The terms Electronic Signatures and Digital Signatures are frequently misused and often thrown around loosely. Here at GlobalSign, we commonly speak with organizations confused by the two options and need help determining what type of signature they should adopt into their workflow.
Let’s jump in and break down the differences.
According to the U.S. Federal ESIGN Act, Electronic Signatures are defined as: “Electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record.”
Basically, an Electronic Signature is the equivalent of your hand written signature digitized and can be used to confirm content within a document, or the terms of a particular document.
Digital Signatures on the other hand are quite different. To illustrate how, it’s helpful to take a step back for a moment and look at the security concerns surrounding paper-based documents and workflows. The most common concerns individuals and organizations face when dealing with paper-based documents are… is the person who signed the document who they claim to be? How can I verify if the signature is valid and hasn’t been forged? How do I validate if the document hasn’t been tampered with?
Luckily, the existence of notaries was invented and can be traced all the way back to the ancient Egypt times (according to the National Notary Association). Notaries today play a key role in assuring the parties of a transaction that the document is authentic and can be trusted.
As you can suspect, the same problems exist in electronic document workflows. Unlike Electronic Signatures, Digital Signatures help solve this problem and are essentially the online equivalent to adding a notarized signature. In the case of Digital Signatures, a trusted third party, known as a Certificate Authority (CA) serves as the notary in terms of verifying your identity.
Certificate Authorities bind your identity to a PKI-based Digital Certificate which allows you to apply Digital Signatures to documents and cloud-based signing platforms.
When you apply a Digital Signature to a document, a cryptographic operation binds your digital certificate and the data being signed into one unique fingerprint. The uniqueness of the two components of the signature are what makes digital signatures a viable replacement to wet ink signatures. For further detailed explanation, see how Digital Signatures work.
In summary, the cryptographic operation allows Digital Signatures to verify and assure the following:
- The document is authentic and comes from a verified source
- The document has not been tampered with since being digitally signed as the signature would be displayed as invalid if changes were made
- Your identity has been verified by a trusted organization (the CA)
So you may be asking yourself now, which type of signatures are legally binding?
What Types of Signatures are Legally Binding?
Depending on the nature of the document being signed, an electronic signature in the form of a scanned image of the signer’s hand written signature is considered to be legally binding in most countries, but does vary by country and at state levels.
However, many regulations (e.g. eIDAS) and states are now requiring Digital Signatures over Electronic Signatures due to the fact that a Digital Signature provides authenticity and integrity that can be held up in a court system. Deciding on what type of signature you want to implement should be dictated by the type of documents you need to sign and the level of authenticity you need the document to uphold.
Types of Digital Signatures
Now that we understand the difference between Electronic and Digital Signatures, let’s take a look at the different types of Digital Signatures available. Different document platforms and services allow you to create different types of signatures using Digital Certificates. Let’s take a look at two of the most popular document processing platforms, Adobe PDF and Microsoft Word.
Adobe supports two types of Digital Signatures, Certified and Approval.
Adding a certifying signature to a PDF means you are the author of the document, have finalized its contents and want to secure it against tampering after it has been distributed.
Certified documents display a blue ribbon across the top of the document containing the signer’s name and the Certificate issuer – a clear, visual indicator of document. authenticity and authorship.
Approval signatures expedite an organization’s approval procedure by capturing the electronic approvals made by individuals or departments and embedding them within the actual PDF.
Signatures can be customized to include an image (e.g. your physical signature or official seal) and various signature details (e.g. signing location, date, reason for signing)
Microsoft also supports two types of Digital Signatures – visible and non-visible.
Visible Digital Signatures appear as a signature line, similar to a physical document. This method is commonly used when you need multiple users to sign documents like contracts or other agreements
Invisible signatures are used when you need to provide document authenticity, integrity and origin assurances, but don’t need a visible signature line. Documents with a non-visible signature display a blue ribbon in their task bar.