More Information

Understanding Technology, Methods and Authentication

Electronic signature capture is a technology for signing electronic document files with a handwritten signature. The use of this technology allows for the complete elimination of the mailing, storage, filing, copying, and retrieval of paper documents. This will save your business time and money.

As businesses continue to replace paper documents, contracts, and forms with more efficient and cost-effective electronic substitutes, electronic signature technology becomes an increasingly important investment. The cost and time savings of doing business electronically are evident across many sectors and industries, yet many companies are still choosing which technology or method is best suited to their needs. Creating, signing, transmitting, and storing any and all documents electronically and in such a way as to be legally-binding can seem like a daunting task.

What is an Electronic Signature?
“Electronic Signature” means data in electronic form which are attached to or logically associated with other electronic data and which serve as a method of authentication.

With the Signotec software you can produce legal “advancend electronic signatures” according the directive of the European Parliament and of the council.

That means an electronic signature which meets the following requirements:

• it is uniquely linked to the signatory;
• it is capable of identifying the signatory;
• it is created using means that the signatory can maintain under his sole control; and
• it is linked to the data to which it relates in such a manner that any subsequent change of the data is detectable.

Several different methods and technologies exist for attaching “electronic signatures” to documents according to these stipulations. Two common types of signature technology that are widely available yet differ greatly in substance are PIN/Password signature stamps, PK) and digitized handwritten signatures.

Signature Security

For the sake of privacy and legal enforceability, an electronic signature must remain under the “sole control of the signer” to be valid under the national ESIGN electronic commerce law. To satisfy this requirement, a signature must be placed or linked into the relevant document directly, with no interlopers or copies, and then bound to the document in such a way as to render document tampering detectable. Without these critical features, it would not be possible to prove that a signatory did indeed assent to the terms of the written agreement, or that the language in the document was identical in form to the state in which it was initially signed. There is no substitute for an effective security policy which prevents viruses, worms and data sniffers from residing on a client or server computer. Encryption gimmicks in a signature pad connected to a PC provide a false sense of security if a rogue program or keyboard, printer, screen, memory, or usb data sniffer is also on the PC. Matters can be made worse if overly powerful and un-necessary processors and operating systems are employed in electronic signature devices, due to latent bugs and viruses or internal data storage and encryption; as these techniques further jeopardize and remove security monitoring and update capability from the hands of IT personnel.

Document security and signature binding are also important. If the signature is not linked to the contents of the written agreement, it has no real value since there would be no evidence of tampering or changes made to the terms post signing. In the paper-based universe, forensic examiners can perform a series of sophisticated test using infrared, ultraviolet, and microscopic inspection to determine whether ink has been added or subtracted. In the electronic realm, this is accomplished using a cryptographic hash and binding system, rendering a signature essentially “lost” if the contents of the agreement are changed.

Conclusions

In general, when deciding which electronic signature system best suits the needs of your business, use traditional paper-based practices as a gold standard. If a specific technology mimics or matches these practices closely, it is probably a safe and reliable choice. The more technical shortcuts a system employs, such as creating multiple signatures with one stroke of a pen or keypad, or saving flat images in place of real, forensic-quality signatures, the more likely the system is to encounter difficulties and fraud in practice. With old ink-on-paper characteristics as your guide, your electronic document solution should be a signature success.