The need for flexible solutions for smart card-based electronic signatures

In an increasingly digitised world, characterised by paperless processes, electronic transactions and tighter data protection requirements, electronic signatures are continuously growing in importance. Smart card-based signature solutions are considered to be particularly trustworthy and secure. They not only provide the required legal validity, but also a high level of protection against manipulation and misuse. However, the requirements for modern signature solutions today go far beyond mere security. Flexibility, platform independence and integration capability are key features for meeting the diverse and dynamic business requirements.

1. Importance and basics of smart card-based signatures

Smart card-based signatures are based on asymmetric cryptography. The private signature key is stored securely on the smart card and never leaves it – not even during the signing process. Only authorised users with the appropriate access (e.g. via PIN or biometrics) can trigger the signature. This makes the solution particularly secure.

1.1 Security architecture

The smart card acts as a pocket-sized hardware security module (HSM). Thanks to the physical protection of the keys stored on a certified secure element, smart card-based systems offer a very high level of resilience against attacks – both local and remote. The cryptographic operations are performed exclusively on the card, which makes it virtually impossible to read or copy the private key.

1.2 Legal validity according to eIDAS

In the European Union, the legal basis for electronic signatures is regulated by the eIDAS Regulation (EU No. 910/2014). Smart card-based signatures meet the requirements for qualified electronic signatures (QES). Legally, these are considered equivalent to handwritten signatures. They are therefore particularly suitable for applications in public authorities, the judiciary, healthcare and finance.

1.3 Standardisation and interoperability

Smart cards are based on established international standards, such as ISO/IEC 7816, CEN CWA 14169 (PKCS#15) or BSI TR-03110. These standards ensure broad interoperability and enable integration into a wide range of IT environments, in both the public and private sectors.

2. The limitations of rigid signature solutions

Despite their security and legal strength, traditional monolithic signature solutions are increasingly reaching their limits. Companies and organisations are facing new challenges that require flexible, adaptable technologies.

2.1 Diverse deployment scenarios

Modern companies work with a wide range of platforms – from local Windows clients to cloud-based SaaS applications. A signature solution that only works in an isolated desktop environment is out of touch with the reality of today's hybrid IT landscapes.

2.2 Complex system landscapes

Typically, existing IT infrastructures are heterogeneous. They consist of DMS systems, ERP applications, archiving solutions and collaboration platforms. A signature solution must integrate seamlessly into these systems to avoid media disruptions and to prevent interruptions to the digital workflow.

2.3 Requirements of mobile and distributed work

Remote work, home office and mobile business processes are no longer exceptions. Rigid signature solutions that require a stationary infrastructure cannot keep up with this. Users need secure signature options, regardless of location and end device.

2.4 Dynamics and scalability

Companies are subject to constant change. New locations, growing numbers of users, regulatory changes or new business models require scalable signature solutions that grow with the requirements and can be continuously developed.

2.5 Industry-specific compliance

Legal and regulatory requirements vary greatly between different sectors. While in healthcare, for example, electronic patient files must be signed, in the financial sector it is contract documents or audit protocols. Only a flexible solution can serve these specific compliance requirements.

3. Features of modern, flexible signature solutions

A future-proof smart card-based signature solution must offer more than just technical security. It must also be versatile, adaptable and user-friendly. The following features characterise modern solutions that are tailored to these requirements.

3.1 Platform independence

Modern solutions support common operating systems such as Windows, macOS and Linux. It should also be possible to integrate mobile platforms such as iOS and Android as well as web-based applications. This requires a clean separation of signature generation and user interaction as well as the use of middleware that works across platforms.

3.2 Integration via APIs and interfaces

Modern solutions offer REST APIs, SDKs or plug-ins for direct connection to document management systems, ERP applications, cloud platforms (e.g. Microsoft 365, Google Workspace) and archiving systems. This allows electronic signatures to be seamlessly embedded into existing workflows.

3.3 Hybrid signature models

One promising development is the combination of smart card-based signatures and qualified cloud signatures. In this case, the smart card remains the trust anchor, but the actual signature is carried out on the server side – for example, by a qualified trust centre. This also allows mobile devices to be securely integrated without compromising the smart card's protective mechanisms.

3.4 User-friendliness

Technical complexity should not be allowed to become a hurdle. User interfaces should be intuitive, easy to understand and embedded in existing applications. Preconfigured profiles, automatic signature detection and role-based user control increase acceptance within the company.

3.5 Compliance with industry-specific regulations

A flexible solution enables the mapping of individual signature requirements – whether it is signing HL7 documents in hospitals, XBRL files in finance or administrative files in the public sector. Support for national eID systems, qualified time stamps or signature-related metadata are also part of the range of functions.

3.6 Future-proof thanks to modular architecture

Flexible signature solutions have a modular structure. Components such as card readers, middleware, signature applications or cloud gateways can be updated or replaced independently of each other. This ensures investment security and enables continuous further development in line with technological advances.

4. Fields of application and best practices

The possible applications of flexible signature solutions are wide-ranging and extend across almost all industries. Some exemplary scenarios show the potential in practice.

4.1 Justice and public administration

In administrations, courts and notaries, the qualified electronic signature is often required by law. By integrating e-file systems and supporting standard formats such as XJustiz or XÖV, digital file management can be implemented in a fully legally compliant manner. Mobile scenarios such as signing on the spot at the citizen's premises can also be realised using hybrid models.

4.2 Healthcare

Hospitals, doctors' surgeries and laboratories use electronic signatures for patient information sheets, medical reports and invoices. A flexible solution not only enables operation at stationary workstations, but also in mobile trolleys or on tablets. Interfaces to hospital information systems (HIS) and integration into telematics infrastructures are essential.

4.3 Finance and insurance industry

Contracts, loan agreements, risk assessments or investment forms require a legally secure signature. Signature solutions are integrated into existing customer portals to enable workflows without media discontinuity. Thanks to central administration and role-based access control, companies retain control over signature processes at all times.

4.4 Remote work and mobile working models

Employees who work from home or on the road need signature solutions that work regardless of location. A combination of locally installed middleware, mobile card readers and cloud signature components ensures maximum flexibility while maintaining a high level of security.

5. Conclusion: Flexibility as a success factor

The requirements for electronic signature solutions are diverse and dynamic. Smart card-based systems offer a high level of security and legal validity – but it is only through flexible, expandable architecture concepts that these advantages can be widely utilised.

A modern signature solution must not only be technically convincing, but must also be seamlessly integrated into existing business processes and IT infrastructures. It must be mobile and platform-independent, support various signature standards and be quickly adaptable to new regulatory requirements.

Companies that rely on such solutions increase their efficiency, reduce media disruptions and strengthen their compliance at the same time. They create the conditions for a completely digital, legally secure and future-oriented way of working.

firmsign is such a solution. It supports various smart card systems and enables trustworthy electronic signatures for paperless processes – flexibly, securely and integratively.