What is a qualified electronic signature?

What is required to create a QES?

A QES requires three components under eIDAS:

• Qualified Certificate: Issued by an EU Trusted List (EUTL) Trust Service Provider (TSP) after identity verification.
• QESCD: A Qualified Electronic Signature Creation Device (typically a smart card or USB token or cloud HSM).
• Signing application: Software that uses the QESCD to create the signature.

Frequently Asked Questions

Is a QES required for e-invoicing?

No. QES is not mandatory for standard e-invoicing. The EU VAT Directive permits multiple methods to ensure invoice authenticity and integrity. QES is one option but most e-invoicing implementations use audit trails, EDI controls, or transport security rather than document-level QES.

Where can Qualified Trust Service Providers be found?

The European Union Trusted List (EUTL) published by each member state and the EU Commission lists all qualified trust service providers. These providers are authorized to issue qualified certificates, timestamps, and other qualified trust services within the EU.

Related Regulations

• What does eIDAS establish for electronic invoice signatures?
• What does the EU VAT Directive 2006/112/EC require for invoices?
• How does GDPR apply to personal data in invoices?

Related Use Cases

• How do organizations meet invoice archiving requirements across jurisdictions?
• How do organizations validate supplier and customer VAT numbers at scale?
• How do digital signatures ensure invoice authenticity and integrity?