Digital Signature in Public Procurement 2026

Definition: A digital signature is a cryptographic method that ensures the authenticity and integrity of electronic documents and is relevant in procurement law as the technical basis for electronic bid submission and the qualified electronic signature (QES).

Last updated: January 2026 · Legal basis: eIDAS Regulation (EU) No 910/2014, BVergG 2018 §§ 85–87, VgV § 11

---

Digital signature and electronic signature in procurement law

Procurement law distinguishes between different levels of electronic signature, which offer different levels of security and serve different purposes. The eIDAS Regulation (EU) No 910/2014 defines three categories:

1. Simple electronic signature (SES): Lowest requirements, e.g. a scanned signature or a simple password. Usually not sufficient for award procedures.

2. Advanced electronic signature (AES): Uniquely linked to the signatory, signatory identifiable, signature creation data under the signatory's control, ability to detect subsequent changes. Frequently used on procurement platforms.

3. Qualified electronic signature (QES): Highest level of security; legally equivalent to a handwritten signature (Article 25 of the eIDAS Regulation). Based on a qualified certificate and created using a qualified electronic signature creation device.

Requirements in procurement practice

The requirements as to the type of electronic signature for bid submission vary by national law and platform.

In Germany, the VgV does not in general require a qualified electronic signature for electronic bids; the platform solution itself (with authentication and encrypted transmission) is usually sufficient. For certain declarations (e.g. notarially certified documents), higher requirements may apply.

In Austria, the BVergG 2018 provides that the requirements of the eIDAS Regulation must be observed for electronic communication in award procedures. The Federal Procurement Agency (BBG) and the platform AUSSCHREIBUNG.AT use signature procedures pursuant to eIDAS.

Technical foundations

A digital signature is based on asymmetric cryptography: the signatory has a private key (for creating the signature) and a public key (for verifying the signature). The signing certificate is issued by an accredited certification authority and confirms the identity of the holder.

Steps in creating a digital signature:

1. Generation of a hash of the document (a unique "fingerprint")
2. Encryption of the hash with the signatory's private key
3. Transmission of the document and signature to the recipient
4. Verification of the signature with the public key and comparison of the hash

Distinction from electronic signature

The term "digital signature" is a technical one and refers to the cryptographic method; "electronic signature" is the legal umbrella term under eIDAS. Not all electronic signatures are based on digital signatures in the technical sense; qualified electronic signatures, however, necessarily are.

FAQ

Must a bid in an award procedure be signed with a qualified electronic signature? Not necessarily in all cases. It depends on the contracting authority's requirements and the platform used. In practice, most platforms allow bid submission without a QES, securing integrity through platform encryption and authentication instead.

What happens if a bid is submitted without the required signature? The bid may be excluded as formally incomplete if the signature requirement was clearly stipulated in the procurement documents and the breach is not a curable defect.

---

Last updated: January 2026 All information provided without warranty. For legally binding advice please contact a law firm specialising in procurement law.