What Are Digital Signatures and How Do They Work?

Published Date: 8 July 2019 | 8 min read

Digital signatures

In today's digital world, technology plays a key role for businesses of all sizes and in all industries. Customer expectations are rapidly evolving, in step with the progress of technology. Therefore, companies need to embrace digital transformation to meet these ever-changing expectations.

Digital signatures have been around for some time, and many companies use digital signing solutions to streamline their business processes. Having a digital signature solution in place can reduce administrative burdens, lower costs associated with paper-based signing processes, and help with meeting regulatory compliance obligations. Hence, it comes as no surprise that the global digital signature market is projected to grow from €2.9 billion in 2020 to €12.1 billion by the end of 2025.

 

What are digital signatures?

Digital signatures, also known as advanced e-signatures, represent a type of electronic signatures. Digital signatures provide certainty on the signer's identity and ensure content integrity. As a result, they are far more secure than simple electronic signatures.

To be considered valid, a digital signature must meet the following requirements:

It must be uniquely linked to the signer.

It must be linked to the data signed so that any subsequent change in the data is detectable.

The signer needs to have sole control of the data used to create the signature.

 

Are digital signatures legal in my country?

Digital signatures are valid and admissible as evidence in legal proceedings in nearly all developed countries and actively used in Europe.

Thanks to their auditable characteristics, digital signatures are also much safer than wet ink signatures.

 

Country-specific rules for digital signatures
CountryAdmissibilityExceptions
DenmarkIn most cases, digital signatures are legal and court-admissible in Denmark.The documents that require a handwritten signature are:
Prenuptial agreements (§20, Ægtefælleloven)
Wills (§63, §64, §66, Arveloven)
Lease agreements, if one of the parties requests it (§4, Lejeloven)
Notice of termination of the lease by the landlord (§87, Lejeloven)
NorwayIn most cases, digital signatures are legal and court-admissible in Norway.The documents that require a handwritten signature are:
Prenuptial agreements (§54, Ekteskapsloven)
Minutes of general meetings and board meetings, unless they are electronically signed on the platform provided by Brønnøysundregistrene (§5-7, §5-16, §6-29, Aksjeloven)
Notice of termination of the employment by the employer (§15-4, Arbeidsmiljøloven)
SwedenIn most cases, digital signatures are legal and court-admissible in Sweden.The documents that require a handwritten signature are:
Share certificates, issue certificates, convertible instruments issued in the form of debentures, and warrant certificates (ch.6-§4, ch.11-§6, Aktiebolagslag)
Wills (ch.10-§1, Ärvdabalk)
Notice of termination of the employment by the employer (§10, §20, Lag om anställningsskydd)
Documents which transfer the rights to a property or an asset (Jordabalk)

 

How long are digital signatures valid?

Digital signatures created with Penneo are valid for several years after signing.

Our digital signatures meet PAdES standards and enable Long Term Validation (LTV). LTV is the ability of a signed document to stay valid for many years — even decades — after signing.

Penneo saves the proof of validity as an attachment in the signed PDF document. You can always verify the validity of digital signatures by using the Penneo Validator.

Even if the platform used to create the document becomes inaccessible, the validity of the documents signed with Penneo can still be verified.

 

What are the differences between digital signatures and electronic signatures?

For years, people have been using the term electronic signatures to refer to all online signatures - including digital signatures. However, digital signatures are different from standard electronic signatures - and one shouldn't use them interchangeably.

An e-signature needs to meet specific requirements set by the eIDAS Regulation to qualify as a digital signature.

In conclusion, all digital signatures are electronic signatures, but the opposite is not true.

 

Electronic vs Digital Signatures
Electronic SignaturesDigital Signatures
Signer’s identityEither not verified or checked via channels that do not ensure the signer's identity (email or text).Certificate-based eIDs that ensure the signer's identity by verifying their SSN, VATIN, etc.
Content integrityIt depends on the provider and the level of safety of their product. Some products incorporate electronic signatures into the document, but very few of them are tamper-proof.Each signature is bound to the document using encryption so that no alteration is possible to the signatures or the signed content. If someone tries to alter the content after signing, the software will immediately detect the changes.
Legal validityThey don't always have the same legal validity as traditional signatures.They are the safest type of e-signatures. As a result, they have the same legal standing as manual signatures in every situation.

 

How do digital signatures work?

