Want to know what a digital signature is and how it works? And why more and more businesses are relying on digital document signing? Read on to find out.

 

What are digital signatures?

Digital signatures are a means to authenticate the identity of signers and the integrity of signed electronic documents and messages. They are admissible as evidence in legal proceedings and provide a higher level of security than handwritten signatures.

eIDAS uses the term advanced electronic signatures to refer to digital signatures. According to the regulation, a digital signature must be:

  • uniquely linked to the signer,
  • capable of identifying the signer,
  • linked to the data signed so that any later change in the data is detectable.

Additionally, the signer needs to have sole control over the data used to create the digital signature.

To meet these requirements, digital signatures employ public key infrastructure (PKI). PKI is a set of roles, technologies, and processes needed to generate and manage cryptographic key pairs and digital certificates. A digital certificate is an electronic file that binds a public key to its owner. The trusted organizations that issue digital certificates in Europe are called Trust Service Providers.

 

How do digital signatures work?

PKI uses a cryptographic algorithm to generate two keys: a public and a private key. The two keys are different but mathematically connected.

The private key is used to sign the document and should be kept secret. The public key needs to be shared with the recipients so they can authenticate the signature. The only way to validate a digital signature created with a person’s private key is by using the same person’s corresponding public key.

When a person signs a document, the digital signing solution runs the document through a hashing algorithm. This generates a unique numeric representation of the document called a message digest.

The message digest is then encrypted using the signer’s private key. The encrypted message digest is the digital signature of the document.

Creating a digital signature

Next, the digitally signed document is sent to the recipients. The same hashing algorithm is applied again to generate the message digest of the present document after signing.

Using the signer’s public key, the recipients can decrypt the digital signature. If the signer’s public key can decrypt the signature, the signer’s identity is verified.

By decrypting the signature, the recipients also get the digest of the document at the time of signing.

If the two digests are identical, the document has not been tampered with since signing.

Authenticating a digital signature

A digital signature is only binding when:

  • the signer’s public key can validate it and;
  • the two digests match.

 

Learn more about digital signatures

 

Digital vs. electronic signatures
Are digital signatures legal in my country?
Are digital signatures secure?
What are the benefits of digital signatures?
When can I use a digital signature?
How to sign PDF documents with Penneo
How to verify a digital signature
Sign documents for free with our digital signature solution

 

Digital signatures vs. electronic signatures

People often use the term electronic signatures to refer to all online signatures – including digital ones. However, digital signatures are different from simple electronic signatures.

To be considered digital signatures, e-signatures need to meet specific security requirements set by the eIDAS regulation. In conclusion, all digital signatures are electronic signatures, but the opposite does not apply.

 

Are digital signatures legal in my country?

Under EU’s eIDAS, digital signatures are just as legally binding as traditional signatures placed on a piece of paper. And according to eIDAS, it is not allowed to discriminate against a signature on the grounds that it is in electronic form.

However, there are still a few exceptions where the law requires a handwritten signature. These exceptions are different for each Member State.

Country-specific exceptions
Country Exceptions
Denmark
  • Prenuptial agreements
  • Wills
  • Lease agreements, if one of the parties requests it
  • Notice of termination of the lease by the landlord
Norway
  • Prenuptial agreements
  • Minutes of general meetings and board meetings, unless they are electronically signed on the platform provided by Brønnøysundregistrene
  • Notice of termination of the employment by the employer
Sweden
  • Share certificates, issue certificates, convertible instruments issued in the form of debentures, and warrant certificates
  • Wills
  • Notice of termination of the employment by the employer
  • Documents which transfer the rights to a property or an asset
Finland
  • Contracts that must be notarized
  • Real estate transfers and deeds, with the exception of leases
  • Contracts governed by family law or inheritance law, such as testaments and prenuptial agreements
  • Certain corporate certificates or documents, such as share certificates, issue certificates
  • Termination letters
Belgium
  • Contracts which create or transfer rights in real estate, except for rental rights
  • Contracts requiring by law the involvement of the courts, public authorities, or professions exercising a public service (e.g., a notary)
  • Contracts for personal and real guarantees given by persons acting for purposes other than their trade, business or profession
  • Contracts governed by family law or inheritance law, e.g., prenups, wills, deeds of adoption, divorce agreements, etc.

 

Are digital signatures secure?

Yes! Digital signatures allow you to verify the identity of the signers, make sure any documents you send out cannot be modified, and ensure that the signer cannot deny having signed said documents.

 

What are the benefits of digital signatures?

Besides providing a higher level of security than handwritten signatures, digital signatures will also help you:

  • reduce the amount of manual work in preparing, sending, signing, and scanning documents
  • remove the need for ink, paper, and postage fees
  • make it more convenient for your stakeholders to sign documents

Other advantages of digital signatures are faster contract turnaround, hassle-free compliance with legal requirements, and a positive impact on the environment.

 

When can I use digital signatures?

Companies across multiple industries and departments use digital signatures to improve efficiency and strengthen data security. Here are some examples of documents that can be signed digitally:

  • Annual reports, audit reports, engagement letters, letters of representation, management statements, NDAs, and tax documentation
  • Loan & mortgage agreements, board & company documents, insurance policies, pension schemes agreements, leasing offers, voluntary settlements, and repayment agreements
  • Lease agreements, purchase contracts, deeds, and real estate web forms
  • Employment contracts, company policies & guidelines, and bonus agreements
  • General meeting documentation, governance policies, and articles of association

 

How to sign PDF documents with Penneo

Creating a digital signature is quick, secure and convenient. See here how you can sign PDFs online with Penneo.

 

How to verify a digital signature

The main reason digital signatures are more secure than handwritten signatures is that they are virtually impossible to be forged. That is because digital signatures are built on PKI technology, so their data is embedded in the final document and verifiable.

If you want to check the validity of a digital signature, you can do so in several ways:

 

Sign documents for free with our digital signature solution

Penneo Sign is a secure digital signature solution that provides:

  • Signer authentication: To verify that the signer is who they say they are, Penneo employs trusted digital IDs such as NemID, BankID, itsme®, and FTN.
  • Document integrity: To prevent anyone from tampering with the content, Penneo places a unique watermark on each signed document. On top of that, our software creates an audit trail that documents every step in the signing process.
  • Non-repudiation: When signing a document via Penneo, users need to accept a declaration of consent. The statement contains an overview of the agreement and is part of the signature itself. Additionally, Penneo timestamps every signature with the date and time of creation. As a result, the signature can’t be denied.
  • High level of security: Penneo employs encryption and role-based access control. This way, only authorized people can access sensitive data and information.
  • Integrations with popular tools and the possibility to build a custom API integration

We hope by now you’ve been convinced of the many advantages of using digital signatures in your organization. So what are you waiting for?

Request a free trial and start signing documents online for free today!

 

 

If you're looking to learn more, we have a few suggestions for you

Norwegian Transparency Act

Åpenhetsloven

Customer onboarding

Customer Onboarding: Benefits & Steps

Cybersecurity

Cybersecurity: Everything You Need to Know