The Electronic and Digital Signature; What Does It Mean?
Within an organization, you generally have to deal with various contracts and documents that need to be signed. However, those who have to sign are often not at the same location. As a result, it can take several days before you receive a signed document or contract back and you’d rather not wait for that. So this workflow is not very efficient. Therefore, it is not very surprising that we are increasingly shifting from the ‘wet’ signature to the electronic and digital signature.
When a signature is required, but it is not signed with a pen on paper, we speak of an electronic signature. DocuSign defines electronic signature as a collective term for various methods of signing documents. Like a wet signature, with an electronic signature, the intention of the signer is recorded and the signer is bound by the terms of the signed document.
Please note that the term “electronic signature” does not guarantee that the signer of a document has been validated. For example, an image of a handwritten signature also counts as an electronic signature. However, the reliability level of this form is low. Therefore, a secure option is better recommended when you are in a highly regulated sector that deals with personal and/or private information. The digital signature offers the solution for this.
Why Choose an Electronic Signature?
With electronic and digital signing, the disadvantages of printing, faxing, mailing, copying, scanning and archiving documents in paper form, among others, are eliminated. At the same time, digital signing makes the complete digitalisation of business processes possible, a lot of time is saved and the efficiency within an organization will increase. In addition, operational costs and the carbon footprint will be reduced. Reasons enough to switch to the digital signature.
Digital Signature v.s Electronic Signature
Although the terms ‘electronic signature’ and ‘digital signature’ are often used interchangeably, the two are not the same. Where the electronic signature is seen more as a collective name and has a lower reliability level, a digital signature is a form of electronic signature with an often higher reliability level.
A digital signature uses a specific technical implementation that ensures that the identity of the signer is linked to the document that is signed. A third party, such as a trusted certificate authority, is responsible for verifying the identity of the signer and links the identity to a PKI (Public Key Infrastructure) based (digital) certificate. This means it comes with encryption standards.
Because a document is digitally signed with the private key of the signer, the content of the document and the identity of the signer are bound together. A digital signature ensures that the signed document is authentic, the signature comes from a verified source and that the document has not been tampered with since it was signed.
Requirements of an Electronic and Digital Signature according to eIDAS
Although the use of an electronic signature is also approved in many cases, various regulations and states require the (PKI-based) digital signature over the electronic signature. This is because the digital signature offers authenticity and integrity that can stand up in a possible court case while in some countries and states an electronic signature won’t.
In Europe, the use of digital signatures is regulated in the European eIDAS Regulation of 2014. As a rule, there are three types of digital signatures accepted by the eIDAS. These three levels are categorized from least to most stringent. The requirements of each level build upon the requirements of the level below it.
Simple Electronic Signatures (SES)
The SES is the simplest form of an electronic signature. eIDAS, artikel 3, defines it as “data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign;”. This form does not necessarily require strict authentication of the signatory.