Documentation
API ReferenceChangelogFAQDashboard

Qualified Electronic Signature (QES) Verification

Effortless and compliant customer onboarding for the entire Europe.

Sumsub's QES Verification is a Qualified Electronic Signature-based onboarding solution that meets the highest eIDAS identification standards and is recognized as a compliant method for user verification under the national AML/CTF requirements in all 27 EU member states as well as Iceland, Liechtenstein, and Norway. Simultaneously, the solution facilitates remote high-value and high-risk document signing with the legal power of a handwritten signature.

Since QES Verification is consistent with the pan-European electronic trust service requirements established under the eIDAS framework, businesses are not required to comply with country-specific identification standards, including those of ANSSI in France, SEPBLAC in Spain, or ADR in Romania.

Our solution works by combining Sumsub's certified Identity Verification modules together with the Document Signing service enabled by a Qualified Trust Service Provider. To complete the onboarding journey, the customers simply need to verify their identity and seamlessly sign the relevant documents using a one-time password.

Overall, QES Verification is an excellent choice for user verification and electronic document signing that not only helps organizations achieve regulatory compliance on a pan-European basis, but also enables a fast and effortless experience for their end customers.

📘

Note

Under the requirements of the German Money Laundering Act (GwG § 12 (1) 3.), when a person's identity is verified by means of a qualified electronic signature, the obliged entity is also required to ensure that a transaction is executed directly from a payment account, which is held in the name of the verified individual.

In order to help regulated organizations in Germany achieve compliance with this requirement, Sumsub has simultaneously enabled the Penny Drop Verification solution, which enables combining Identity Verification, Payment Initiation, and Qualified Signing in a single user journey.

Use cases

QES Verification satisfies two primary use cases for Sumsub clients.

Case 1: User onboarding that is compliant with AML/CTF regulations across all European Union countries under the eIDAS framework, including the following industries and sectors:

  • Banks
  • Neobanks
  • Trading platforms
  • iGaming operators
  • Investment platforms
  • Credit unions
  • Brokerage firms
  • Insurance companies

Case 2: Electronic signing of high-value or high-risk documents that require the same legal power as a handwritten signature, including:

  • Financial Services — credit applications, platform usage agreements, loan agreements.
  • Employment — employment contracts, vendor contracts.
  • Government — permits, tax returns.
  • Healthcare — patient consent forms, prescriptions.
  • Real Estate — property leases, sales agreements.

Solution benefits

  • Compliance. Ensures full compliance with national AML/CTF regulations for customer onboarding in all 27 EU member states as well as Iceland, Liechtenstein, and Norway.
  • Scalability. Enables businesses to onboard customers on a pan-European level, without having to comply with country-specific identification standards, such as those of ANSSI in France, SEPBLAC in Spain, and ADR in Romania.
    Conversion. Improves the speed and user experience of identification and document signing in comparison to traditional verification methods accepted in Europe, leading to a direct increase in both customer conversion and approval rates.
  • Legal recognition. Delivers the same legal power for document signing as a handwritten signature, making it effortless for businesses to remotely execute legally binding transactions and agreements.
  • Fraud prevention. Offers the highest level of onboarding and operational security by ensuring the integrity of the signed document, authenticity of the customer data, and non-repudiation of the signing process.
  • Seamless integration. Delivers an effortless product implementation experience for Sumsub clients via our lightweight Mobile and Web SDK frameworks.

How does QES Verification work

The Sumsub QES process is a typically completes in less than 5 minutes, requiring minimal user action; simple and streamlined to enhance user experience while ensuring security.

General QES Verification flow

Step-by-step product journey:

  1. ID Verification. The user’s identity document is captured and verified via our Seamless ID Capture module.
  2. Liveness check. Biometric data is collected to confirm user's identity document ownership and real-time presence.
  3. Phone and Email Verification. User submits and verifies their phone number and email address via OTP. This step can be omitted if the Sumsub client shares the verified phone number and email address data via the API before starting the onboarding.
  4. Document review. User is presented with client documents to review prior to signing.
  5. OTP Authentication. A One-time Password (OTP) is sent to the user via SMS to confirm real-time document signing.
  6. Document Signing. The document is signed with a Qualified Signature and sent back to the client both via the API and the Dashboard.

Penny Drop Verification flow

Step-by-step product journey:

  1. ID Verification. The user’s identity document is captured and verified via our Seamless ID Capture module.
  2. Liveness check. Biometric data is collected to confirm user's identity document ownership and real-time presence.
  3. Phone and Email Verification. User submits and verifies their phone number and email address via OTP. This step can be omitted if the Sumsub client shares the verified phone number and email address data via the API before starting the onboarding.
  4. Country and bank account selection. User identifies their onboarding country and bank, from which the transfer will be conducted.
  5. Consent review. User provides consent for personal data sharing and authorizing the transaction.
  6. Bank account login. User logs into their online banking account via Secure Customer Authentication (SCA).
  7. Payment confirmation. User authorizes a nominal payment, typically of 0.01 EUR, to be processed from their account. The transferred amount will be returned.
  8. Real-time presence and account ownership validation. The relevant user identity and account data are retrieved to confirm the user's real-time presence. Additionally, the system cross-checks the information to ensure a complete identity match and validate the account ownership.
  9. Document review. User is presented with client documents to review prior to signing.
  10. OTP Authentication. A One-time Password (OTP) is sent to the user via SMS to confirm real-time document signing.
  11. Document Signing. The document is signed with a Qualified Signature and sent back to the client both via the API and the Dashboard.

