What’s in a Name? Digital Signature vs. E-Signature (Part 1)
There’s a lot of confusion about the differences between a digital signature and an electronic signature. Are they one in the same? The short answer is no. While the terms are used interchangeably, each term carries a distinct set of defining features and functions. The broader category of e-signatures often includes digital signatures, which is a specific type of technology used to implement electronic signatures. Here’s a quick guide to the differences between the two popular terms.
Digital Signature vs. Electronic Signature
Let’s start by addressing the definition of each term. An electronic signature is, like its paper equivalent, a legal concept. Its purpose is to capture a person’s legal intent to be bound to an agreement or contract. This type of authorization is usually in the form of signing your name on a document, but it could also be in the form of a sound, symbol or process that signifies intent to sign.
A digital signature on the other hand refers to encryption/decryption technology and is often a subset of an electronic signature. Based on public-key cryptography, a digital signature secures and tamper seals signed documents, allowing you to verify the authenticity of a signed record. A digital signature alone, however, is not an e-signature and therefore cannot capture a person’s legal intent. The magic starts to happen when you couple digital signature technology to an e-signature application such as OneSpan Sign; digital signatures secure and protect the e-signed data, and guarantee the integrity of the e-signed document and subsequent audit trails.
The use of a "digital signature" is the result of its legal and cultural acceptance in certain geographies around the world. Countries in the European Union, South America and Asia, for example, follow a tiered e-signature model that prefers locally defined standards based on digital signature technology. Moreover, some industries support specific standards that use digital signatures as the underlying encryption/decryption technology for digital transactions.
The bottom line is that your e-signature should be leveraging digital signature technology. Without digital signatures, your document-based transactions may not be legally binding, putting you and your organization at risk in the event of a compliance or legal case.
Does My E-Signature Solution Use Digital Signatures?
Not all e-signature solutions are created equal. Many of the solutions in the market do not leverage digital signature technology as part of the e-signing process. What this means is that your documents are left unprotected after each signature is applied – increasing the likelihood of fraud – a risk you want to avoid at all costs. Watch out for solutions that simply add an image of a handwritten signature on the document or only apply a digital signature once at the end of the transaction, without anything to protect the integrity of the signed document between signers or evidence to support it in the event of a consumer dispute.
Every digital transaction has a beginning and an end – and you want to make sure the transaction is secure throughout its lifecycle. Look for a solution that is built on digital signature technology and produces tamper-evident documents after each and every signer signs the document (not simply at the end of the transaction). If the document is tampered with – even in the slightest – the e-signature will be visibly invalidated, indicating that you should not trust the document.
Having digital signature encryption in an e-signature solution creates an electronic record that is even more reliable than paper documents. This is a unique and significant advantage over the paper world, where it is not possible to detect whether changes were made to a document.
Maintaining high levels of security and trust is what has made our business so successful and why some of the most security-conscious global organizations trust us. In working with businesses and government agencies around the world for over 20 years, OneSpan has a deep understanding of the implementation of e-signatures and leveraging digital signatures to guarantee the integrity of e-signed documents. Visit our digital signature page to learn about the top 5 "must-have" criteria to keep in mind when evaluating solutions in the market.
Read "Part 2" of this blog series for an explanation of the role that digital signatures play in building comprehensive audit trails as part of the e-sign process.