What is Remote Signing/ Server Signing?

Definition: Remote signing, also known as server signing, refers to the process of digitally signing documents or files using a remote server or a trusted third-party service provider. It is a mechanism that eliminates the necessity for physical presence to securely sign documents by using a digital signature.


Remote signing/ Server signing explained

When signing remotely, the signing party utilizes a web-based application or a remote server to create a digital signature. The server or service provider typically maintains the private key necessary for generating the digital signature, while the signing party possesses the corresponding public key. This separation of keys ensures the security and integrity of the signing process.

The concept of remote signing was developed in response to eIDAS Regulation No. 910/2014 and allows the generation of Qualified Electronic Signatures (QES) and Advanced Electronic Signatures (AdES) using an electronic signature creation device that complies with the standards. A Trust Service Provider (TSP) acting on behalf of the signer (user) controls QES and AdES remotely. The user is solely responsible for maintaining the security of their signing key, and signature operations are done in a secure signature creation device - a hardware security module (HSM) on the server end.

Qualified Signature or Seal Creation Devices (QSCD) are required under eIDAS for issuing and using qualified certificates and seals. A Signature Activation Module (SAM), which is a component of the QSCD in the case of server signing, is required. A SAM must be Common Criteria (CC) certified based on the eIDAS Protection Profile (PP) EN 419 241-2 “QSCD for Server Signing” to meet the requirements of a QSCD.

Trust Service Providers play a pivotal role in maintaining trust in digital transactions for identities. In order to ensure that the environment for creating electronic signatures is reliable and used under the signatory's sole authority, they must implement certain management and administrative security procedures. The regulation also mandates the use of qualified electronic signature creation devices (QSCDs), which utilize software and hardware to ensure that users retain full control over their signing (private) keys.

Remote signing allows users complete mobility by enabling them to sign from any internet-connected device, including smartphones, computers, and tablets. It also provides an auditable trail of the signing process. It is particularly useful for remote collaboration, business transactions, legal agreements, contract signing, and other scenarios where document authenticity and integrity are essential.



Blog posts

Blog posts

Related products

Related products

Contact us

We look forward to answering your questions.

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.
You have selected two different types of downloads, so you need to submit different forms which you can select via the two tabs.

Your download request(s):

    By submitting below form you will receive links for your selected downloads.

    Your download request(s):

      For this type of documents, your e-mail address needs to be verified. You will receive the links for your selected downloads via e-mail after submitting below form.

      About Utimaco's Downloads

      Visit our Downloads section and select from resources such as brochures, data sheets, white papers and much more. You can view and save almost all of them directly (by clicking the download button).

      For some documents, your e-mail address needs to be verified. The button contains an e-mail icon.

      Download via e-mail


      A click on such a button opens an online form which we kindly ask you to fill and submit. You can collect several downloads of this type and receive the links via e-mail by simply submitting one form for all of them. Your current collection is empty.