eIDAS-compliant Signature client
Sign documents and data using eIDAS-compliant electronic signatures.
The purpose of the Sphereon eIDAS Signature client is to easily create and verify eIDAS-compliant signatures for documents and input data using electronic signatures as defined in the EU’s eIDAS legal framework.
Signing confidential documents
The problem: Typically, electronic signing solutions are implemented as an online service, where you have to send your confidential documents to a remote, third-party service. You have no control over what happens to these confidential documents!
Our Sphereon eIDAS Signature client enables you to sign documents and input data in a privacy-preserving manner. You can sign a document by first generating a hash or digest of the document in your own secure environment. You just send the hash(es) to be signed remotely. Last, we enable you to merge the signature with the document.
Your confidential documents or data do not leave your premises. You’re not sending the full document across the wire to a third-party service. Which obviously is much better from a privacy and security perspective.
Electronic signing of documents and data
The Sphereon eIDAS Signature client supports AES and QES signatures as defined by the EU eIDAS-regulation:
- PDF documents can be signed using PAdES signatures
- Microsoft Office and other XML-based documents can be signed using XAdES signatures.
- Various documenttypes and binary data can be signed using CAdES signatures
- JAdES signatures enable you to sign JSON-files, which is extremely useful for signing datafiles, for example W3C Verifiable Credentials!
Advanced Electronic Signatures (AES)
Advanced Electronic Signatures (AES) are digital signatures that use a combination of secure technologies, such as Hardware Security Modules (HSM) and processes to validate the signer’s identity and ensure the integrity of the data or document being signed.
AES signatures are generally more secure than simple digital signatures, as they use additional authentication methods to verify the signer’s identity, but less secure than Qualified Electronic Signatures (QES).
Qualified Electronic Signatures (QES)
Qualified Electronic Signatures (QES) are a special type of Advanced Electronic Signature in that the certificates have been issued by a Qualified Trust Service Provider QTSP). The Trust Service Provider will ensure that the signer is indeed who they say they are by performing strict KYC checks.
Both these signatures are legally binding and can be used to sign documents and contracts in all European as well as many other countries, but some documents or countries require the highly secure QES signatures.
Designed for Developers
See more:
GitHubWith the Sphereon eIDAS Signature client SDK we offer developers a powerful library of advanced electronic signature functions to build and deploy eIDAS-compliant signature solutions.
You can add new functions in hours instead of weeks, allowing you to focus on your core product development. Reduce the time-to-market with functions that are Best-in-Class and that your customers will be happy to pay for.
Feel free to browse the technical documentation and code samples.