Is electronic signature legally binding?

Yes, electronic signatures are legally binding in the EU under the eIDAS regulation and in the US under the ESIGN Act. canusign provides legally valid electronic signatures for contracts, agreements, and documents.

How much does canusign cost?

canusign offers simple pricing: €1 per signed contract for occasional use, or €15/month for unlimited contracts. No hidden fees, no long-term commitment required.

Do signers need an account to sign?

No, signers do not need to create an account. Simply share the signing link and they can sign immediately. No registration, no app download required.

What types of documents can I sign with canusign?

You can sign any type of contract or agreement: rental agreements, NDAs, freelance contracts, employment contracts, service agreements, and more. Upload your own document or create one from scratch.

E-Signature Laws in the EU: eIDAS Regulation Explained for Businesses

A few months back, I was helping a friend who runs a small marketing agency in Lisbon close a deal with a German client. Everything was going great until the contract part. The German legal team sent over a PDF and asked for a "qualified electronic signature." My friend stared at the email for a solid minute and then messaged me: "What on earth is that, and why can't I just use the same signature tool I've been using for two years?"

If you run a business in Europe, chances are you've hit this wall too. The EU has a single regulation that governs e-signatures across all 27 member states, but it's full of acronyms and legal nuances that most founders never bother to learn until they need to. So let's fix that.

This is everything I wish someone had explained to me about eIDAS, written the way I'd explain it to a friend over coffee.

What eIDAS Actually Is

eIDAS stands for "electronic IDentification, Authentication and trust Services." It's an EU regulation (No. 910/2014) that's been in force since July 2016. The whole point was to create one single legal framework for electronic signatures, electronic seals, timestamps, and digital identification across the entire European Union.

Before eIDAS, every country had its own rules. France had one approach, Germany had another, Spain did its own thing. If you signed a contract digitally in Italy and tried to use it in court in Belgium, you might run into trouble. eIDAS killed that problem by saying: an electronic signature created in any EU member state must be recognized in all the others.

That's a big deal for SMBs. It means I can sell a SaaS subscription to a customer in Athens, get their e-signature, and the same document holds the same legal weight in Helsinki, Dublin, or Warsaw.

For a deeper dive into how electronic signatures work in general, my electronic signature legal guide covers the basics in plain English.

A Quick History (I Promise It's Short)

The EU's first attempt at this was the eSignature Directive of 1999. Directives in EU law are weird because they have to be transposed into national law by each country, and that's where things got messy. Every member state interpreted the directive a bit differently, which defeated the whole point.

eIDAS replaced that directive in 2014 and was applied directly across all member states starting July 1, 2016. No transposition, no national wiggle room (well, mostly). And then in 2024, the EU passed eIDAS 2.0, which brings the European Digital Identity Wallet into the picture. More on that later.

The Three Signature Levels: SES, AES, and QES

Here's where the acronym soup starts. eIDAS defines three levels of electronic signatures, and they're not interchangeable. Picking the wrong one is one of the most common mistakes I see SMBs make.

Simple Electronic Signature (SES)

This is the basic one. An SES is "data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign." That's the legal definition, and it's intentionally broad.

In practice, an SES can be:

Typing your name at the bottom of an email
Clicking an "I agree" checkbox
Scanning a handwritten signature and pasting it into a PDF
Drawing a signature with your mouse or finger on a tablet

It's the easiest to use and works for the vast majority of business situations. NDAs, sales contracts, employment offers, vendor agreements, freelance contracts: all of these are typically fine with an SES.

Advanced Electronic Signature (AES)

An AES is a step up. To qualify as an AES, the signature has to meet four specific requirements:

It's uniquely linked to the signatory
It can identify the signatory
It's created using data the signatory can keep under their sole control
Any change to the signed data after signing is detectable

In practice, this usually means a cryptographic signature using a private key, plus some form of identity verification (email link, SMS code, ID upload). Most modern e-signature platforms, including ours at CanUSign, generate AES-level signatures by default for business plans.

AES is what you want for higher-value contracts: B2B SaaS agreements, partnership deals, loan documents, and anything where you want strong evidence of who signed and that the document hasn't been tampered with.

Qualified Electronic Signature (QES)

This is the heavy artillery. A QES is essentially an AES with two extra requirements: it must be created using a "qualified signature creation device" (think hardware security module or smart card), and it must be backed by a "qualified certificate" issued by a trust service provider that's officially listed in the EU Trusted List.

The killer feature of a QES? It has the same legal effect as a handwritten signature across the entire EU. Period. No court can refuse it on the grounds that it's electronic.

The downside is that QES is a pain to set up. The signer typically needs to verify their identity in person or via a video call, get a certificate issued by a Qualified Trust Service Provider (QTSP), and use a special signing device. It's slower and more expensive than SES or AES.

If you want to understand the technical side of how digital signatures actually work under the hood, I wrote about that in digital signature vs electronic signature.

SES vs AES vs QES: Quick Comparison

Feature	SES	AES	QES
Identity verification	None required	Required	Strong (in-person or video)
Tamper detection	Not required	Required	Required
Legal weight	Admissible, but weaker	Strong evidence	Equivalent to handwritten
Setup time	Seconds	Minutes	Days to weeks
Cost per signature	Free or cheap	Low to moderate	$5 to $50+
Common use cases	NDAs, internal docs, basic contracts	B2B contracts, employment, vendor agreements	Real estate, notarial acts, court documents
Cross-border recognition	Yes, but quality varies	Yes	Yes, with strongest standing

Cross-Border Validity (The Real Magic)

This is the part of eIDAS that I think doesn't get enough credit. Article 25 of the regulation says an electronic signature can't be denied legal effect or admissibility in court just because it's electronic, or because it doesn't meet the requirements for a QES.