Digital signatures use public key infrastructure (PKI) to ensure the identity of the signer and the integrity of the document.

As opposed to symmetric encryption, public key infrastructure involves the use of two keys: a public and a private key. Naturally, the private key must be kept secret. The public key, however, can be shared with others. The two keys are different, but connected. Therefore, a message encrypted with one of the keys can only be decrypted by using its corresponding key.

For example, Michael needs to sign an employment contract via Penneo. First, the system generates a hash value or message digest corresponding to the content of the employment contract. Next, Michael uses his private key to encrypt the message digest, which creates the digital signature. He then sends the encrypted signed document back to Ella, the hiring manager.

Digital signature creation

Ella receives the document and uses a copy of Michael's public key to decrypt the message digest. If the public key can decrypt the signature and the two digests are identical, it means that Michael is the actual signer of the document and the document has not been changed. If Michael's public key can't decrypt the signature or the digests don't match, then either Michael is not the signer or the document has been tampered with after signing.

To validate the document, Ella can use the Penneo Validator or the EU Validator.

Digital signature verification

To create a valid and secure digital signature, PKI requires a digital certificate. The digital certificate contains the public key associated with a digital signature and identity of the key's owner. One can use the digital certificate to validate the signer's identity. Digital certificates are issued by Trust Service Providers and Qualified Certificate Authorities.

 

What are the advantages of digital signatures?

Are you still hesitant about switching from handwritten signatures to digital signatures? Here are a few advantages to change your mind.

 

Security and reliability

Digital signatures provide a high level of security since they are impossible to forge.

As opposed to their manual counterparts, digital signatures can easily verify the signer's identity and the integrity of the signed document. Hence, if a person signs an agreement, they can't later deny it.

Digital signature tools also offer data encryption, so you can make sure sensitive information doesn't fall into the wrong hands.

 

Better customer experience

With digital signatures, customers can conveniently sign documents from anywhere in the world and on any device. By eliminating the hassle of printing, scanning, and mailing documents, businesses can improve the customer journey.

What's more, digital signatures help organizations automate manual processes, so their employees can spend more time on value-creating work.

 

Reducing costs and increasing productivity

Digital signature tools help companies eliminate costs associated with printing, mailing, and storing paper-based documents. As an added benefit, by using less paper, organizations will lower their environmental footprint.

Besides cutting costs, digital signature tools also help save time. Paper-based signing processes are slow. Think about it. You either receive the document by post or print it. Then, you need to sign and return it to the sender. To do so, you have two options - scan the signed agreement and email it or send it via snail mail.

Both options are time-consuming. Not to mention delays could occur, especially if a document needs to be signed by multiple people who live in different locations.

Digital signatures speed up the signature collection process and save time by automating recurring tasks.

 

How do I send a digital signature request via Penneo?

See here how easy it is to digitally sign PDF documents with Penneo.

 

How do I digitally sign with Penneo?

Digital contract signing with Penneo is quick, secure and convenient. See here how it works.

 

How much does a digital signature solution cost?

Penneo prices start from € 129 per month. However, we don't believe in the one-size-fits-all approach.

When it comes to digital signatures, you should only pay for what you need. Therefore, we provide a wide range of plans and packages so you can choose the one that best fits your needs.

 

What is the best digital signature solution?

Penneo is the best digital signature solution out there. Digital signatures created with Penneo provide:

Signer authentication: To ensure that the signer is who they say they are, Penneo employs trusted digital IDs such as NemID, BankID, itsme®, and FTN.

Content integrity: To prevent anyone from tampering with the content, Penneo places a unique watermark on each signed document. On top of that, our software creates an audit trail that documents every step in the signing process.

Non-repudiation: When signing a document via Penneo, users need to accept a declaration of consent. The statement contains an overview of the agreement and is part of the signature itself. Additionally, Penneo timestamps every signature with the date and time of creation. As a result, the signature can't be denied.

Another benefit of Penneo is that it ensures a high level of security by employing data encryption and role-based access control. This way, only authorized people can access sensitive data and information.

Equally important are all the other features that make Penneo the best digital signing solution:

Integrations with popular tools and the possibility to build a custom API integration

Document management

Custom signing flows based on predefined rules

Signing multiple documents in one go

Automatic sign reminders

Automatic data deletion as per GDPR

Encrypted forms for data collection

 

Sign up for a free trial of Penneo!