Understanding Digital Signatures, Part I
As the security market has exploded in recent years, so too has confusion over digital and electronic signatures. Are they one in the same? The short answer is no. The two are often considered synonymous when they actually represent different products and services.
Understanding Digital Signatures
Electronic signatures vs. digital signatures
An electronic signature, like its paper equivalent, is a legal concept. Its purpose is to capture the intent of a signer to agree to and be bound by the terms and conditions of a contract or agreement. As an expression of intent, signing involves a specific act, such as clicking a button or entering a password. Simply typing your name in a Word document could meet the legal definition of an electronic signature. However, this would be risky in most situations since the lack of security would leave your document and signatures vulnerable to tampering. As a result, capturing intent combined with the security and tamper-proofing provided by digital signature technology will result in a legal electronic signature.
The Importance of Digital Signatures
Sending documents for e-signature is a quick and easy process. Once all e-signatures are captured, look for an e-signature solution that packages and secures the final e-signed document using a digital signature. The e-signature solution should apply the digital signature at two levels:
- At the signature level to prevent tampering with the signature itself
- At the document level, to prevent tampering with the document’s contents
This double layer of security ensures the integrity of the document. With tamper-evident controls such as these, all parties involved in a transaction can trust the integrity of a signed document. Since e-signatures are only as good as the security that protects them, it's important that any attempt to tamper with any part of the document, for example adding or deleting words or replacing pages, should be visible.
Why Does this Matter?
If ever your electronic records are challenged in court, you want to be sure they are legally enforceable. If you cannot prove both the signer’s intent and the authenticity of the e-signed document, your e-signed contracts will not be admitted into court. That is why you need both electronic and digital signatures.
The e-signature software you choose must protect the document and the e-signatures with digital signature encryption. This securely ties together signing intent with the information that was agreed to at the time of signing. By digitally encrypting the record, unauthorized changes will automatically invalidate the document. In the case of OneSpan's e-signature solution, OneSpan Sign , signatures are crossed out with a bold red line. The audit trail that is embedded within the e-signed document will also indicate that it has been modified and is no longer valid.
Having digital signature encryption in an e-signature solution creates an electronic record that is even more reliable than paper documents. This is a unique and significant advantage over the paper world, where it is not always possible to detect whether changes have been made to a document.
Not using OneSpan Sign yet? Give our quick demo a try and see for yourself how easy it is to e-sign using digital signature technology.