An integrated online marketplace constitutes an important step in developing the EU’s internal market. But growth online requires that consumers feel confident that the technology they use for online transactions is secure. This Article identifies a missing piece in the European Union’s legal framework for protecting consumers in online markets. In developing its strategy for a Digital Single Market within Europe, the European Commission has taken inadequate measures to protect consumers against online fraud. In particular, the current framework for authenticating electronic signatures provides limited protection for consumers whose e-signatures are forged by third parties. By placing the burden of proof on consumers in disputes over forged esignatures, the law shifts the legal onus away from technology providers—the actors in the best position to identify and rectify breaches. While the recently enacted EU regulation on electronic signatures reverses the burden of proof against providers that qualify for the EU’s highest certification for online security, the regulation establishes an opt-in system for this status. Providers currently have insufficient legal or economic incentives to subject themselves to more robust supervision. Instead of making stricter procedural requirements a voluntary option for provides of e-signatures technology, a new and improved EU law on electronic signatures should shift the burden of proof onto service providers to better allocate the costs of security breaches between providers and consumers.