Procedural Change in the Secure Electronic Signature Application Process

12 September 2025

Feyza İkiz / Associate

What Is a Secure Electronic Signature?

Under the provisions of the Electronic Signature Law No. 5070 (“Law”), a secure electronic signature is defined as an electronic signature that:

  • Is uniquely linked to the signatory,
  • Is created using a secure electronic signature creation device that is only at the disposal of the signatory,
  • Is based on a qualified electronic certificate that verifies the identity of the signatory,
  • Enables detection of any subsequent changes made to the signed electronic data.[1]

A secure electronic signature carries the same legal effect as a handwritten signature.[2]

Where to Obtain a Secure Electronic Signature?

Secure Electronic Signature can only be provided with a Qualified Electronic Certificate. Persons seeking to obtain a secure electronic signature must apply to Electronic Certificate Service Providers (“ECSPs”) authorized by the Information Technologies and Communication Authority (“ITCA”). The list of authorized ECSPs is available on ITCA’s official website[3].

What Do the Changes in the Electronic Signature Application Process Aim to Achieve?

On 7 August 2025, the ITCA issued a public statement[4] announcing that a judicial investigation had been initiated following technical findings related to recent cases of fraudulent electronic signatures that have come to public attention. In response, ITCA is introducing a series of changes aimed at strengthening security mechanisms to combat forgery and enhance the integrity of electronic signature systems.

What Are the Changes in the Secure Electronic Signature Application Process?

1. Applications via Power of Attorney are No Longer Accepted

All electronic signature applications must now be completed through in-person identity verification by the applicant.

2. Identity Verification based on Passport is Removed.

As part of the newly introduced changes, secure electronic signature applications will only be accepted from individuals holding a Turkish Republic ID number or a foreign ID number beginning with 99.

3. Secure Verification Methods Made Mandatory

The approval process for an electronic signature application is carried out through the e-Government platform, following login via one of the high-security identity verification methods.

An informative SMS containing the title of the ECSP is sent by ITCA to all mobile numbers registered under the electronic signature holder’s Turkish Republic ID number.By activating the Qualified Electronic Certificate Inquiry service[5] via the e-Government platform, individuals have been enabled to check the secure electronic signatures issued in their name.

4. How Is an Electronic Signature Application Approved?

Qualified electronic signature applications are approved via the e-Government portal by following the steps below:

  • Log in to the e-Government portal (https://giris.turkiye.gov.tr/). Access to the portal must be made using one of the following high-security identity verification methods:
    • Mobile Signature
    • Electronic Signature 
    • Turkish Republic ID Card
    • Internet Banking
  • Type “e-Kayıt” in the site’s internal search bar and navigate to the Information Technologies and Communication Authority’s “e-Kayıt Application Approval Procedures” service.
  • Secure eSignature” is selected from the Business/Provider Type section, and “Continue” is clicked.