“Digital signatures” are a driver for digitization and process optimization in companies. So it’s no wonder that more and more companies are turning to them to reap the massive benefits.
But what is actually meant when people talk about a digital signature? The most important facts in a nutshell.
What is the purpose of a digital signature?
A digital signature serves the same purpose as a handwritten signature: it is used to authenticate a document on your behalf or to express your agreement. For example, a contract does not become valid until all parties to the contract have signed it.
Is a digital signature legally valid?
If all legal requirements are met, a digital signature is legally valid!
This is also clearly regulated by law in many countries and economic areas of the world, such as the EU, Switzerland, the USA or China. Framework regulations such as eIDAS in the EU or ZertES in Switzerland govern the technical requirements so that there is no doubt about legal validity.
Some use cases require a special eSignature standard, the so-called Qualified Electronic Signature (QES). In the EU, for example, this is legally equivalent to a handwritten signature. As long as you ensure that you meet existing formal requirements with the QES, all your signed documents are fully legally valid.
Learn more about the legal validity of digital signatures on the linked page.
What is the difference between digital and electronic signatures?
The following terms are often used in connection with digital signatures, and the difference is not obvious at first glance:
- Digital signature
- Electronic signature
- eSignature / e-signature
There is a difference between “digital signature” and “electronic signature”. Electronic signature is the generic term, because not every electronic signature must necessarily be digital.
In practice, however, there are virtually no electronic signatures that are not also digital.
Legislators usually refer to electronic signatures or signatures in legal texts. “eSignature” or “e-signature” is the common abbreviation for the word electronic signature.
Is a digital signature as secure as a handwritten one?
In many cases, a digital signature is actually more secure than a handwritten one, especially if the identity of the signers is verified before the signature, as is the case with a QES or the Professional eSignature (PES) by Certifaction.
Unlike a handwritten signature, here it is practically impossible for a signature to be forged or to come about as a result of identity theft – as long as all the technical requirements of the legislator are met.
What’s more, electronic signatures can be stored for the long term. Unlike a contract on paper, an electronically signed contract cannot be lost, for example. The evidential value is thus preserved.
However, there is a potential risk when it comes to data protection. Many eSignature providers have access to the content of documents and can read them in full. Only a provider with zero document knowledge, where data is processed locally and transmitted in encrypted form, provides secure protection.
What types of electronic signatures are there and how do they differ?
There are various signature standards for electronic signatures which differ primarily in how signers are identified electronically.
One of the most important standards is the Qualified Electronic Signature (QES) already mentioned, for which the legislature imposes strict identification requirements. This can be done, for example, using a video identification service. This type of signature is equivalent to the handwritten one in the EU, but costs more per signature than the other standards.
Another widely used eSignature standard is the Simple Electronic Signature (SES). Here, signers are identified only by their e-mail address, which, however, already promises a high level of security for most applications in the B2B sector (for example, when company e-mail addresses are used).
Certifaction’s Professional eSignature (PES) combines the best of both worlds, identifying all signers within 40 seconds using automated identification. At the same time, it is significantly less expensive than a QES.
You can use PES where there is no formal requirement, but you still want to identify signers securely.
You can find out more about signature standards on the linked page.
What are the advantages of digital signatures?
In a nutshell, digital signatures have many advantages:
- They save the effort and cost of sending contracts by mail or traveling in person – up to 50 euros per signature!
- They make it possible to sign a contract within a few minutes, thus significantly reducing waiting times.
- Electronic documents are much easier and more efficient to archive than paper.
- The user experience is better – a big advantage in B2C businesses
- You can identify signers beyond doubt, making fraud much more difficult.
- You enable the complete digitization of your business model.
You can read more about the benefits of digital signatures in the linked article.
What do digital signatures look like in use?
Digital signatures are very easy to use and a huge time-save. The user interface of Certifaction, for example, is very intuitive and can be used easily even without prior knowledge.
The process for signing a contract can be summarized quite simply like this: you upload the document in the app and specify who you want to invite to sign it. You can optionally make settings, such as the signing order.
Once you have sent out the invitations, all signers are now identified electronically before signing in the case of a QES or PES. This whole process usually only takes a few minutes.
Check out the linked post for step-by-step instructions on how to easily sign contracts electronically.
Digital signatures and data protection
When it comes to data protection and eSignatures, it very much depends on the provider or the specific solution implemented. With most providers, data such as your documents is transferred to the eSigning provider unsecured and stored there.
This unprotected transmission means that your data is exposed to potential attacks. In some cases, companies also advertise that they evaluate your documents using artificial intelligence, which is at least an indicator that these companies also routinely parse the contents of your sensitive data.
In contrast, solutions using end-to-end encryption (E2EE) promise the highest possible data security. Here, your data is already encrypted on your device and transmitted to the provider. This means that no one can read your transmitted files – not even the eSigning provider itself.
Is data security an important issue for you? Certifaction stands for the highest possible data protection according to our proven privacy-first approach.