Supported jurisdictions

The QES Verification solution enables around 98% coverage of all identity document holders in each applicable jurisdiction:

Austria
Belgium
Bulgaria
Croatia
Cyprus
Czechia
Denmark
Estonia
Finland
France
Germany
Greece
Hungary
Ireland
Italy
Latvia
Lithuania
Luxembourg
Malta
Netherlands
Poland
Portugal
Romania
Slovakia
Slovenia
Spain
Sweden
Iceland
Liechtenstein
Norway

Identity documents accepted under the eIDAS framework for identification purposes include National Identity Cards, Passports, Driving Licenses, and Residence Permits. Explore our Coverage Sheet for a full breakdown by jurisdiction.

📘

Note

Switzerland and the United Kingdom both have separate approval processes for Qualified Trust Service Providers under their national laws that should be executed in order to offer QES Verification to local businesses. For the time being, our solution is not available in these jurisdictions.

Supported languages

The QES Verification solution currently supports the following languages:

  • English
  • German
  • French
  • Italian
  • Spanish
  • Dutch

📘

Note

  • Languages that are not supported will be displayed in English within the Document Signing steps of the process. The rest of the verification process will be displayed in the language chosen by the client, as long as it is supported by Sumsub.
  • Contact your Customer Success Manager if you wish to include an additional language to the onboarding flow. The expected delivery time is ~1 month.

Compliance overview

Sumsub’s Qualified Electronic Signature ensures several crucial elements, which gives it the same legal power of a handwritten signature:

  • Integrity — no modifications to the document its content can be made once the signature has been issued;
  • Authenticity — the signature is based on a qualified certificate, which serves as a proof of the signer’s identity;
  • Non-repudiation — the signer cannot deny having completed the signing process himself.

For these reasons, QES Verification adheres to the highest identification standards under the eIDAS framework (Regulation (EU) No 910/2014), which outlines the use of electronic identification and trust services, and is considered equivalent to in-person customer onboarding. As a result, the solution is recognized as a compliant identification method by national AML/CTF regulatory requirements in all 27 member states of the European Union as well as Iceland, Liechtenstein, and Norway.

Setup and configuration

The provided QES Verification solution scheme demonstrates the following:

  • Integration architecture between Sumsub, our clients, and the Qualified Trust Service Provider (QTSP)
  • Required and optional steps of the end-user journey
  • Overall solution functionality

Get started with the integration

The QES Verification solution is currently supported via the following Sumsub frameworks:

Refer to the complete technical integration guide to get started with the implementation process of QES Verification.

QES Verification FAQ

Find the most frequently asked questions about Qualified Electronic Signature (QES) Verification.

Why does the process require email address and phone number verification?

Sumsub requires user contact information as part of the regulatory requirements to issue a qualified certificate. At the same time, a verified phone number is required to conduct the SMS One-time Password (OTP) authentication for document signing in real time and by the same verified individual.

How much flexibility can we offer over the UI/UX of the signing process?

While Sumsub offers complete whitelabling of the QES Verification solution, the wording, consent documents, and general flow of the document signing part of the process must remain the same for all clients.

Does Sumsub charge its clients per initiated or per successfully completed signing sessions?

The billing will be calculated per each initiated signing session, only after the user successfully passess the Identity Verification part of the process. However, if the user abandons the signing session before completing it, the same session, which is valid for 60 minutes, can be re-used, avoiding additional charges.

Does Sumsub charge its clients depending on the number of signed documents or signatures per document?

No, the number of signed documents or required signatures per document does not affect the solution pricing.

Which languages does Sumsub support in QES Verification?

While English is the default language setting in the QES Verificaiton solution, Sumsub additionally supports French, Spanish, Italian, German, and Dutch at no additional cost for its clients.

What is the validity and format of the SMS OTP code?

The SMS OTP code is composed of 8 random digits and is valid for 5 minutes.

What is the validity of Sumsub's qualified certificate?

60 minutes. The certificate is issued after successfully passing the identity verification. The user then has an hour to complete the document signing.

Is the qualified certificate reusable for multiple signing sessions?

No, the certificate can only be used per signing session. Multiple signing sessions would require repeating the identity verification process.

What is the validity of Sumsub's qualified signature?

20 years.

What is the average time of the manual Identity Verification review?

The manual review of the Identity Verification part of the process is expected to an average of 3.5 minutes.

What is the average time of the Sumsub client document signing?

The document signing with a qualified signature is expected to take an average of 5 seconds. The required time additionally depends on these factors:

  • number of documents uploaded for signing;
  • the size of the documents;
  • the number of signatures required each document.
Are there any limits on the maximum number and size of the client documents?

While there are no limits on the number of documents that can be uploaded for signing, the maximum size of the total uploads is 30MB.

Is it possible to sign multiple document with multiple signatures?

Yes, both the number and exact placement of the signatures can be defined. This is done by specifying the position (X and Y axes) for each signature in the document.

Why is manual agent review currently required for each end-user identification?

According to the ETSI 119 461 requirements, fully automated remote customer identification can only occur on the basis of digital identity document verification, which, in the context of the European market, are almost exclusively NFC-based. Meanwhile, physical identity document verification requires manual operator review.

Why does the identity document capture process require recording?

According to the ETSI 119 461 requirements, remote customer identification, which is conducted on the basis of a physical identity document, requires recording of a video sequence to visualize the physical characteristics of the identity document and its security features, covering each relevant side.

How does the end-user receive the signed documents once the process is completed?

Sumsub will return the signed documents to the client both via API and the Applicant Page on the Client Dashboard. The client should then share these documents with the end-user on their platform.

Does Sumsub offer its ETSI-certified ID Verification services on a standalone basis (e.g., Seamless ID Capture and Video Identification)?

Yes, Sumsub offers its ID Verification services on a standalone basis for clients that already have an integrated qualified document signing solution.

Updated 8 days ago