Technology and digitalization have radically changed the way we do many things, from the more complex actions to the simpler ones like signing a document. Signing documents online has never been easier (and perhaps more confusing!). It’s easy to get overwhelmed by the different options available on the market when it comes to online signing.
Electronic signatures vs. digital signatures
Terms like digital signatures and electronic signatures are becoming more and more common and are often used interchangeably. Although a digital signature is indeed a type of electronic signature, it is not equally true that all electronic signatures qualify as digital signatures. These are two distinct concepts, as they differ in terms of features, the security level provided, and the ability to meet legislative requirements.
If you’re looking to know more about the differences between electronic signatures and digital signatures and which is safer to use, read on.
What is an electronic signature?
An electronic signature can essentially be a text, an image, or a symbol placed on a document digitally with the intent to sign. In its simplest form, it can be applied with just a few clicks: using a finger or stylus to draw on a phone, tablet, or computer, uploading a photo of a manuscript signature, or simply typing one's name in the dedicated field.
It's to this ease of use that electronic signatures owe their popularity - as well as being, of course, a highly cost-effective solution for document signing between individuals or businesses situated in different locations.
E-signatures are generally accepted worldwide but are regulated differently by country. For instance, in the European Union, where the eIDAS Regulation is in force, distinctions are made between the different e-signing methods, and not all of them have the same legal value. Therefore, for some cases, a simple e-signature can be sufficient; for others, a more secure digital signature is required.
What is a digital signature?
A digital signature, also known as advanced e-signature, refers to one specific category of electronic signatures that offers more trustworthiness and reliability. A digital signature must meet the following requirements:
It has to be uniquely linked to the signer
It has to be capable of identifying the signer
The signer needs to have sole control of the data used to create the signature
It has to be linked to the data signed in such a way that any subsequent change in the data is detectable.
In other words, a digital signature will provide certainty on the signer's identity and ensure content integrity, therefore granting the highest level of security. Fulfilling these compliance requirements, a digital signature is fully enforceable and binding, thus it has the same legal standing as a handwritten signature - but is also much safer thanks to all the auditable characteristics it's made of.
The EU has been leading the way regarding digital signature requirements. As has often happened in other areas, it has established particularly strict rules for the legal equivalence of electronic signatures and traditional ones. Most other countries ask for much less for the validity of electronic signatures, so it's safe to say that an eIDAS compliant digital signature is valid and accepted anywhere around the world.
What are the differences between an electronic signature and a digital signature?
As clarified so far, what changes is not the simplicity or speed of the operation, but the security involved and the guarantees offered, translating into the validity of the outcome and its suitability to be used as evidence in legal proceedings.
|Electronic Signatures||Digital Signatures|
|Signer’s identity||Not verified at all, or checked through a broad selection of methods, including email or phone message – which, however, do not give full certainty for the authentication of the signatory’s identity||Certificate-based eIDs that guarantee the authenticity of the signers by verifying their SSN, VATIN, etc.|
|Content integrity||It depends on the provider and on the level of quality and safety of the product they offer. Some e-signatures can be incorporated into the document, but just a few of them are tamper-proofing||Each signature is bound to the document with encryption so that no alteration is possible either to the signatures or to the signed content. If changes are made to the document after signing, these are easily detectable|
|Legal validity||Not always accepted as equally valid as a traditional signature - only admitted in some cases||Considered as the safest version of e-signature, compliant with the most stringent legal requirements, therefore always admitted, valid, and binding in the EU and worldwide.|
Are digital signatures legally binding?
Short answer: yes!
Long answer: Digital signatures are legal, trusted, and enforceable in nearly every industrialized nation around the globe and actively in use in Europe. Being the most advanced and secure type of e-signature, a digital signature is as legally binding and as valid as a traditional signature placed with ink on paper.
So only digital signatures are valid? Do simple electronic signatures have any legal value?
Short answer: Some! Not always, it depends.
Long answer: While digital signatures are valid everywhere and generally accepted as legal proof, the same cannot be said for simple electronic signatures, which can only be used for some transactions.
It is worth mentioning that, according to eIDAS, it is not allowed to discriminate a signature purely on the grounds that it is in electronic form. This means that, when a simple electronic signature is used as legal evidence, it is against the law to deny its validity just because it is electronic. It will be up to the court to decide, on a case-by-case basis, whether such electronic signature provides a sufficient level of trust to be deemed valid as a handwritten signature. In some cases, it can be enough; in other situations, more stringent security requirements need to be met, thus a simple e-signature can be deemed non-enforceable (while a digital signature would have been considered valid). Therefore, the simple electronic signature is not automatically invalidated if it does not meet the requirements to be qualified as a digital signature - it will be necessary to check whether it could be used for the specific situation or if more security was required.
What type of signatures does Penneo provide?
Penneo provides different types of signing methods, including digital signature via eID. We recommend our customers to use our digital signature via eID whenever possible, because of its many advantages over a simple electronic signature.
Penneo supports certificate-based eID signatures, which enable the creation of digital signatures that meet international technical standards. A digital signature created via Penneo provides certainty on the signer’s identity and preserves the content integrity of the digitally signed document – thus making it compliant with the eIDAS regulation.
Now that you know the overall difference between electronic and digital signatures, we hope you will feel more confident in making an informed decision about the type of digital signature solution that fits your business needs best. And if you have any questions or comments, we’d love to hear from you!