Electronic signatures are crucial in the B2B world for quickly, cost-effectively, and securely concluding contracts and initiating new projects. They accelerate business processes and enhance both security and compliance.
Definition of the Electronic Signature
Electronic signatures utilize various encryption techniques to ensure the authenticity and integrity of signed documents. They provide a legally recognized method to sign contracts and other binding documents online, regulated by the eIDAS Regulation in the EU, which ensures their legal validity across all member states.
Difference Between Digital Signature and Electronic Signature
Electronic signatures are equivalent to handwritten signatures on paper but in digital form. The terms “electronic signature” and “digital signature” are often used interchangeably, but there are distinctions. The electronic signature is the legal term, while the digital signature refers to the technical process. Confusingly, signatures created with a digital pen (e.g., when confirming a parcel delivery) are also often called “digital signatures.”
The information transmitted with the signature identifies signatories, varying with the chosen signature standard.
What is a Certificate for Electronic Signatures?
A certificate for advanced and qualified electronic signatures is a digital certificate issued by a trust service provider. It verifies the signer’s identity and provides a public signature key to verify the signature. This certificate is added as a seal to the electronic signature.
Swisscom signature certificate
Are Electronic Signatures Legally Valid?
Yes, electronic signatures are recognized by the eIDAS Regulation in the EU and many other legal frameworks worldwide, holding the same legal force as handwritten signatures if they meet legal requirements. In Germany, the Trust Services Act (VDG) regulates the legal framework for electronic signatures. The qualified electronic signature (QES) meets stringent security requirements and is recognized by eIDAS in Europe (and ZertES in Switzerland) as equivalent to a handwritten signature in court.
Good to know: Electronic signature vs. faxing?
While faxing transmits a physical copy of a document, electronic signatures provide a secure and verifiable method of authenticating electronic documents, supported in part by trust services.
Legal Validity of Different Signatures
According to eIDAS, electronic signatures’ legal validity is divided into three types: simple electronic signatures (SES), advanced electronic signatures (AES), and qualified electronic signatures (QES). QES is the most secure and holds the highest probative value in court. However, simple and advanced signatures are also legally valid in their respective applications, though SES carries a higher risk of forgery than AES.
The Professional Electronic Signature (PES) from Certifaction
The Professional eSignature (PES) developed by Certifaction sits between advanced and qualified signatures. All signatories are identified within 40 seconds using automated identification, making it cheaper than QES and more secure than AES. PES is ideal when formal requirements are absent, but secure identification is still desired.
Overview: eSignature Types (SES, AES, PES, QES)
- Simple Electronic Signatures (SES) Signatories are invited and identified by email.
- Advanced Electronic Signatures (AES) Greater security with signatories authenticating via SMS code.
- Professional Electronic Signatures (PES) More secure than AES, using email and forgery-proof online ID verification with a face scan.
- Qualified Electronic Signatures (QES) Most secure, with signatories identifying via email, forgery-proof online ID verification with face scan (EU), and manual agent verification (CH), supported by certified trust service providers.
Good to know: Can a scanned signature be sufficient?
A scanned signature can be sufficient in some cases. It is often used and accepted for offers. However, it is only an image of a signature and therefore does not offer the same security and legal recognition as an electronic signature. In case of doubt, an electronic signature — and in particular a QES — is always preferable, as it has greater probative value.
Special Use of the Qualified Electronic Signature (QES)
A written form requirement necessitates using QES, such as when signing temporary employment contracts or loan agreements. QES requires a strict identity-check of the signer and the provision of a qualified signature certificate issued by an officially recognized trust service provider.
What is a Remote Signature?
The legal effect of remote signatures is ensured by their compliance with the legal forms and requirements laid down in the law and the relevant regulations.
Remote signatures bear the seal of the trust service and correspond to the written form, which increases their legal effect and acceptance in legal and business transactions.
Fields of Application for Electronic Signatures
Electronic signatures are used in various areas, including contracts, government forms, and business transactions, enhancing efficiency and speeding up processing. They are also widely used in HR and recruitment and are beneficial across industries. Certifaction’s Privacy-First eSignature is particularly used in sectors handling sensitive data, such as healthcare, finance, and education.
Benefits of Use and Challenges
Electronic signatures offer several advantages:
- Save effort and cost of sending contracts by post or traveling.
- Enable quick signing of contracts, reducing waiting times.
- Allow easier and more efficient archiving of electronic documents.
- Improve user experience, especially in business with end customers.
- Enhance fraud prevention by securely identifying signatories.
- Offer more security than handwritten signatures.
- Enable complete digitalization of business models.
Digital signatures in practice
Digital signatures are very easy and time-saving to use. The Certifaction user interface, for example, is very intuitive and can be used easily even without prior knowledge.
The process for signing a contract can be summarized quite simply: you add the document and specify who is invited to sign. The invitations to sign are sent out and, in the case of a QES or FES, all signatories are identified electronically before they sign. This whole process usually only takes a few minutes.
Integrating your own handwritten signature
Incorporating individual signature images, i.e. an image of your own handwriting in documents, can reinforce the impression of authenticity. Many providers offer the option of incorporating your own handwriting into the signature card.
How Do Digital Signatures Work Technically?
The private key signs the hash value (a unique digital fingerprint) of the document. The public key is stored in the certificate and allows for authentication verification. During this process, the checksum encrypted during signature creation is decrypted and compared to the newly calculated hash value of the document.
For remote signatures, the key pairs are generated and managed by the Trust Service Provider (TSP) in a qualified signature creation device (HSM). The TSP ensures the private key is accessible only to the signer, typically guaranteed through a second security factor. Additionally, the TSP verifies the signer’s identity securely before creating a signature key and retaining the identity data.
Choosing the Right Provider
Not all eSigning providers have the same principles. Look for eIDAS-compliant signatures and ensure the required signature standard is met. Some providers offer automated workflows with AI, reading document content and using it in the statistical reporting.
Digital Signatures and data security
Other providers focus on end-to-end encryption (E2EE) and local data processing for maximum data security. Your documents are protected by Certifaction using the proven privacy-first approach with zero-knowledge technology. The processing solution is used locally. Your data is already encrypted on your end device and transmitted completely end-to-end encrypted. This means that the tool has no insight into your documents and their content and data.
Practical Tips
To maximize security, ensure systems are up-to-date, train employees on secure electronic signature use, and choose trustworthy, eIDAS-compliant providers.
Content
- Definition of the Electronic Signature
- Difference Between Digital Signature and Electronic Signature
- What is a Certificate for Electronic Signatures?
- Are Electronic Signatures Legally Valid?
- Legal Validity of Different Signatures
- Overview: eSignature Types (SES, AES, PES, QES)
- Special Use of the Qualified Electronic Signature (QES)
- What is a Remote Signature?
- Fields of Application for Electronic Signatures
- Benefits of Use and Challenges
- Digital signatures in practice
- How Do Digital Signatures Work Technically?
- Choosing the Right Provider
- Digital Signatures and data security
- Practical Tips