The following question often arises when contracts are signed: Is the electronic signature legally valid for this purpose? This depends on a number of factors. We explain which requirements electronic signatures must fulfil in Switzerland and in which cases the Advanced Electronic Signature (AES) and Qualified Electronic Signature (QES) are suitable.

Basics of the digital signature

The digital signature makes it possible to sign contracts or agreements electronically instead of on paper in just a few minutes. This guarantees the authenticity and integrity of the signature. In the case of legal entities instead of natural persons, this is also referred to as an electronic seal.

There are various eSigning tools from providers such as Certifaction, Skribble or DocuSign. The process usually works as follows: To have a contract signed, you need to upload it to the tool, select the desired signature type and enter the email addresses of the signatories. The other parties then receive an invitation link to sign and must confirm their identity.

There are three types of electronic signatures: simple, advanced and qualified electronic signatures. The qualified electronic signature (QES) offers the highest level of security and legal validity.

How to use AES and QES

The advanced electronic signature (AES) is linked to the data of the person signing and verifies their identity. Certifaction uses the telephone number for this purpose, as people have to identify themselves when purchasing a SIM card. The AES can also verify changes to the document after it has been signed. The advanced electronic signature is only legally valid if no formal requirement is specified by law for the document in question. This applies to many B2B contracts or internal documents.

The qualified electronic signature (QES) goes even further in that it fulfils all the criteria of the AES and is based on a qualified certificate issued by a trust service provider. The signatory’s identity data is verified by an identity document. The advantage of QES is that it also applies to documents with a written form requirement. This is stipulated in Switzerland for some legal transactions such as consumer loans or leasing contracts.

To determine whether a document has been signed with a valid QES, special websites such as the Swiss Signature Validator or tools such as Adobe Reader can be used. This shows who has signed the document and whether the signature is valid. You can also see the time stamp and provider of the signature in the signature properties.

Screenshot of a PDF reader with a section on digital signatures, showing the valid qualified electronic signature of Manuel Gall dated 9 June 2022, supplemented by a message on valid signature validation.

Relevant laws and regulations

ZertES

The legal validity of digital signatures is regulated in the EU by the eIDAS Regulation and in Switzerland by the ZertES (Federal Act on Certification Services in the Field of Electronic Signatures). Both pieces of legislation stipulate that the qualified electronic signature (QES) is equivalent to a handwritten signature and is conclusive in court.

Please note, however, that the QES can either only be compliant with eIDAS or only with Certifaction. With Certifaction, you can choose between the two jurisdictions when creating the signature request.

Trust services

The EU and Switzerland maintain lists of so-called qualified trust service providers. Within the framework of the QES, trust service providers are responsible for identifying the signatory and issuing the certificate.

According to ZertES, separate bodies (recognition authorities) are responsible for recognising such certification services. KPMG is currently the only Swiss recognition authority. eSignature providers do not have to be recognised themselves, but can work with recognised certification authorities such as Swisscom to issue certificates.

Data protection

The digital signature process must of course also comply with the relevant data protection regulations of the new Federal Data Protection Act (revDSG) and the General Data Protection Regulation (GDPR). This includes the protection of personal data and compliance with transparency and security standards.

We also recommend that you look for certifications such as ISO 27001 and a server location in Switzerland. At Certifaction, documents are processed and encrypted locally. We ourselves have no insight into your documents to be signed – this distinguishes us from other eSigning providers.

Digital representation of a document with security features, including a padlock, key and binary code, symbolising data protection and digital signature.

Restrictions on the legal validity of digital signatures

There are certain documents for which the electronic form is excluded or the electronic signature is not sufficient. One example is the authorisation to register with the commercial register. This requires notarisation. Neither a notarial certification nor a notarial authentication can be replaced by an electronic signature.

There are also industry-specific regulations that you should take into account. For the pharmaceutical industry, for example, it may be relevant whether the QES fulfils the requirements of the FDA (Food and Drug Administration).

Combination of digital and written form

Sometimes companies want to combine digital and written elements. The following must be observed to ensure legal validity:

  • A document signed by hand by one party can be signed electronically by the other party. However, the appropriate type of eSignature must of course be used – i.e. a QES if written form is required.
  • Signatures made on paper and then scanned in are not recognised as electronic signatures as they do not provide the necessary security features and identity checks.
  • Would you like to print out a digitally signed contract? In principle, this is still legally valid even after printing. However, it is important that the digital signature and its validity can also be traced in printed form.

At Certifaction, we ensure the verifiability of printed documents with our digital twin: a QR code that is added to the document and can be scanned after printing.

Laptop screen shows a user interface for digitally signing an employment contract, next to it a smartphone with Certifaction logo and a sample certificate with QR code and signature.

Risks of the digital signature

Companies should find out exactly which form requirements apply to their contracts and declarations. If you only use an AES when written form is required, this signature is not legally valid. In addition, the probative value in court is crucial: use a QES to avoid taking any risks.

Another risk is that your eSigning provider does not comply with the legal requirements of the ZertES or the Data Protection Act. A lack of security precautions can lead to data leaks or successful hacker attacks. Therefore, choose an eSigning partner that covers all legal requirements and offers high security standards.

Conclusion

Electronic signatures speed up your contract processes and in many cases are a legally valid alternative to handwritten signatures. While the AES is suitable for most B2B contracts, only the QES is valid for documents with a written form requirement. To avoid exposing your company to any risks, you should check your specific use cases and choose a provider with high data security standards.

DISCLAIMER: This article is for general information purposes only and is not intended as legal advice. We cannot guarantee the timeliness or accuracy of the information. If you have specific legal questions, please contact a licensed attorney in your area.