AES (Advanced Electronic Signature) is a security level for e-signatures that meets specific requirements under the eIDAS Regulation to ensure the identity of the signer and the integrity of the document. It must be uniquely linked to the signer and created using data that the signer has under their sole control.

AI assisted signing is a technical integration of generative AI directly into the signing workflow, providing the signer with interactive support to interpret, navigate, and understand the contents of a legal document. Unlike traditional e-signing, which is a static process for collecting a signature, AI assisted signing transforms the document into an intelligent interface where the signer can ask questions and receive educational explanations without leaving the secure session.

Copy paste leakage refers to the unintentional or unauthorized transfer of confidential information from a secure environment to an insecure one by a user manually copying text and pasting it into an external tool. In the context of e-signing, this most commonly occurs when a signer copies contract terms into public AI services (such as ChatGPT) to receive help with summarization or translation. This action causes sensitive data to leave the organization's control and become part of the external service's training data or logs.

Counterparty AI Risk is the security vulnerability that arises when an external party (the recipient of a document) uses unsanctioned or public artificial intelligence tools to analyze, summarize, or translate confidential information. Unlike traditional internal security threats, Counterparty AI Risk exists outside the sender’s direct technical control, as it is triggered by the recipient's interaction with the document. This creates a critical loophole where trade secrets, personal data, and legal strategies can inadvertently leak into public AI models and their providers.

NIS2 is the EU’s strengthened directive for raising the level of cybersecurity across member states. It imposes high requirements on risk management, reporting, and supply chain security for organizations engaged in essential or critical activities.

QES (Qualified Electronic Signature) is the highest level of e-signature within the EU and has the same legal status as a handwritten signature. It is an advanced signature (AES) that is created using a certified device (QSCD) and based on a qualified certificate issued by a trusted provider (TSP).

QSCD (Qualified Signature Creation Device) is a certified hardware or software module used to generate and store the cryptographic keys required to create a qualified electronic signature (QES). It must comply with the rigorous security requirements set out in Annex II of eIDAS.

SES (Simple Electronic Signature) is the lowest level of electronic signature under the eIDAS Regulation. It includes all forms of digital approval that do not meet the specific technical requirements for higher levels, such as a scanned image of a handwritten signature or a simple confirmation button in a web form.

Shadow AI in contract workflows refers to the unauthorized or unsanctioned use of generative artificial intelligence tools by employees to process, summarize, or analyze legal agreements. This behavior typically occurs when individuals seek to increase efficiency—such as by using public Large Language Models (LLMs) to simplify “legalese”—without the knowledge or approval of the organization’s IT or legal departments. The primary risk is that sensitive contract data is moved into public environments, where it may be used for model training or stored without enterprise-grade security controls.

Signing order is a control feature in e-signing that defines the exact sequence in which recipients receive and sign a document. Instead of sending the agreement to all parties simultaneously, a defined signing order creates a structured workflow where the next person in the chain only gains access to the document after the previous person has completed their action. This ensures that internal approval processes and legal hierarchies are automatically enforced.

A TSP (Trust Service Provider) is an organization that provides digital trust services under the eIDAS Regulation. This includes issuing digital certificates, timestamping, and validating e-signatures.

A tenant-isolated signing environment is a cloud security architecture where each customer’s data, documents, and AI interactions are physically or logically separated from those of other customers. Unlike standard multi-tenant platforms where data may share processing resources, this isolated environment ensures that sensitive contract data and the dialogue with a private AI assistant in signing remain within a dedicated "sandbox." This architecture is a primary defense against Counterparty AI Risk, providing a no training guarantee that prevents corporate data from being used to improve global AI models.

eIDAS is the EU regulation that establishes a common legal framework for electronic identification and trust services across all member states. It ensures that electronic signatures, electronic seals, timestamps, and related trust services are legally recognized and can be used consistently across the European Union. The purpose of eIDAS is to enable secure, seamless, and legally reliable cross-border digital transactions with the same legal certainty as traditional paper-based processes.

eIDAS 2.0 is the major update to the EU’s digital identity framework. The most significant innovation is the introduction of the European Digital Identity Wallet (EU ID Wallet), which is intended to provide all EU citizens with a secure way to identify themselves and sign documents digitally.