecessarily.

Industries where SES is the standard: technology, professional services, real estate (lease agreements, not conveyancing deeds), logistics, retail, hospitality, recruitment, and most B2B commerce.

See also: Are electronic signatures legally binding? for a full breakdown of enforceability by jurisdiction.

When Is an Advanced or Qualified Signature Required?

Specific sectors and document types do require higher-tier signatures. The key triggers are:

Advanced Electronic Signature (AES) is typically required or strongly recommended for:

Financial services: Loan agreements, mortgage documents, investment mandates, and insurance policies in heavily regulated jurisdictions often require AES-level assurance. Regulators like the FCA (UK), BaFin (Germany), and FINMA (Switzerland) have issued guidance expecting cryptographic evidence of identity.
Healthcare: Prescription authorisations, informed consent forms, and clinical trial documentation in regulated markets frequently require AES where HIPAA or equivalent national health regulations mandate tamper-evident records.
Regulated HR: Employment contracts in certain EU member states — notably Germany and Austria — require AES or QES for specific categories of employment agreement where national labour law specifies written form equivalents.
Cross-border contracts with EU public bodies: EU public procurement processes under the eIDAS framework may specify AES as the minimum for binding submissions.
High-value M&A and real estate: While not legally mandated in most jurisdictions, counterparties and their legal advisors frequently require AES for commercial real estate leases above certain thresholds and M&A deal documentation.

Qualified Electronic Signature (QES) is required for:

Formal notarial acts in EU jurisdictions that permit electronic notarisation (Germany, Austria, and others under national implementation of eIDAS)
Specific financial services documents under EU sectoral regulation where QES is explicitly mandated
EU cross-border public administration transactions where the requesting authority specifies QES
Replacing wet-ink signatures on documents that, under national law, require a “written form” that must be electronically equivalent — and where national law has mapped that requirement to QES

The critical point is that most businesses never encounter a QES requirement, and AES requirements are sector-specific rather than the default. Start with SES, and escalate only when a specific regulatory or contractual obligation requires it.

For background on how digital signatures differ technically from electronic signatures, see: Electronic vs digital signature: what's the difference?

Frequently Asked Questions

Do I need an advanced electronic signature for a business contract?

No — standard electronic signatures are legally binding for the vast majority of commercial contracts. Under both the ESIGN Act (US) and eIDAS (EU), intent and the associated audit trail are sufficient for NDAs, service agreements, employment offers, sales contracts, and most B2B agreements. AES is only necessary when a specific regulation, regulator guidance, or counterparty requirement explicitly demands it.

What is the difference between AES and QES?

Both use PKI cryptography, but a QES requires a qualified certificate issued by a trust service provider that has been formally accredited by a national supervisory authority under eIDAS. AES uses any PKI certificate linked to the signer's identity; QES uses only qualified certificates from the EU Trust List. QES has explicit legal equivalence to a handwritten signature across the EU under eIDAS Article 25(2); AES does not carry that automatic equivalence, though it remains legally enforceable.

Is a DocuSign signature a standard or advanced e-signature?

DocuSign's default signature product is an SES — it captures intent, email authentication, and an audit trail but does not apply a PKI certificate to the signer's identity. DocuSign's ID Verification product, which uses identity document scanning and biometric matching, produces an AES. Their Qualified product, available in select EU markets, produces a QES backed by a QTSP-issued certificate.

What documents require a qualified electronic signature?

In the EU: specific financial services documents under sectoral regulation, formal legal acts and notarial deeds in jurisdictions that permit electronic notarisation, and EU public administration transactions where the relevant authority specifies QES. In practice, most businesses — including those in regulated industries — do not encounter QES requirements for their day-to-day document workflows. QES is most relevant to law firms, notaries, financial institutions under direct EU regulatory supervision, and government contractors.

Can I use a standard e-signature in court?

Yes — standard e-signatures are admissible as evidence in most jurisdictions when supported by a detailed audit trail. Courts evaluate electronic signatures on the basis of the surrounding evidence: who signed, when, from what device and location, and what version of the document was presented. A platform-generated audit trail satisfies this evidentiary standard. Under the ESIGN Act, electronic signatures cannot be denied legal effect solely because they are in electronic form, and similar provisions exist under eIDAS and national implementing legislation across the EU.

Standard vs Advanced Electronic Signature: Which Do You Need?