buscar

Technology Update
Our present is the best guarantee for the future

What is an Electronic Signature?

07/07/2020

With the rise of e-commerce, the use of security mechanisms in commercial transactions became a necessity. The most common security mechanism used today is the electronic signature.

The electronic signature guarantees the integrity, authenticity, confidentiality, and nonrepudiation of a document.

  • Integrity: Assures that the document has not been changed; it is the same as originally received
  • Authenticity: Identifies the person signing the document; ensures that they are who they claim to be
  • Confidentiality: Makes the document accessible only to authorized persons
  • Nonrepudiation: Guarantees that once the document is signed, the signatory cannot deny having done so

Thanks to the security guarantees offered to us by digital signatures, they have become a vital part of commercial document approval. This is especially true in the case of a companies’ most sensitive documents.

Electronic signatures are now so widely used that their definition, characteristics, and requirements are regulated at the national level in each country.

In general, electronic signatures can be understood as a group of data that serve to confirm the approval of a document by a signatory, as well as that person’s identity and the integrity of the information contained in the document.

The electronic signature is also called a “digital signature”, or “e-signature”. It is important to be careful when using these terms because their definitions and degrees of legal validity can differ greatly from country to country.

 

How Do Electronic Signatures Work?

Most electronic signatures are based on a system of data encryption and the use of electronic certificates.

As their name suggests, electronic certificates are used to certify the identity of a physical or legal entity. They are issued by Certification Authorities, neutral third-party entities trusted by both trading partners to verify the identity of each side in a commercial transaction.

Like electronic signatures, electronic certificates and Certification Authorities are regulated country-by-country.

 

Global Regulation of Electronic Signatures

As mentioned previously, each country regulates electronic signatures in their own way. One of the most important initiatives aimed at harmonizing electronic signatures across borders is the . It serves as a framework for the development of nation-level e-signature laws by UN member states and hopes to encourage cross-border trade.

The Model Law on Electronic Signatures (MLES) aims to enable and facilitate the use of electronic signatures by establishing criteria of technical reliability for the equivalence between electronic and hand-written signatures. Thus, the MLES may assist States in establishing a modern, harmonized and fair legislative framework to address effectively the legal treatment of electronic signatures and give certainty to their status.

UNCITRAL Model Law on Electronic Signatures

 

Electronic Signatures in Europe

Another initiative to homogenize the use of electronic signatures was taken up by the European Union. Electronic signatures in the region are governed by the Regulation (EU) N°910/2014 “on electronic identification and trust services for electronic transactions in the internal market” (eIDAS Regulation).

The purpose of the eIDAS Regulation is to guarantee security in electronic transactions and encourage cross-border commerce by basing e-signatures and digital certificates on a common standard. It distinguishes between different electronic signature types depending on the complexity of the security mechanisms used to create them. The three types are:

Electronic Signature

Defined as “data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign” (Art.3.10 eIDAS Regulation). 

 

Advanced Electronic Signature

The Advanced Electronic Signature is the most frequently used since is offers a greater degree of security. It must comply with the following requisites:

  • Be uniquely linked to the signatory
  • Identify the signatory
  • Be created using mechanisms controlled exclusively by the signatory
  • Be linked to the signed e-document, making any change detectable

 

Qualified Electronic Signature

 The Qualified Electronic Signature is the most sophisticated of the three and guarantees the highest level of security in electronic operations. It is defined as “an advanced electronic signature that is created by a qualified electronic signature creation device, and which is based on a qualified certificate for electronic signatures” (Art.3.12 eIDAS Regulation).

A qualified electronic signature has the same legal validity as a written signature.

The type of electronic signature used in each case will depend on the sensitivity of the transaction and whether regulation is in place that pertains to the transaction in question. EU Member States must comply with the relevant guidelines when exchanging documents whose e-signature is required.