And Article 25(3) goes further: a QES from one member state has the same legal effect as a handwritten signature in every other member state. No "but our country has special rules" allowed.

That's huge for cross-border SMBs. I've worked with founders who were paying lawyers in three different countries to redo contracts because they thought each jurisdiction needed its own paper signature. They didn't. One eIDAS-compliant e-signature would have been fine.

Practical Use Cases for SMBs

Let me get concrete. Here's what I've seen actually work for small and medium businesses across Europe:

Sales contracts and quotes: SES is fine 99% of the time. If your average deal size is under €50,000 and you're not selling to highly regulated industries, don't overthink this.

Employment contracts: AES is the sweet spot. You want to be able to prove who signed and when, and you want tamper detection. Most countries accept AES for employment contracts, though a few (like Germany for certain types of agreements) still prefer or require QES.

NDAs: SES, always. Move on.

Freelancer agreements: SES or AES depending on the value. Under €5,000, SES is fine. Above that, I'd lean AES.

Lease agreements (commercial): AES in most countries. QES in a few. Check locally.

Loan agreements (B2B): AES if it's a small business loan. QES if you're dealing with banks or regulated lenders.

Real estate purchases: QES, almost always. And in many countries, you still need a notary on top.

Cross-border supplier contracts: AES is the safe choice. It works everywhere and gives you the evidence you need if things go sideways.

What Requires QES in Specific Member States

Here's where I have to be honest: eIDAS doesn't override national law on what kind of signature is required for specific document types. Each member state still gets to say "for this kind of document, you need a QES, full stop."

A few examples:

Germany: Termination of employment contracts (in some cases), consumer loan agreements, and certain commercial register filings require QES. Germany is probably the strictest country in the EU on this.
France: Most consumer contracts can use AES, but real estate transactions and some financial agreements need QES.
Italy: Many public administration documents and some commercial filings require QES, often called "firma digitale" locally.
Spain: Tax filings to the AEAT (Spanish tax authority) and many government interactions require QES, typically using the DNI electrónico (Spanish national ID with embedded chip).
Poland: Most business-to-business contracts work with AES, but court filings need QES.

The lesson: if you're operating across borders and you're unsure, ask a local lawyer. It costs less than getting a contract thrown out.

eIDAS 2.0 and the EU Digital Identity Wallet

The EU passed eIDAS 2.0 in 2024, and member states are rolling it out through 2026. The headline change is the European Digital Identity Wallet (EUDI Wallet), which every EU member state has to offer to its citizens by 2026.

The wallet is basically a smartphone app that lets you store your government-verified identity, driver's license, diplomas, payment credentials, and yes, your qualified signature certificate. The idea is that you'll be able to sign a QES-level document with a tap on your phone, no smart card or in-person verification required for repeat signatures.

For SMBs, this should make QES far more accessible. Right now, getting a QES set up for a single signer can take a week and cost €100+. With the EUDI Wallet, it should be more like five minutes and free for citizens.

The catch? Implementation is uneven. Some countries are ahead (Estonia has been doing this for years with their e-Residency program), others are way behind. Don't expect a smooth rollout everywhere by 2026.

How to Choose the Right Signature Level

My quick decision framework:

What's the document worth? Under €10,000 and not regulated? SES. €10,000 to €100,000? AES. Above that, or regulated industry? Consider QES.
Is it legally required to be QES? If yes, no debate. Use QES.
Will this go to court? If a dispute is even slightly likely, go AES at minimum. The audit trail is worth it.
Cross-border? AES is the safe minimum. SES can be denied legal effect in some courts even though eIDAS says it shouldn't be.
What does your counterparty want? If a German enterprise client says they need QES, just give them QES. Arguing isn't worth the deal.

Honest Limitations

eIDAS is great, but it's not a magic wand. A few things to keep in mind:

National law still matters. eIDAS sets the floor, not the ceiling. Member states can require QES for specific document types, and they do.
Court interpretation varies. SES is technically valid everywhere, but a French court and a Romanian court might weigh the evidence very differently.
QES is still expensive. Even with eIDAS 2.0 coming, the friction is real. Don't promise customers QES if you don't have a clear path to deliver it.
Trust service provider quality varies. Stick with QTSPs on the official EU Trusted List. The list is publicly available and updated regularly.
Non-EU recognition is a separate question. Just because a contract is valid in the EU under eIDAS doesn't mean it'll be enforceable in the US, UK (post-Brexit), or anywhere else. Check local rules.

Wrapping Up

If you take one thing from all this, take this: most SMB contracts don't need QES. AES is enough for the vast majority of business situations, and SES is fine for the everyday stuff. The trick is knowing when to level up.

eIDAS gave European businesses the best e-signature legal framework in the world, and most of us still aren't using it well. We're paying for expensive legacy tools when better options exist, or we're stuck on paper because we're scared of the legal stuff. Neither is necessary.

If you're shopping for an e-signature platform that handles AES out of the box and won't bankrupt you, take a look at our comparison of cheaper DocuSign alternatives. And if you want to see what eIDAS-compliant signing actually looks like in practice, you can try CanUSign for free and sign your first document in under two minutes.

The law's on your side. Use it.