Digital and Electronic Signatures
Electronic and Digital Signatures represent a tremendous opportunity for organizations to get documents signed and close deals faster. When rolling out e-signatures globally, you need to be aware of the variety of electronic signature laws across the globe.
The terms Electronic Signatures and Digital Signatures are frequently misused and often thrown around loosely. Here at eMudhra, we help organizations understand the two options and help them in determining the type of signature they should adopt into their workflow.
Let’s understand the differences.
Types of Electronic Signatures
According to the U.S. Federal ESIGN Act, Electronic Signatures are defined as: “Electronic sound, symbol, or process, attached to an agreement or record and executed or accepted by a person with the intent to sign the agreement or record."
Basically, an Electronic Signature is the equivalent of your hand written signature which is digitized and can be used to confirm the content within a document, or terms of a particular document.
Electronic signatures that use encrypted digital certificates to authenticate the identity of the signer. Digital signatures are sometimes referred to as advance electronic signatures, qualified electronic signatures or other terms in jurisdictions outside the US.
Digital Signatures are quite different from Electronic Signatures. To illustrate, take a step back for a moment and look at the security concerns surrounding paper-based documents and workflows. The most common questions/concerns that individuals and organizations face when dealing with paper-based documents are; Is the person who signed the document really who they claim to be? How can I verify that the signature is valid and hasn’t been forged? How do I validate that a document hasn’t been tampered with?
Luckily, notaries come into being and can be traced all the way back to ancient Egypt (according to the National Notary Association). Notaries today play a key role in assuring all parties of a transaction that the document is authentic and can be trusted.
As you can suspect, the same problems exist in electronic document workflows too. Unlike Electronic Signatures, Digital Signatures helps solve this problem and are essentially the online equivalent to adding a notarized signature. In the case of Digital Signatures, a trusted third party, known as a Certificate Authority (CA) serves as the notary in terms of verifying your identity.
Certificate Authorities bind your identity to a PKI-based Digital Certificate which allows you to apply Digital Signatures to documents and cloud-based signing platforms.
When you apply a Digital Signature to a document, a cryptographic operation binds your digital certificate and the data being signed into one unique fingerprint. The uniqueness of the two components of the signature are what makes digital signatures a viable replacement to wet ink signatures.
In summary, the cryptographic operation allows Digital Signatures to verify and assure the following:
• The document is authentic and comes from a verified source
• The document has not been tampered with since being digitally signed as the signature would be displayed as invalid if changes were made
• Your identity has been verified by a trusted organization (i.e. the CA)