
Electronic Signature Guide
In this article, we will be answering all questions about the electronic signature. You will learn what an electronic signature is, what types there are and how the e-signature differs from the digital signature. We deal with legal aspects – such as the validity of an electronic signature or its verifiability. You will receive tips and comprehensive information on its use in practice, as well as the knock-on effects in electronic business transactions.
Why are documents signed?
If two or more parties wish to enter into a legally binding agreement, they are, in principle, free to choose the form in which they declare their intent. A signature is one of several ways of making an explicit declaration of intent. Verbal declarations of intent are just as valid as written ones but are difficult to prove in the event of a dispute. Electronic signatures also have a different level of proof depending on their type. When used in practice, the electronic signature offers many advantages and extended application possibilities in the course of advancing digitalisation.
Table of contents
Electronic signature – terminology
What is an electronic signature?
An electronic signature is an alternative to a handwritten signature. As a rule, the IT security objectives of authenticity and integrity are pursued by the electronic signature. This means that the signature can be assigned to the signatory and is protected against manipulation. The basis for this is the eIDAS Regulation (electronic IDentification, Authentication and trust Services, (EU) No. 910/2014). This regulates electronic identifications and trust services for electronic transactions within the European Union. It defines the legal framework and sets out the requirements for the individual forms.The eIDAS Regulation defines the term “electronic signature” as follows:
‘Electronic signature’ means data in electronic form that is attached to (or logically associated with) other electronic data and used by the signatory to sign.”
What types/forms of electronic signatures are there?
The electronic signature is divided into three types:
- The simple electronic signature (SES)
- The advanced electronic signature (AES)
- The qualified electronic signature (QES)
What is a simple electronic signature (SES)?
An electronic signature is data in electronic form that is attached to (or logically associated with) other electronic data. The signatory uses these data for signing (Art. 3 No. 10 Regulation (EU) No. 910/2014). This can be a scanned signature or just the mention of the name, e.g. under a document or in an e-mail.What is an advanced electronic signature (AES)?
The advanced electronic signature is uniquely assigned to the signatory and enables the signatory to be identified. It is created using electronic signature creation data. Any subsequent change in the data is recognisable.Further information on the advanced electronic signature
What is a qualified electronic signature (QES)?
The qualified electronic signature is an advanced electronic signature created by a qualified electronic signature creation device and based on a qualified certificate for electronic signatures (Art. 3 No. 12 Regulation (EU) No. 910/2014).Further information on the qualified electronic signature
What is a trust service?
A trust service is provided, among other reasons, if it enables the creation, verification and validation of electronic signatures, electronic seals or electronic time stamps (Art. 3 No. 16 Regulation (EU) No. 910/2014).The following are a few examples of trust services:
- Electronic signing of documents
- Qualified electronic seals and time stamps
- Secure e-mail communication using digital seals
- Certified electronic receipts
- Secure identification and authentication for websites
- Electronic registered mail
Are there any country-specific features?
Further information on individual countries
What is the difference between an electronic signature and a digital signature?
The electronic signature is not a synonym for the digital signature but is often confused with it and used incorrectly.The electronic signature is a legal term with the aim of being legally valid. This legal term is based on the definition of the European Electronic Signature Directive and eIDAS. This is understood to be data associated with an identity and attached to a document.
The digital signature is a mathematical or technical term with the aim of pursuing data security. Cryptographic procedures and strong encryption are used in digital signatures to enable identification. The digital signature can be an advanced (AES) or qualified (QES) signature. However, a digital signature can never be a simple electronic signature (SES), because with an SES, the signature cannot be assigned to a person.
What are the different terms of reference for an electronic signature?
There are no different terms of reference for an electronic signature. The generally applicable term of reference is always “e-signature”.What does “text form” mean?
Text form is a declaration in which a person making the declaration is named and which is submitted on a durable data medium (Section 126b German Civil Code [BGB]). This can be, for example, an e-mail, a WhatsApp message or even a letter.What does “written form” mean?
The written form is a declaration in text form supplemented by a handwritten signature (Section 126 German Civil Code [BGB]).Legal aspects of the e-signature
Is an electronic signature legally valid?
“An electronic signature may not be denied legal effect and admissibility as evidence in court proceedings merely because it is in electronic form […].”
