The use of electronic signatures and time stamps was previously regulated by the Signature Directive, which has been implemented in Germany since 2001 with the Signature Act and the Signature Ordinance. As a recognised confirmation body, the BSI is responsible for confirming products (signature creation devices, signature application components, terminals and smart card readers) in accordance with the Signature Act. In order to ensure the security and reliability of qualified electronic signatures, the BSI has also been compiling an annual overview of the suitability of algorithms according to the Digital Signature Act, the so-called 'Catalogue of Algorithm', since 2004. With the introduction of the eIDAS Regulation, the Signature Directive was repealed; the Signature Act was replaced by the Trust Service Act, which entered into force on 29 July 2017. The Signature Regulation also expired on 29.07.2017.

The eIDAS Regulation introduces electronic seals as a new service. Technically, these are comparable to electronic signatures. The essential difference is the assignment to a legal person instead of a natural person. While electronic signatures can be used to make a declaration of intent, the electronic seal of an institution serves as proof of origin: it can be used wherever a personal signature is not necessary but proof of authenticity is desired (e.g. for official notices, certificates, account statements, etc.).

Certification according to the Technical Guideline BSI TR-03145 fulfils the technical and organisational security requirements of the eIDAS Regulation for qualified signature and seal certificates.

Website Authentication, Electronic Signatures and Electronic Seals fulfilling the eIDAS requirements for providers of qualified certificates with BSI Technical Guidelines

Signature and seal creation devices

Qualified signature/seal creation devices, QSEEs for short, are used for the secure storage of the cryptographic keys required for signature/seal creation. This corresponds to the secure signature creation unit under the previous signature legislation.

According to the eIDAS Regulation, QSEEs must be certified according Common Criteria zertifiziert werden. A list of the associated Protection Profiles was laid down in an implementing act festgelegt.