PassPer / Resources / eIDAS seal & DPP
Trust services

The eIDAS qualified seal and the Digital Product Passport

Every passport registered in the EU DPP Registry must be signed with a qualified electronic signature or sealed with a qualified electronic seal under the eIDAS Regulation. Here is what that requires — and the practical way to meet it.

Important: the signing requirement applies to every registered version, not just the first. Each update to a passport must be re-sealed.

What the registry requires

On submission, the registry validates the presence of a valid qualified electronic signature (for a natural person) or seal (for a legal entity) in accordance with eIDAS. Without it, the passport is not accepted. The seal is produced over the passport version's content hash, so any later change is detectable.

Two ways to meet it

Direct: the operator obtains a qualified electronic seal from a qualified trust service provider (QTSP) and signs each registration. Provider-delegated: a platform holds its own qualified seal and registers on the operator's behalf through a verified account — a valid model under eIDAS. Either way, the operator remains legally accountable for the data.

How PassPer handles it

PassPer's qualified-seal signing is built into the registry-submission path. It produces a CAdES electronic seal over each frozen passport version's content hash and exposes a public verification endpoint. It runs in a remote-QTSP mode (an HSM-held seal via a signing API) or a local-certificate mode, and activates the moment the qualified certificate is provisioned — no change to your workflow.

Frequently asked questions

Do I need an eIDAS seal for a Digital Product Passport?
Yes. The EU DPP Registry requires a qualified electronic signature or seal under eIDAS on every registered passport version.
Can a platform sign the DPP for me?
Yes — a platform can hold its own qualified seal and register on your behalf through a verified account. You remain legally accountable for the data.
Does every DPP update need to be re-signed?
Yes. The signing requirement applies to each registered version, not only the first, so every update is re-sealed.

Related

Check your readiness in 2 minutes.

Answer 10 questions and get a personalised DPP readiness report — free, no account.

Run the readiness check Start free