Login

|

Help Center

|

+43 50 423

We value your privacy!

We use cookies on our website to offer you the best experience. By clicking "accept & close", you agree to the use of all cookies according to our and our . If you do not make a selection, our default cookie settings will be applied. You can change your settings at any time.

Data privacyCookies

Create a digital signature

Create a digital signature

How to obtain a (qualified) electronic signature (QES)

Gloria Dzida
Updated on 28.02.2023

When you need a qualified electronic signature, you often come across the terms "identification" and "authentication". But what do these terms mean? And why do I need it for digital signing? How do I get a QES and how does the identification process work? In this article, we explain!

What is identification? Identity verification via Videoident

In order to ensure that the document has been signed by the right person during digital signing, the identity of the person must be verified. If, for example, only an image of the signature is placed on a document, the identity cannot be verified and guaranteed. Therefore, a qualified signature is required for important documents in order to maximize the probative value and legal validity. To be able to sign with a qualified electronic signature (QES), you have to go through an identification process once.

Identification means establishing one's own identity. In most cases, this is done by presenting an official identification document (e.g. passport or ID card). For example, when opening a bank account, the identity is checked by comparing the biometric features of the photo ID shown with the natural person standing in front of the bank employee or present via video call. Identification only needs to be carried out once when registering.

In our case, the user is identified before receiving a qualified electronic signature. This can be done online with a trust service provider of your choice using a video identification procedure (Videoident). Personal data must be provided beforehand and a photo ID must be presented during a video call. If the data provided matches the ID card data and the biometric data from the photo ID card matches the person in the video call, the identity can be verified.

What is authentication?

Once you have been identified and "know" yourself, you "only" have to authenticate yourself from now on. During authentication, you have to prove your identity each time. This can be done using various authentication factors. For example, using

  • a password/PIN (knowledge)
  • a smartphone that can receive a unique verification code or
  • a fingerprint scan/face ID (biometrics).

The factors can also be combined, such as with two-factor authentication and multi-factor authentication, to increase security.

Authentication is therefore the verification of the specified identity. Two-factor authentication comes into play with qualified signing. Once you have logged in to sproof sign (factor 1 password), you have to confirm your identity using a mobile app (factor 2 fingerprint or face ID) for qualified signing.

Identification vs. authentication - what is the difference?

Identification establishes the identity of a person and links the digital identity with a natural person and their name. Identification only needs to be carried out once as a first step, e.g. user registration with sproof sign or in identification procedures to obtain a QES.

Identity is verified during authentication/authentication. The specified identity is compared with the specified data. This authentication process must be carried out again each time, e.g. logging in with sproof sign or 2-factor authentication when signing with QES.

Identification and authentication therefore go hand in hand and cannot be carried out without the other.

Identification and authentication for qualified signing

In short: To obtain a qualified electronic signature (QES), you have to identify yourself once and set up 2-factor authentication (duration: 15 minutes once). For qualified signing, you then only need to authenticate (duration: <1 minute each time).

How do I get a QES (with sproof sign)?

  1. To get a QES, you must first provide your personal details
  2. Before you start the video identification procedure, present your official photo ID
  3. In the video call, you must present your official photo ID. The trust service provider then compares the data you provide with the ID card data and the biometric data from the photo ID card with you in the video call. If all the information matches, your identity will be verified
  4. Next, you need to download a mobile app (e.g. Mobile ID) and log in.
  5. Your digital identity is stored in the app by the trust service provider and a second security factor (e.g. fingerprint scan or Face ID) is set up.
  6. You can now sign with a qualified signature and only need to authenticate yourself in the app (push message) before signing with a qualified signature.

More blog entries

"We do Austria's accounting". The federal accounting agency (BHAG) signs digitally.Digital sustainability in the hotel and catering industry: HOGAST saves measurable resources with sproof signHow to sign your contracts digitally & with guaranteed legal validityDigital signing of prescriptions - teleclinic is a driver of innovation in the field of telemedicineDigital signatures according to FDA (Part 11) create traceability in FDA-regulated industries
Why sproof sign?Highest security and compliance paired with an "all-in-one" functionality make sproof sign the top European alternative on the e-signature platform market. 100% developed and hosted in Europe.
Product
Use Cases
Resources
sproof sign is currently the highest-rated e-signature provider on the independent review platform OMR Reviews and has also been certified by CRIF GmbH with the 'ESG SCORE: A' for sustainability.
© 2024 sproof GmbH
Imprint
T & C
Privacy Policy
Cookies