Digital signature of contracts in Portugal: types, legal validity and how to implement it

Signing paperless contracts is no longer a promise of the future - it's an increasingly common reality. The question is no longer "if" we can sign digitally, but "how" we do it and what legal value that signature will have in the event of a dispute.

In this article we explain in simple terms what an electronic signature is, which types are most commonly used in Portugal, the legal validity of each according to national and European law and how the process works in practice.

The aim is to clarify without losing rigor - because when it comes to contracts, clarity is essential.

What is an electronic signature and what does the law say?

The term "electronic signature" covers various ways of signing digitally, with different levels of security. The legal reference framework is the eIDAS (EU) Regulation 910/2014, which applies throughout the European Union. There are two key ideas to retain:

• An electronic signature cannot be refused just because it is electronic.
• Only a qualified electronic signature is automatically equivalent to a handwritten signature.

In Portugal, Decree-Law no. 12/2021 confirms this rule, establishing that the qualified signature "is equivalent to the autograph signature" and creates legal presumptions of authorship, intent and integrity of the document. Unqualified signatures continue to be valid, but their value as evidence depends on the assessment made by the court in each case.

The most common types of subscription

Although the European regulation provides for various methods, in practice in the Portuguese market there are mainly three ways of signing digitally. These are the most widely used by companies and citizens, but it's important to stress that they are not the only ones. There are other models - such as certificates issued by qualified private providers - which also have full legal validity.

1. Simple signature (click a button)

This is the most basic format: the user clicks to accept and the platform records the act (time, IP address, document version). This signature is valid, but has no presumption of authorship or equivalence to a handwritten one. Its strength depends on the additional evidence gathered, and it is suitable for low-risk documents or internal commitments. This concept is broad and can be reinforced with additional measures, such as user and password authentication.

2. Subscription with OTP (code sent to cell phone)

In practice, the following points are considered advanced:

a) It is uniquely associated with the signatory, for example when the cell phone number has previously been linked to that user in accordance with GDPR rules.

b) Allows the signatory to be identified, if proof of identity (such as a Citizen's Card) was requested when the number was associated with the user.

c) It is created with data under the exclusive control of the signatory, requiring at least two of the three possible factors:

• knowledge (e.g. password)
• possession (e.g. cell phone)
• inherence (e.g. access to an email to validate the process)

d) Está ligada ao documento de forma a detetar qualquer alteração posterior, por exemplo através de um certificado emitido por entidade reconhecida.

This level conveys greater confidence and is, in most cases, sufficient for commercial or human resources contracts. However, it is not automatically equivalent to a handwritten signature.

3. Signature with Digital Mobile Key (CMD)

The law states that a qualified signature automatically creates the presumption that:

a) It was made by the holder or by a representative empowered to do so.

b) It was affixed with the intention of signing the document.

c) The document has not changed since it was signed.

Which signature to use in each case

The choice of signature type always depends on the risk and context of the contract. For low-impact situations, such as accepting an internal policy or approving a communication with no direct legal relevance, a simple signature may be sufficient.

When it comes to employment contracts, current commercial agreements or documents where it is important to prove the identity of the signatory, advanced signing with OTP is the most suitable option - as long as the process is correctly implemented and documented.

In cases where the law requires handwritten equivalence, or when a contract of great value or responsibility is involved, there is no doubt: a qualified signature, such as one made using the Digital Mobile Key, is the safest option. It alone guarantees automatic legal presumptions of authorship, intent and integrity, without the need for additional proof.

How it works in practice

In practice, digital signatures can be done in two ways. The first is fully automated, using a technological partner (such as Contisystems): when an event occurs (for example, the approval of a proposal in the CRM), a document is automatically generated based on a template with personalized data. This document is then sent for signature, following the appropriate flow for the level of security defined.

The second way is more applicable to smaller processes and is usually done through a portal: the document is uploaded, the signatories are identified and the process is started. Each user receives the notification and signs using the method indicated - simple, OTP or CMD. At the end, the system generates the signed document and the corresponding evidence report, which must be saved for evidence purposes.

Advantages of signing digitally

• Legal certainty, by aligning processes with European regulations and reducing the risk of litigation.
• Operational efficiency, speeding up the formalization of contracts, avoiding travel and reducing costs.
• Sustainability, by reducing the ecological footprint through the elimination of unnecessary printing and transportation.

Signing contracts digitally is simple and secure, as long as you understand the difference between the types of signature and the legal force of each. The simple signature is suitable in low-risk scenarios, the OTP signature covers the majority of everyday contracts and the qualified signature with Digital Mobile Key is the right solution to guarantee handwritten equivalence and maximum legal protection.

More than a technological issue, this is a risk management decision: choosing the right signature level for each contract ensures legal certainty, efficiency and trust in processes.