Every passport registered in the EU DPP Registry must be signed with a qualified electronic signature or sealed with a qualified electronic seal under the eIDAS Regulation. Here is what that requires — and the practical way to meet it.
On submission, the registry validates the presence of a valid qualified electronic signature (for a natural person) or seal (for a legal entity) in accordance with eIDAS. Without it, the passport is not accepted. The seal is produced over the passport version's content hash, so any later change is detectable.
Direct: the operator obtains a qualified electronic seal from a qualified trust service provider (QTSP) and signs each registration. Provider-delegated: a platform holds its own qualified seal and registers on the operator's behalf through a verified account — a valid model under eIDAS. Either way, the operator remains legally accountable for the data.
PassPer's qualified-seal signing is built into the registry-submission path. It produces a CAdES electronic seal over each frozen passport version's content hash and exposes a public verification endpoint. It runs in a remote-QTSP mode (an HSM-held seal via a signing API) or a local-certificate mode, and activates the moment the qualified certificate is provisioned — no change to your workflow.
Answer 10 questions and get a personalised DPP readiness report — free, no account.