What is a digital signature and how does it work?

A digital signature, also referred to as an Advanced Electronic Signature (AES or AESign), or a Qualified Electronic Signature (eIDAS, EU) is a type of electronic signature that is backed by a digital certificate (x.509) that complies with the strictest eSign legal regulations

With Confidence.

Book a Demo

Book a Demo - Above Footer

How digital signatures work

A digital signature is a mathematical technique used to validate the authenticity and integrity of a message or an electronic document.

The signatures are based on public-key cryptography, using a public key algorithm to generate two keys - one public, and one private.

In most countries, a digital signature is the equivalent of a handwritten signature, as it offers more inherent security than a simple electronic signature. A digital signature cryptographically seals the message (or document), making it tamper-evident.

Digital signatures provide evidence of identity, which can be digitally verified using trust indicators that are built into the signatures and embedded into the document.

What is SigniFlow's approach to digital signatures?

SigniFlow’s approach to digital signatures means we are able to offer more flexibility and control over the type of signatures used, compared to that offered by most eSign competitor platforms.

With SigniFlow, you have the option to request signers to sign with an electronic signature, digital signature, or enforce a personal digital certificate, or a combination thereof. This allows you to build workflows that suit the legal requirements of your business, or a specific document.

 SigniFlow supports a range of secure signature creation devices, including USB tokens, smart cards, and cloud-based x.509 digital certificates.

SigniFlow is "certificate-agnostic", meaning you can use almost any certificate authority (CA) or timestamp authority (TSA), with support for many CAs and trusted authorities through the European Union Trusted List (EUTL) and globally through the Adobe Approved Trust List (AATL).

Digital signatures come standard with SigniFlow as a core offering. We also offer cryptography as a service (CaaS) for customers that have their own app or workflow software, and merely want digital signature functionality built in, without having to deploy Public Key Infrastructure.

What is a digital signaure

Digital signature features

When signing with a digital signature using SigniFlow, you will typically find the following digital signature features embedded. This may vary, depending on your security settings and user preferences, which are configurable in the system.


All signatures are created using digital X.509 standard for public-key certificates.


Timestamping is applied through a trusted Timestamping Authority (TSA).


Embedded record of the state of the certificate at the time of signing.


Document content is protected from start to end using cryptographic algorithms.


Full auditable X.509 trusted AATL embedments for every signer in the workflow.


An automated history of events are logged against a unique document ID.


Audit logs are written and sealed into the document using steganography.


Supports Adobe® Accredited Trust List and European Union Accredit Trust List.


Multi-factor authentication and AD, LDAP, OAuth, SAML, and other options are available.


Embedded auditable record of the geographical location of signatories.

Core eSignature Features

Included in Business License

News Watch takes a look at digital signatures

This two-minute video review produced by News Watch takes a look at the security use-case of SigniFlow's digital signatures.

Public Key Infrastructure

Public key infrastructure (PKI) is a set of roles, policies, hardware, software, and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption for digital signatures.

SigniFlow's certified, international datacentres are enabled with public-key cryptography services for digital signatures.


South Africa - North and South.


Australia East, Malaysia and Singapore.


Netherlands - North.


Brazil - Sao Paulo.


United Kingdom - London.


United States East - Virginia

24/7 Support

We get your office hours

Finally, a software company that has actual people giving its customers - and their customers - 24/7 online support, for free. Our support ninjas are the best in the game.


Industry-leading infrastructure

Connect to any of our 8 international data centres and experience true 99.9% uptime. Over the past 24 months, we've exceeded our 99.5% uptime target across all regions.


IT Security Management

Our Information Security Management System is ISO27001:2013 certified and our Quality Management System is ISO9001: 2015 certified by TÜV Rheinland.


Compliance is our game

SigniFlow's international, segregated security infrastructure ensures customer data is processed in accordance with the most stringent international privacy and cross-border data protection laws, such as GDPR, LGPD and POPI.

The SigniFlow eSignature complies with the EU eIDAS Regulation, the US ESIGN Act, the South African ECT Act, and many other regulations around the world, including countries like Australia, United Kingdom, United Emirates, Qatar, Brazil, Argentina, Peru, Chile, Malaysia, Singapore, Vietnam, and many more.

To find out more about eSignature regulations in your country, contact us for a free consultation.


International Best Practices

The race to zero emissions is on

Why choose SigniFlow?

Increased Security

World-class, industry-leading modern infrastructure and technology that addresses the security use case.

More Choice

Brand it your way, deploy it where you want it, and sign with the compliant eSignature type of your choice.


A solution that offers peace of mind and simplicity, without compromising on security or compliance.


There is no reason to pay the prices our competitors charge. Get a quotation from us and compare.


Deployment Options

Cloud (SaaS)

Get your business online in minutes
Connect to any of our global Cloud services in your region. Register for a free trial account or get yourself or your business online in minutes by visiting our eSign License Plans and subscribing today.

→ Read more

Your Cloud

Own your deployment
SigniFlow's Hybrid technology allows you to deploy SigniFlow in your favourite Data Centre. We support Hypervisor Vitual Machine (VM) and modernised containerised cluster deployments, like Kubernetes.

→ Read More


Bring it in-house
SigniFlow Hybrid technology caters for the most demanding of security use-cases. Deploy SigniFlow in your Server room on a HyperVisor Virtual Machine environment and connect it to your legacy systems.

→ Read more

SigniFlow Hybrid Technology

Technology so powerful, it's changing the game
It's about what you want. Our Hybrid technology was developed by SigniFlow engineers over the course of 8 years, to ensure the most stringent customer demands for choice and security would be met.

Essentially, SigniFlow Hybrid technology allows any customer, in any location, to rapidly deploy their own SigniFlow instance in almost any environment, and any location. The tech does all the heavy lifting for you when it comes to cryptography, identity management, and Public Key Infrastructure (PKI). In addition, it caters to high-security use cases, where customers want to deploy on-premise behind a private firewall or use their own private PKI.

→ Read more

24/7 Online support

We understand your office hours. SigniFlow offers 24/7 online support to all customers.

No matter where you are and no matter what time it is, we are always online to help you meet your deadlines.

SigniFlow 24/7 Support