Trust services are regulated by Regulation (EU) no. 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market (the eIDAS regulation).
eIDAS establishes the requirements and conditions for all digital trust services and aspects of electronic identity and signature/stamping.
Trust services are provided by (qualified) trust service providers who correspond to the established requirements and have been registered in the list of trust service providers.
Trust service providers in Estonia are SK ID Solutions AS (eID and timestamping) and GuardTime AS (timestamping).
RIA mediates timestamping services to Estonia’s public sector institutions.
The European Union has the following trust services:
- issuing and life cycle management of personal certificates
- provision of timestamp services
- creation of e-signatures
- verification of e-signatures
- storage of e-signatures
- e-data exchange service
- issuing certificates for web servers
Timestamping service mediation service
The timestamping service mediation service uses the service provided by the timestamping service provider who won the public procurement organised by the Estonian Information and Communication Technology Centre (Estonian IT Centre, RIT).
The mediation service provides authorities who perform public functions and have joined the mediation service the possibility of not having to make changes to their information systems in the event that the contractual partner of the jointly procured timestamping service changes. In addition, subscribers do not have to worry about having a valid timestamping service agreement. Through the mediation service, RIA ensures the availability of a continuous timestamping service. RIA provides the service for all authorities in the government sector as listed on the Ministry of Finance webpage in the spreadsheet ‘Avaliku sektori asutused haldusalade kaupa’ (Public sector institutions by administrative areas).
Subscribing to the service
The terms and conditions and document forms of the timestamping service mediation service are valid from 15 November 2020.
In order to subscribe to the timestamping service mediation service, you must fill in the corresponding application and send it to [email protected]. The application must be signed by a representative.
Applications and terms and conditions (in Estonian)
eIDAS
The Council of the European Union and the European Parliament have adopted the eIDAS regulation (regulation for trust services necessary for electronic identification and electronic transactions) with the purpose of simplifying cross-border use of electronic services. This facilitates the achievement of a common digital market and a functioning digital economy. The regulation mainly addresses public electronic services.
The eIDAS regulation aims to create a level of trust in the digital world that would equal that of the physical world. To achieve that, common principles on the acknowledgment of electronic identity and digital signatures were established for European public institutions. The comparability, recognition, and common grounds for operation are also ensured for trust services.
Pursuant to the regulation, all Estonian state and local government institutions and private companies who provide public services must recognise digital signatures from all EU members as of 1 July 2016. Similarly, other public sector institutions of EU Member States must accept digital signatures provided by Estonian citizens. Digital signatures of EU citizens that are equal with nationally used digital signatures must be accepted.
For a private person to provide a digital signature accepted in Europe or to verify the validity of a digital signature on a document sent from another EU country, the person’s computer must have an up-to-date operation system and the newest DigiDoc client software.
eIDAS Levels of Assurance (in Estonian)
E-identification schemes and their levels of assurance
Pursuant to the eIDAS Regulation, e-identification schemes in the European Union have three levels of assurance:
- low
- substantial
- high
The following national e-identification schemes are in use in Estonia:
| E-identification scheme | Level of assurance | Available from | Region of use |
|---|---|---|---|
| ID card | High | 2018 | Estonia / European Union |
| Residence card | High | 2018 | Estonia / European Union |
| Digital ID | High | 2018 | Estonia / European Union |
| E-Resident's digital ID | High | 2018 | Estonia / European Union |
| Diplomatic ID card | High | 2018 | Estonia / European Union |
| Mobile-ID | High | 2018 | Estonia / European Union |
| 2022 | Estonia / European Union |
In addition to the national e-identification schemes, there are also private schemes in use in Estonia, the level of assurance of which has been assessed by the Information System Authority as equivalent to the levels specified in the eIDAS Regulation.
The following private sector e-identification schemes have been assessed and are currently in use in Estonia:
| E-identification scheme | Level of assurance | Available from | Valid until | Region of use |
|---|---|---|---|---|
| Smart-ID | High | 2021 | 23.11.2027 | Estonia |
Electronic signatures
Europe uses the term ‘electronic signature’ and divides the signatures into four levels of trust.
The highest of these, a signature equal with a handwritten-signature, is called a digital signature in Estonia.
States may also use electronic signatures with a lower level of trust. Electronic signatures with a lower level of trust may be, but need not be accepted.
As a warning, the DigiDoc Client marks signatures with a lower level of trust with yellow.
Instruction (in Estonian)
Trust levels of electronic signatures
Qualified electronic signature (QES) – equal with a handwritten signature. This advanced signature is based on qualified certificates and has been provided with qualified means of signing. A qualified certificate guarantees that the identity of a natural person was established during the issuing of the certificate. Qualified means of signature operate as guarantees that the data used for creating the signature (the private key) is strictly under the sole control of the signatory.
Advanced electronic signature with qualified certificates (AdES/QC) – advanced electronic signature that is based on qualified certificates, but does not use qualified means for providing signatures. This means that the data for providing signatures (the private key) may be installed in the user’s computer, for example. At the same time, the key may be located on a smart card, but the means and its creation/sharing has not been audited or certified (it has no guarantee).
Advanced electronic signature (AdES) – corresponds to the following minimum criteria:
- the signature is only connected to the signatory;
- the signature allows to identify the signatory;
- the signature has been created with data necessary for signing and its high level of confidentiality secures that the data is under the sole control of the signatory;
- the signature is connected with the data of the signatory in a way that allows identifying all later changes in data.
Other electronic signatures are any other solutions that do not comply with the abovementioned requirements. These may be service-based signatures (e.g. EchoSign supported by Adobe Acrobat Reader) as well as signatures drawn by hand /with a stylus on touchscreens.
Verification of electronic signatures
Upon the opening of an electronically signed document, the DigiDoc client software checks whether the certificate used for signing has been issued by a trusted establishment.
The software will then notify if the electronic signature is equal with a handwritten signature. If the electronic signature is not equal with a handwritten signature, then it may be accepted for operations that do not require a handwritten signature (but in this case, it should be deliberated whether an electronic signature is necessary at all).
Electronically signed documents may have different file formats. Currently, the most widespread electronically signed document format is PDF and the signature format with the extension .asice.
The DigiDoc client software enables to sign national BDOCs as well as digital signatures in ASiC-E-format recognised in Europe. In order to ensure the validity of a digital signature in other Member States, please select the .asice instead of the .bdoc-format when providing a digital signature. A signature in this format is equal to a handwritten signature within the European Union.
Private sector establishments decide on their own whether and at which security level to accept electronic signatures. It is recommended to update the information systems that process digital signatures. Only this allows to guarantee that signatures provided in Estonia in the .asice format qualify in the solutions of other countries and vice versa.
Related links
Last updated: 20.10.2025
