Differences In Digital Signatures
Simple electronic signature, FES, qualitative eSignature or digital signature?
In contrast to the signature in paper form, there are different types and designations related to signatures in the digital space.
While we won’t be providing you with legal advice in this article, it will give you an overview of why electronic signatures are becoming increasingly important, what types of electronic signatures exist and what the requirements are for them.
Why sign electronically?
For companies, digitization means increasing electronic handling of business processes . This saves money, time and human resources and starts with the current digitized living environment of your customers.
Documents that were previously exchanged paper-based with customers by post can increasingly be digitized and replaced by electronic documents.
On the way to a paperless office , the electronic signature of documents is also becoming increasingly important.
Against this background, the question arises as to what digital or electronic signatures are.
The electronic signature
The term “electronic signature”or “eSignature” is often used interchangeably with the term “digital signature” . While the digital signature rather describes a technical-cryptographic process, the eSignature focuses more on the process of signing with legal relevance, which is important for users.
The eIDAS regulation regulates the legal framework for electronic signatures . According to Art. 3 [eIDAS-Vo], electronic signatures are “data in electronic form that is attached to other electronic data or logically linked to it and that the signer uses to sign.”
This means that the basic function of eSignatures is to authenticate the signers in declarations of intent, such as contracts. In the case of electronic or analogue signatures, the signatory declares their consent or consent to the signed document or acknowledges its receipt.
What types of electronic signatures are there?
There are different types of electronic signatures .These vary in terms of security requirements and user-friendliness as well as in relation to the legal liability risk .
A distinction is usually made between the following three types of electronic signature :
- simple electronic signature (EES)
- advanced electronic signature (FES)
- qualified electronic signature (QES)
What is a simple electronic signature?
The Simple Electronic Signature (EES) is synonymous with any form of eSignature that does not conform to Advanced or Qualitative Signature standards. Although the eIDEAS regulation does not list the term “simple electronic signature”, it is often used for electronic signatures at the lowest level in common usage .
The legal recognition is to be rated as low due to the lack of legal form requirements and the non-specified safety standards. Due to the lack of a legal basis, there is basically no general catalog of requirements for simple eSignatures.
Possible uses of simple electronic signatures
As a rule , documents can be signed without a specific process of identity verification or approval . An everyday example is signing on the terminal for parcel delivery. Here, the identity is usually not checked by presenting an identification document.
Accepting changed terms and conditions by clicking on them can also count as a simple electronic signature. In addition, order offers are partly accepted via EES.
Requirements for advanced electronic signatures
In contrast to simple eSignatures, requirements for advanced electronic signatures are clearly specified by the eIDAS regulation
Specifically , according to the eIDAS regulation, FES must be able to be clearly assigned to the signatory and thus enable electronic identification.
This is a two-factor identification. This is generated using electronic signature creation data that signers can use under their sole control.
A FES is linked to the signed data in such a way that subsequent changes to the data (manipulation) can be detected.
These requirements result in higher standards in terms of security, verifiability of the identity of the signatory and protection against manipulation of the EES.
This increases the legal recognition of the EES
Possible uses of FES
Due to the increased security standards, AES are used where greater legal relevance of the signed documents is required .
In some cases, FES are used, for example, to sign certain purchase contracts, rental contracts of employment contracts.
Requirements for qualitative electronic signatures
The highest requirements are placed on qualitative electronic signatures (QES) in the context of eSignatures.
The legal recognition is high due to the legal form requirements and the specified standards for safety .
There is a general catalog of requirements for the QES, which results from the eIDEAS regulation. Accordingly , QES “must be based on a qualified certificate valid at the time of their creation and be created with a secure signature creation device .” This results in the highest security requirements for the identification of the signatory.
The QES certificate providers must prove that their data centers meet the legal and security requirements. An example for the generation of a QES is the Video Ident procedure , which checks the identity of the signatory on the basis of several factors.
When is a qualified electronic signature necessary?
QES are typically used when signing digital documents that are required by law to be in writing. These can be, for example, certain credit agreements, mobile phone contracts or account openings.
Due to the strict identification and certification regulations, QES are considered too cumbersome and time-consuming for many everyday business transactions. Because of this, one of the three possible eSignature procedures is selected in each case against the background of weighing up user-friendliness, compliance with regulations and security or legal validity.
Also Read : Use Chatbots In Customer Service