FAQs

In a nutshell: Electronic signatures are signatures in electronic form, digital signatures are electronic signatures that are encrypted. There are three types of electronic signatures – simple, advanced, and qualified. A simple Electronic Signature would be typing your name at the end of an email. An Advanced Electronic Signature is created in a way that allows for identification & authentication of the signatory and the verification of the integrity of the signed document. A Qualified Electronic Signature can do everything an AES can plus they are created with Qualified Certificates. These certificates can only be issued by a Qualified Trust Service Provider.

The Law Society Smartcard contains a Qualified Electronic Signature, the EU digital signature with the highest form of security. This form of digital signature guarantees the integrity of the document as well as the authentication. The juridical value it has is for integrity: one is sure the text received is the same that was sent, and that literally no-one has changed it. It also guarantees identification: only practising solicitors can obtain this QES from the Law Society.

Anything where you would normally put pen to paper. The Smartcard QES is the highest available level of electronic signature. It is self-proving, i.e. with the exception of wills, you do not need a witness to your signature. According to the eIDAS Regulation (EU Regulation No 910/2014), Art 25 (2), and the UK eIDAS 2016, a QES has the same legal value as a handwritten signature. See also the Requirements of Writing (Scotland) Act 1995.

Every electronic signature can of course be interrogated. Please refer to Verifying a Smartcard Signature on how to check the validity of the signature in the document you received. In the case of the Law Society's Smartcard signature, additional reassurance is provided by the fact that only a qualified solicitor, registered with the LSS, and in possession of a valid practising certificate, can obtain a Smartcard signature. The signatory is also named in the QES itself, information that is available when interrogating the QES.

RedAbogacía is the trading name for the company Infraestructura Tecnológica del Consejo General de la Abogacía, SLU. They are wholly owned by the Spanish Bar Association and are the provider of the software and card technology behind the Smartcard with QES.

ACA is the Abogacía Certification Authority (operated by RedAbogacía). This was set up in 2005 to provide EU-compliant digital signatures to Spanish lawyers and has now authorised more than 80 registration authorities (of which the Law Society of Scotland is one) across the legal and provisional services sectors in a range of European countries.

An open tender process was followed, which required documentary evidence & pricing information and included demonstrations, site visits to current clients, and financial due diligence. A key aspect of our stated requirements was a solution which had already been deployed to a profession, ideally lawyers, of significant scale and over a period of time. RedAbogacía achieved the best score in relation to quality and cost, and all due diligence with existing clients and financial operations assured us they were the ideal partner for this project.

We had tenders from the UK and from other EU countries, but selected on price, quality, and proven track record.

Registration Authority for the Smartcard with QES is the Law Society of Scotland. We perform the necessary ID check, issue cards and digital signatures, and provide accurate information to the Certification Authority.

Certification Authority is Abogacía Certification Authority (ACA, operated by RedAbogacía). It meets all key EU and international standards required of certification authorities, holding the required information to allow the issuing and use of a secure digital QES. This saves the Law Society of Scotland the cost, resource commitment and risks of attempting to become a certification authority in its own right within a small market like Scotland, something which we did not consider as viable or desirable when we designed the specifications and tendered the project.

These two documents are mentioned in the contract solicitors sign when collecting their Smartcard with QES. They form part of the governance background and technical specification of the digital signatures we are issuing.

Certificate Policy is a document which states who the different actors/bodies of a public-private key infrastructure (PKI) are, their roles and their duties. You can view the CP for the Smartcard with QES here.

Certification Practice Statement is a document from the Certificate Authority which describes their practice for issuing and managing public-private key certificates. You can view the CPS for the Smartcard with QES here.

The card reader is a small device connected to your computer via a USB cable. You need it to enable communication between the chip of your Smartcard and your computer in order to apply a signature. An external card reader with USB connection is issued when you collect your Smartcard with QES. A complete installation guide on how to set this up can be found on the Installation page. However, if you have your own card reader, e.g. one that is already built into your laptop, you can use that one instead and don’t need to install another.

Note to Gemalto users: If you otherwise use a Gemalto card reader, this will unfortunately not work with the Smartcard; the systems are not compatible. Likewise, if you have Gemalto installed on your computer in general, you will not be able to use the Smartcard with QES. Please use another computer, or uninstall Gemalto on your machine, if this is feasible.

Your PIN is the 6-digit code you came up with and entered yourself when you collected your Smartcard. It is only stored on the chip of the card; we do not have access and we cannot reset it like the banks do.

If you are unsure, don't try and remember what you did when you picked up your card. Instead, imagine you had to come up with a 6-digit code right now, this instant. Take a note of that code, and then test it. You will need the so-called card manager to do so. (see Step 2 in "Installation and Troubleshooting " below) The card manager is not needed to apply the Smartcard signature to a document, but it is a handy tool to have when it comes to checking or changing your PIN. How to do that can be found here: How to test your PIN & PUK.

If you have lost your Smartcard, you can cancel your digital signature on the chip. On the day you obtained your Smartcard with QES, you received an email with a cancellation code. Please following this link and enter this cancellation code. This will revoke your digital signature. You should also send an immediate email to smartcard@lawscot.org.uk, advising us that your card has been lost.

Yes, you can use your Smartcard with QES as an ID card as well, since it contains the same visible information as an ID-only card – the name you practise under, your photograph, and your solicitor ID number.

For all enquiries about the Smartcard with digital signature, please contact us at smartcard@lawscot.org.uk.