Legal validity

A signature is worth as much as its evidence.

Certums implements simple electronic signatures (SES) with strong probative evidence, and supports advanced (AES) and qualified (QES) levels through trust service providers. The architecture follows the industry’s international standards — PAdES (ETSI EN 319 142), RFC 3161 timestamps, a chained evidence package — so validity doesn’t depend on trusting us, but on evidence anyone can verify.

What gets recorded with every signature

Explicit consent

The accepted consent text, with the signer’s date, IP and user agent.

Verified identity

OTP code sent to the signer’s email; optionally sovereign identity (OIDC) or KYC.

Visual signature

The drawn, typed or uploaded signature is preserved as evidence with its SHA-256 fingerprint.

Content integrity

A cryptographic fingerprint of what was signed, chained event by event (hash chain).

Timestamp

RFC 3161 timestamp issued by a timestamping authority when the agreement completes.

Platform seal

A Certums Ed25519 signature over the evidence root, with a published public key.

Completion certificate

A human-readable PDF with every act, hash and seal, signed with PAdES.

Independent verification

The evidence package exports and verifies offline with SHA-256, without trusting Certums.

Why Certums and not a global platform?

If you operate where global platforms don’t reach — or you don’t want your contracts living on third-party infrastructure — Certums is the sovereign alternative with the same signing experience.

Certums Global platforms
Public verification without an account Anyone can validate a document or agreement with the CSV/QR or URL, for free. Usually requires an account or stays locked inside the platform.
Evidence auditable outside the platform Exportable package verifiable with standard tools (SHA-256, Ed25519). Evidence lives inside the platform; auditing means trusting it.
Sovereignty and deployment Multi-tenant SaaS, plus deployment on national infrastructure or on-premise for institutions. Global SaaS with data residency limited to the provider’s regions.
Local identity Integration with sovereign identity (OIDC) and OTP verification; SES/AES/QES levels per signature. Identity tied to the platform ecosystem’s providers.
Document certification Every issued document carries a CSV + QR verifiable for life, on top of the signature. Certification with a verification code is not part of the product.
Note: the admissibility of electronic signatures depends on the jurisdiction and the type of act. Certums produces and preserves the technical evidence; consult your legal counsel on the signature level required for your case. For qualified signatures (QES) we work with qualified trust service providers under eIDAS.