 

Electronic Signatures in Latin America

Each Latin American country has its own electronic signature legislation in place. Multinationals operating throughout the region need to be aware of the pertinent legal and technical requirements to sign documents electronically.

The Mexican legislation distinguishes between the electronic signature and the “advanced” (or “trusted”) electronic signature. Under this law, the entity responsible for issuing electronic certificates is called a Certification Service Provider (PSC).

In Argentina, the term “digital signature” is predominant while in Colombia, the terms “electronic signature” and “digital signature” are interchangeable. In the latter case, the certification authorities are called Digital Certification Entities.

EDICOM is accredited as a Qualified Trust Service Provider in Europe, a Certification Service Provider (PSC) in Mexico, and a Digital Certification Entity by the Colombian ONAC.

 

EDICOMSignADoc, a global solution for document approval with digital signature.

EDICOMSignADoc applies different types of electronic signatures in line with the relevant technical and legal specifications. These requirements depend on document type and the country of origin/destination.

As an international Certification Authority, EDICOM logs and certifies all actions taken on documents in the EDICOMSignADoc platform with an “evidence report”.

Users can upload their electronic certificates to digitally sign documents in their name.

  • Signature with unrecognized certificate: the signatory uses an electronic certificate linked to their name to sign a document
  • Signature with recognized certificate: the signatory must have a recognized certificate
  • Signature with a secure device: beyond requiring a recognized certificate, the signatory must use a secure signature creation device

EDICOM, as an international Certification Authority, offers clients the highest security guarantees in line with the ISO 27001 and ISAE 3402.

 

 

Would you like to find out more?


Ask for information.

Tags

Cloud Computing B2B Cloud Platform EDI ASP-SaaS e-Invoicing GDSN VMI VAN OFTP2 AS2 Certification Authority Digital Signature Outsourcing SLA Software EDICOM Events Expert Chat SaaS-ASP Corporate Information GS1 CFDI PAC APP Associated Facturae Data Sync NOM151 partners EDICOM Retail public administrations Acreditations Web Portal EDI NF-e einvoicing Partner Web Portal SAP EDI Health Edicomdata CRP EBI ei Payroll Portal B2B EDICOMNet edi logistics SAFT-PT Ticket Portal Avaluos business@mail EDI Manufacturers CT-e NFS-e TSD epayrolls factura electronica edi automotive customer support center comprobante de pago CAE e-billing DTE e-awb comprobantes fiscales electrónicos nfc-e eaccounting contabilidad electronica CFE comprobante fiscal electronico compliance eAWB retenciones electronicas xml-cargo peppol edicom air iata e-cargo IVA Cargo-XML EDICOMAir SUNAT Perú SEE Business Mail Payrolls recibos de sueldo EDI Auto b2g eprocurement datapool panama sii PCRDD SII AEAT NHS edi academy comercio exterior EDICOM LTA sat paperless mmog OFTP EDI Web colombia CFDI Nóminas DIAN México SAF-T VAT DESADV ASN Fatture B2B Costa Rica Complemento pagos Chorus Pro moda interoperabilidad Cancelación suministro inmediato de información european union digitalización emisión electrónica openpeppol global einvoicing factura electrónica ecuador automotive industry United States and Mexico edicom sii norway VAT compliance tax administration air freight sector UNCTAD aviso de expedición Advanced Shipped Notice Despatch Advice data synchronization peppol network peppol standards peppol european union chile tendencias interoperability interconexión SINTEL Brasil interoperabilidade foreign trade e-procurement trends digitization digital transformation SaaS edicomsii MMOG/LE latam global einvociing cybersecurity EDI financeiro white paper factura electrónica colombia fintech fashion eIDAS e-archiving ebimap SME EDICOMLta e-commerce EDI financiero russia fattura b2b B2B e-Invoicing GDPR RTIR FACe FACeB2B portugal blockchain ItalyNSO business@mailPharma vat compliance ar EDIHOSP EDICOMSignADoc

Follow us on

  • linkedin
  • rss