ESIGN vs eIDAS: SES, AES & QES Explained
ESIGN is the US federal law giving electronic signatures the same legal effect as ink. eIDAS is the EU regulation that defines three tiers: simple (SES), advanced (AES) and qualified (QES). A typed or drawn signature is an SES, valid under both frameworks for most everyday documents.
ESIGN is the US federal law that gives an electronic signature the same legal effect as an ink one. eIDAS is the EU regulation that goes further and defines three tiers: simple (SES), advanced (AES) and qualified (QES). A typed or drawn signature is an SES, valid under both frameworks for most everyday documents.
I've signed plenty of contracts and consent forms with a plain drawn signature, and for the day-to-day stuff it just works. The hard part isn't signing. It's knowing whether your simple signature is "enough" or whether you've wandered into territory that wants a qualified certificate. That's really the whole ESIGN vs eIDAS question, so let's walk through it.
What is the difference between ESIGN and eIDAS?
ESIGN and eIDAS both make electronic signatures legally valid, but they take different routes. ESIGN is a single technology-neutral US law with no signature "levels." eIDAS is an EU regulation that splits signatures into three tiers and attaches different legal weight to each. Same goal, different rulebook.
ESIGN, the Electronic Signatures in Global and National Commerce Act of 2000, is codified at 15 U.S.C. ch. 96 and is reinforced at the state level by the Uniform Electronic Transactions Act (UETA, 1999). Both say roughly the same thing: a contract, signature or record can't be denied legal effect, validity or enforceability solely because it's electronic, per 15 U.S.C. §7001(a).
The EU's framework is Regulation (EU) No 910/2014, known as eIDAS. Instead of one flat rule, it sorts electronic signatures into SES, AES and QES, and Article 25 spells out the legal effect of each. We unpack those tiers next.
What are the SES, AES and QES tiers under eIDAS?
eIDAS defines three electronic signature tiers. A simple electronic signature (SES) is any electronic mark showing intent, like a typed name or a drawn squiggle. An advanced signature (AES) is uniquely tied to the signer and tamper-evident. A qualified signature (QES) is an AES built on a qualified certificate from a trusted EU provider.
Here's how the three compare:
| Tier | What it is | Typical use |
|---|---|---|
| SES | Drawn or typed mark | Everyday forms |
| AES | Linked, tamper-evident | Higher-value deals |
| QES | AES + qualified cert | Regulated documents |
A few things worth knowing about each:
- SES has the lowest technical bar. A drawn or typed signature counts. It's fine for internal approvals, NDAs and most B2B agreements where both sides agree to sign electronically.
- AES must be uniquely linked to the signer, capable of identifying them, created with data the signer controls, and able to flag any later change to the document (eIDAS Art. 26).
- QES is an AES created by a qualified signature creation device and backed by a qualified certificate. The certificate comes from a qualified trust service provider on an EU trusted list.
The headline rule lives in eIDAS Article 25. Article 25(1) says a signature shall not be denied legal effect or admissibility in court just because it's electronic or because it isn't qualified. Article 25(2) goes further: a qualified electronic signature has the same legal effect as a handwritten signature. So an SES is admissible, but only a QES is automatically equivalent to ink across the EU.
How does ESIGN handle signature levels?
ESIGN doesn't have signature levels at all. It's outcome-focused. The US approach asks whether the signing met core conditions, not which technical tier you used. There's no SES, AES or QES under American law. UETA, adopted by nearly every state, follows the same logic.
For a US electronic signature to hold up, you generally need four things, which the sibling guide on whether electronic signatures are legally binding covers in more depth:
- Intent to sign so the signer actually meant to commit.
- Consent to do business electronically, which is often implied by context but explicit for consumers.
- Attribution so the signature can be tied back to the signer.
- Record integrity so the final document is retained and can be reproduced.
Because ESIGN is technology-neutral, a typed name, a drawn signature, or a click-to-agree button can all qualify if those conditions are met. The catch is evidence. If a signature is challenged, you want a clear trail showing who signed, when, and that the file wasn't altered afterward.
Which signature level do you actually need?
For most personal and small-business documents, a simple electronic signature is enough, and that's exactly what a free in-browser signer produces. Reach for AES or QES only when a law, regulator or counterparty specifically requires it, which is the exception rather than the rule for everyday paperwork.
