Digital Signatures vs Electronic SignaturesWhile they may seem synonymous, an electronic signature is not necessarily a digital signature. An electronic signature can consist of anything from writing your name at the bottom of an email, a scanned signature, clicking an “I accept” button, associated biometric data such as fingerprints, or using an e-signing platform. A digital signature is the most secure and sophisticated form of electronic signature. Using PKI, digital signatures allow both parties to be sure that the right people are signing. This is because signatories are required to have their identities validated by a trusted certificate authority like SSL.com before a document signing certificate is issued. Depending on the industry and the jurisdiction in which you’re conducting business or executing a document, you may need a verified digital signature over a standard electronic signature.
How do Digital Signatures Work?Electronic signatures often consist of an image of a handwritten signature, usually made with your finger or a stylus on a touchpad or screen. They may also include single or multi-factor authentication methods such as a PIN, password, email authentication, or more. The term “electronic signature” on its own does not guarantee that any type of third-party validation of the signatory or integrity of the document’s content has taken place. Unlike a basic electronic signature, a digital signature uses a PKI-based digital certificate issued by a certificate authority (CA) which binds the identity of a person or organization to a cryptographic key pair. When a document is digitally signed with the signer’s private key, the document’s content and the signatory’s identity are bound together cryptographically to form a unique digital fingerprint. This digital signature ensures:
Digital Signatures in the CloudAs more and more people begin using cloud-based platforms, the use of cloud-based digital signatures is becoming increasingly more common. The main draw of using a cloud-based digital signature is ease of use and automation, all while enjoying the benefits of a true digital signature, including encryption within the document itself.
Is My Digital Signature Valid In Other Countries?Currently, PKI-based digital signatures are fully acceptable in the US, EU, Canada, and, in most cases, in Mexico. Mexican law requires handwritten signatures for notarization of a variety of legal documents, including real estate contracts, marriage certificates, contracts of inheritance, powers of attorney, and articles of incorporation. Some countries, such as China, view electronic and digital signatures as valid, but consider handwritten signatures as superior to electronic and digital signatures in matters of marriages, inheritance, adaptation, and real estate.
Digital Signature Laws Worldwide
Digital Signature Laws in the USElectronic and Digital signature laws in the US are among the loosest in the world. The United States passed the ESIGN act in 2000, making electronic signatures legally binding. The law defines an electronic signature as: “an electronic sound, symbol, or process, attached to, or logically associated with a contract or other record generated, sent, communicated, received, or stored by electronic means.” Currently, both handwritten and electronic signatures have the same status in the US.
Digital Signature Laws in the EUIn the European Union, there are two types of certificate-backed electronic signatures: Advanced Electronic Signatures (AdES) and Qualified Electronic Signatures (QES). Both are uniquely linked to the signer, but QES require participants use Qualified Certificates issued by accredited CAs, as well as a qualified signature creation device, which can be a smart card, USB token, or a cloud-based trust service. This means that cloud-based digital signatures are already accepted in the EU, just as they are in the US. The European Union’s Electronic Identification and Trust Services (eIDAS) Regulation, effective in 2016, recognizes three types of electronic signatures: Electronic Signatures. eIDAS defines an “electronic signature” as “data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign.” Like ESIGN, eIDAS also states that a signature cannot be denied legal admissibility solely because it is in electronic form. Advanced Electronic Signatures must be uniquely linked to and identifying of the signatory, must be created using signature data that the signatory can use under their sole control, and any signed data must be tamper-evident. These conditions may be satisfied with a CA-issued digital certificate, such as SSL.com’s Business Identity certificates. Qualified Electronic Signatures have the same legal standing as handwritten signatures. A qualified electronic signature requires a certificate-based digital ID issued by a qualified EU Trust Service Provider (TSP) and must be made with a “qualified electronic signature creation device” such as a USB token. The eIDAS also recognizes electronic seals: Electronic Seals are similar to electronic signatures, but are typically associated with legal entities rather than natural persons. eIDAS distinguishes between electronic, advanced, and qualified seals according to the same criteria used for signatures. Some countries, such as Sweden and Finland, began accepting digital signatures long before the 2016 EU measure.
Digital Signature Laws in CanadaHandwritten and electronic signatures in Canada are treated with the same level of respect, with one additional requirement. Both parties involved in the signing must agree to accept the legality of electronic signatures in order to make the signature legally binding, per the Personal Information Protection and Electronic Documents Act.
Digital Signature Laws in AustraliaThe Electronic Transactions Act of 1999 established the legality of electronic signatures in Australia, with the exception of cases related to migration and citizenship. Different states in Australia have different laws regarding digital signatures related to power of attorney agreements, wills, and real estate transactions.
Digital Signature Laws in New ZealandThe Electronic Transaction Act of 2002 legitimizes digital signatures, as long as specific statutory conditions are satisfied.
Digital Signatures in China and RussiaThe Electronic Signatures Law of the Republic of China makes electronic signatures valid, but handwritten signatures are still viewed as superior to electronic signatures in matters of marriages, inheritance, adaptation, and real estate. In Russia, contracts don’t need handwritten signatures to be legally binding. This means that e-signatures are valid, and even verbal agreements are acceptable in some cases.
Digital Signatures in Latin AmericaDigital Signatures are acceptable and valid in the following Latin American countries: Argentina
Digital Signatures in AsiaDigital signatures are legal in the following Asian countries: Malaysia
Digital Signatures in AfricaDigital signatures are legal in the following African countries: South Africa