The legislator grants the contracting parties a freedom of choice, which means that the parties can decide for themselves whether the signature is handwritten or electronic. For a few documents, the so-called written form requirement applies. This is fulfilled by a qualified electronic signature or a paper signature. In other cases, all types of e-signatures are generally possible.
Is an e-signature verifiable?
What happens in the event of a dispute?
In the event of a dispute, court proceedings are initiated to review the facts of the case. In the case of a simple electronic signature, it is not possible to determine directly from the signature data whether the questionable declaration of intent was actually made by a specific person. The judge may also have to make their decision on the basis of further available evidence or circumstantial evidence. Providing evidence in such a case is difficult. With an advanced signature there is additional data available for subsequent identification. These can be, for example, writing direction, writing pauses, etc. This additional information is usually embedded in the document in an encrypted format. Decryption is ordered by the court. The key required for this is typically in the possession of an independent third party (e.g. signature service, notary, etc.). This person may, on the order of the court, decrypt the data and hand it over to an expert for further analysis. With a qualified electronic signature the identification of the signatory takes place before the declaration of intent. For the QES and for the AES, obtaining evidence in the event of a dispute is quite possible.Is a scanned signature valid?
Is a faxed signature valid?
Are signed documents protected against alteration?
Electronic signature in practice
How to create an electronic signature?
Click confirmationA simple e-signature is often simply a click confirmation. With the Click on a button function such as “Buy now” or “Order now”, you are submitting a declaration of intent which, however, cannot be proven beyond doubt, as no identity check takes place here.
Scanned signature
A scanned or typed signature on the keyboard are typical examples of simple electronic signatures. In retrospect, it cannot be determined as to whether a declaration of intent was made and by whom.
Handwritten signature
Typically, a device with a touch-sensitive surface (touch function) is used. You sign either with your finger or with a suitable pen. If biometric data – such as writing direction, writing speed, etc. – are recorded in the process, it concerns an advanced electronic signature, as the declaration of intent can be subsequently assigned to the creator.
Certificate-based signature
With a qualified certificate-based signature, the identity of the person is already confirmed in a certificate before the digital signature. The qualified certificate is issued by a verified trust service provider. In addition to a document checksum (hash value), a correspondingly signed document also contains a public key for checking the certificate. The authentication of the person directly before the signature process is done by a 2-factor procedure. The signature process itself is carried out by means of a PIN (Personal Identification Number) or TAN (Transaction Authentication Number).
What does an electronic signature look like?
Strictly speaking, an e-signature has no appearance, it is only data attached to a digital document or file. But to represent the presence of a signature, there is usually nevertheless a visual representation. One option that is often used is the lettering of the signature; this can be created by keyboard, mouse or also with pen or finger on a touch device.Which document formats can be signed electronically?
In principle, all document formats can be signed electronically. Also, Word, Excel and other formats can be signed electronically. In practice, however, such documents are usually converted into a PDF before being signed. In 2008, the industry standard ISO 32000-1 established the PDF as the standard for closed documents. This standard was last audited and issued with a confirmation in 2018. Other document formats such as Word and Excel are not standard formats.Further information on PDF documents
When to use electronic signature?
The electronic signature can be used in all industries and departments. Depending on the relevance and desired level of proof for a document, the type of electronic signature should be chosen appropriately. The advanced e-signature is the best solution for the majority of business processes and documents because of its practicability and simultaneously high level of security.What are the advantages and disadvantages of an e-signature?
The e-signature offers the following advantages:
- Digitise business processes, shorten lead times
- Original quality – even after many years
- Working in an environmentally friendly way
- Save time & costs
- Increase customer satisfaction
- Better organisation
The e-signature has the following disadvantages:
- Different verification value of the signature types
- Technical know-how necessary
- Technical infrastructure required
- Software costs
Does the electronic signature solution also make sense for private individuals?
An e-signature solution also entails potential applications for private individuals. For example, signatures can be obtained for membership applications in associations or for forms in other honorary offices.What does an electronic signature solution cost?
Which provider is the right one for me?
When selecting an e-signature solution, the following questions, among others, should be clarified:- For which use cases should the electronic signature be used?
- How important is the verifiability of the signature?
- Which type of electronic signature is suitable for my applications?
- What are the legal framework conditions?
- What does the signature process look like? Who should sign the documents?
About the author
Christina Detling – Online Marketing Manager
Christina has been working at inSign for over five years and is happy to pass on her knowledge of electronic signatures and digitisation.
- Further articles
More on the topic of digital signatures