For hundreds of years, commerce has relied on personal signatures to close deals, onboard customers and verify identity, among other uses. E-Signatures (or electronic signatures) are becoming increasingly essential for conducting global business and legal transactions in today’s digital world.
Modern e-signatures use secure technology that safeguards against forgery or post-signature alteration. An e-signature must be as reliable and tamper-proof as a pen-to-paper signature, able to verify the identity of each signer, and validate each signor’s intention to comply with the stipulations of the signed document. When using e-signatures to conduct global business, you need to know the requirements and the differences between an e-signature and a digital signature.
Requirements vary from country to country
Businesses worldwide continue to embrace digital solutions that enhance the customer experience while eliminating cumbersome and costly manual systems. As a vital component of paperless processes, an e-signature solution should be a key consideration for any business that is truly committed to digital transformation. Keep in mind, however, that the requirements in various regions differ. One legally acceptable e-signature in the US may not meet the standards in Europe. For global business, adopting a solution that is accepted worldwide is the beginning of a sound, digital transformation strategy.
E-Signatures v/s Digital Signatures
When researching a transition to digital business processes, it’s important to use accurate terminology to ensure your e-signature solution is truly complete. The terms “electronic signature” and “digital signature” are not interchangeable, although they are often used this way.
E-Signature – the US Definition
The U.S. ESIGN Act defines an electronic signature as an “electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record.”
E-signatures encompass handwritten signatures, as well as:
- Clicking “I Agree” during an online process
- Capturing a photo at the time of signing and embedding it in a document
- Capturing biometric data, such as signing speed and pressure
E-Signature – the EU Definition
Within the EU’s eIDAS-Regulation 2014, e-signatures are just a small part of the new Regulation, but that small part is designed to permit the cross-border recognition as well as European harmonization of e-signatures. The new eIDAS-Regulation has an immediate effect in all 28 EU countries in July 2016 and will cause prior esign acts to become mostly obsolete.
Three types of e-signatures
Neither the 1999 European directive nor eIDAS-Regulation 2014 are restricted by a specific technology. Instead both define three types of e-signatures:
- E-signature. Also called a light e-signature, this is where “data in electronic form which [is] attached to or logically associated with other electronic data, serve as a method of authentication.”
- Advanced e-signature. This category of e-signature meets four standards: 1) it is exclusively connected to the signatory; 2) it can be traced back to the signatory; 3) it is created in a way that only the signatory controls; and 4) later changes are detectable and traceable.
- Advanced e-signature are based on a qualified certificate. This is also called a secure digital signature, strong digital signature, or qualified digital signature. The signature must meet two standards: 1) it is created by a secure-signature-creation device (also called a certification authority [CA]; and 2) it must have the technical support needed to ensure the key can neither be forced nor reproduced in a reasonable time.
What is a digital signature?
Digital signatures are considered a subset of electronic signatures. Whereas an electronic signature is a legally binding record, a digital signature refers to the underlying encryption technology that verifies the authenticity of the transaction.