Use this as a rough guide:
- SES is fine for offer letters, NDAs, vendor agreements, consent forms, internal sign-offs and most freelance contracts.
- AES or QES may be required for certain regulated EU transactions, some public-sector filings, high-value or cross-border legal documents, and anything a statute explicitly carves out.
- Neither framework covers everything. Wills, some property transfers and notarized documents may still need wet ink or notarization depending on jurisdiction. When in doubt, check local rules or ask a professional.
If you only need an SES, the practical question is just how to produce one cleanly. That's where a browser tool comes in.
How do you create a simple electronic signature for free?
You can create a valid simple electronic signature in your browser in under a minute, no account and no upload required. PDFYay opens the PDF locally, lets you place a signature, and exports the signed file straight back to your device. The file never leaves your browser, which keeps a sensitive contract private.
Here's the exact flow I use in PDFYay:
- Open the editor at /sign and click Choose PDF to load your document. It opens in the browser canvas.
- In the bottom dock, tap Signature. A panel opens with three tabs: Type, Draw and Upload.
- Pick a tab. Type turns your name into a signature font, Draw lets you sign with a mouse or finger, and Upload drops in a PNG of an existing signature. Hit Apply.
- Click on the page to drop the signature, then drag to position and resize it where the signing line is.
- Need more marks? The dock also has Text, Check, Cross and Date tools for filling boxes and dating the document.
- Use the page arrows up top to move through a multi-page file, and the zoom buttons to place marks precisely.
- Click Download to export the signed PDF to your device. A "Saved locally" note shows your work is held in the browser, not on a server.
One detail that matters for the "record integrity" point above: PDFYay embeds a SHA-256 hash and a timestamp into the exported PDF's metadata, which gives you a basic tamper-evidence trail for an SES. For a deeper walkthrough see how to sign a PDF for free, and if privacy is your worry, is it safe to sign a PDF online explains the no-upload model.
ESIGN vs eIDAS: the short version
ESIGN governs the US with one flat, technology-neutral rule. eIDAS governs the EU with three tiers and reserves automatic "equal to handwriting" status for QES alone. For everyday documents on either side of the Atlantic, a simple electronic signature is valid and usually all you need. Save AES and QES for the regulated, high-stakes cases that actually demand them.
A practical tip for cross-border deals: don't guess. The contract itself can state which law applies and what signature level the parties accept, which saves an argument later. And if a counterparty asks for QES, that's a job for a qualified EU trust service provider, not a free browser tool.
This is general information, not legal advice. For a specific document, check the governing law or consult a qualified professional.
Frequently asked questions
Is a simple electronic signature legal under both ESIGN and eIDAS?
Yes. A simple electronic signature (typed or drawn) is valid under the US ESIGN Act and recognized under EU eIDAS for most everyday agreements. eIDAS Article 25(1) says a signature can't be denied legal effect solely because it's electronic or isn't qualified, so an SES is admissible in court.
What's the difference between AES and QES under eIDAS?
An advanced electronic signature (AES) is uniquely linked to the signer and detects later changes. A qualified signature (QES) is an AES created with a qualified device and a qualified certificate from an EU trust provider. Under eIDAS Article 25(2), only a QES has the legal effect equal to a handwritten signature.
Does ESIGN have signature tiers like eIDAS?
No. The US ESIGN Act and state UETA don't define SES, AES or QES levels. They're outcome-based: a record or signature can't be denied legal effect just for being electronic, as long as there's intent to sign, consent and attribution. The eIDAS tier system is specific to the EU.
Can I sign a US or EU document with a free in-browser tool?
Yes, for most personal and small-business documents that accept a simple electronic signature. PDFYay creates an SES entirely in your browser with no upload. For regulated, high-value or cross-border filings that demand AES or QES, you'll need a qualified EU trust service provider instead.
Which is stronger, ESIGN or eIDAS?
Neither is 'stronger' since they cover different regions. ESIGN governs the US, eIDAS governs the EU. eIDAS is more prescriptive because it spells out three signature tiers, while ESIGN takes a single technology-neutral approach. For a cross-border contract, the parties usually agree which law and what signature level applies.