Electronic vs digital signatures: “Electronic” and “digital” are often used as interchangeable prefixes to the word “signature” – but there are vast differences between the two.
We are all familiar with, and have at some stage in our daily goings-on, dealt with the traditional “wet-ink” signature. In today’s digitally-charged world, however, this is fast becoming obsolete as more secure, efficient means of signing documents are developed.
A signature is essentially a means of binding an individual to the contents of a document, by way of an intentional mark. It typically signifies knowledge, approval, acceptance, or obligation.
That may be common knowledge, however, the advent of the digital signature has turned the humble handwritten signature on its head, introducing a number of new (and entirely exciting) facets, including a whole new set of terminology.
A digital signature, in its base form, is a digital code created and authenticated by public key encryption, which is attached to an electronic document to verify its contents and the sender’s identity.
But, largely dependent on where you are in the world, “digital” and “electronic” are often confused – or wrongly used interchangeably – in both conversation and law. Often described in unison, digital signatures and electronic signatures individually are different technologies, have different meanings, and they carry different legal weight.
So what exactly is the difference then? Let’s demystify this once and for all…
Electronic signatures: The superficial sign
Also referred to as an “ordinary electronic signature”, an electronic signature is generally defined as “Symbols or other data in digital form (whether it be a sound, process or symbol) attached to an electronically transmitted document as verification of the sender’s intent to sign the document”.
There are many different scenarios here. An electronic signature can be as basic as a scanned image of a handwritten (wet-ink) signature that is copied onto a signed document, in Word for example. Another case of an electronic signature would be your name, typed at the end of an email.
An electronic signature can even be verbal, a simple click of a box, or drawn on a hardware device such as a signature pad.
Given the examples above, it is evident that, by the sheer nature of electronic signatures, these types of signatures are difficult to maintain, and proof of identity, security, authentication and integrity is low.
Electronic signatures do not have the ability to lock documents for editing after the signing process, nor do they carry any active verification capability. This leaves documents signed with electronic signatures wide open to fraud and repudiation.
Digital signatures: The cryptographic mark
As alluded to earlier, digital signatures involve cryptography. They are the most advanced and secure type of electronic signature, and they guarantee the contents of a message or document have not been altered in transit.
A digital signature is also referred to as an advanced or secure electronic signature. It is based on Public Key Infrastructure (PKI) technology, using accredited personal X.509 digital certificates to provide the highest levels of security and universal acceptance.
These electronic signatures on steroids are created using a cryptographic operation that creates a hash-code unique to both the signer and the content, so that it cannot be copied, forged or tampered with.
This process provides strong proof of the signer’s identity, protects the data integrity of the document and provides absolute non-repudiation of signed documents.
Digital signatures can be verified without the need for any special proprietary software. Depending on the document format, the latest versions of free Adobe Reader or Microsoft Office application can verify the signature. Simply click directly on the digital signature to view the properties, signer’s identity, time and reason for signing – all of which are embedded in the document.
When a digital signature is applied to a document, a digital certificate is attached to the data being signed into one unique fingerprint, including cryptographic credentials.
That said, it is obvious digital signatures would carry far more legal weight and be preferable should security be even a slight concern.
In a nutshell, you could say electronic signatures verify documents, whereas digital signatures secure documents.
* SigniFlow only utilises Digital signature technology. Every signature on a document signed with SigniFlow is a Digital signature that carries the unique cryptographic credentials of the signer.
[REFERENCES]
- za – Electronic Communications and Transactions Act, 2002
- Michalsons – Guide to the ECT Act in South Africa
- Difference Between – http://www.differencebetween.net/technology/difference-between-digital-signature-and-electronic-signature/
Source: SignFlow News
More on Electronic Signature Compliance – Electronic Signature Compliance