A new age of digital signatures is upon us
The increased adoption of digital signatures should not come as a surprise: many businesses are trying to digitalise their everyday processes, and digital signatures are both reliable and secure due to several features, and are increasingly easy to use.
What are digital signatures?
The term “digital signature” is often used interchangeably with that of “electronic signature”, but they are not the same.
Typical electronic signatures can use a variety of methods for authenticating signers — e-mail addresses, corporate IDs, or phone verification — but digital signatures use one specific method: a certificate-based digital ID.
“Looking at the actual process, to sign a document with a certificate-based digital signature, the user must obtain a digital ID (typically issued by a trusted third-party certificate authority) or create a self-signed digital ID,” explains Mark Greenway, Director of Digital Media, Mobile & Document Cloud EMEA at Adobe.
“This digital ID contains a private key and a certificate with a public key. The private key is used to create the certificate-based signature. The certificate is a credential that is automatically applied to the signed document.”
“When applying a certificate-based digital signature, Adobe’s Acrobat software for example uses a ‘hashing algorithm’ to generate a message digest, which it encrypts using your private key. Acrobat then embeds the encrypted message digest in the PDF, certificate details, signature image, and a version of the document when it was signed,” he further notes. “This means that any changes to a document can be easily viewed, and the data itself is encrypted and is useless if stolen.”
The great thing about a digital signature on a document is that nobody can change or edit the file without destroying the validity of the signature.
Using digital signatures is getting easier by the day
Adopting digital signatures is surprisingly simple. Adobe Sign, the company’s e-sign solution, is integrated into enterprise systems such as Microsoft SharePoint or Salesforce.
These integrations make it easy to request signatures from others, track progress, and archive documents securely, without ever leaving the original application. There is no great learning curve, and no changes in the organization are required.
The company chose to use a vendor independent, open standard API specification for signing documents using ‘remote’ or cloud-based digital signatures in its new cloud signature offering in Adobe Sign.
The standard, developed by the Cloud Signature Consortium in June 2016 and released for public comment, came to life shortly before the EU’s regulation on electronic identification (eIDAS) became legally binding.
The regulation provides a common legal framework for understanding and categorizing e-signature processes. It makes it easier for citizens and businesses within EU member states to understand the uses of e-signatures, and gives e-transactions and other e-signed documents the same legal status as those that are paper-based.
“Thanks to the security and encryption in place on digitally signed documents through this common standard, businesses can alleviate their concerns around adopting them. The business benefits are extensive, such as offering cross-border document authentication, instant verification of transactions and multi-tiered authentications – all essential to businesses operating more productively, in an increasingly digital and mobile environment,” Greenway explains the benefits.
The Cloud Signature Consortium, of which Adobe is a member, is planning more things in 2017, including some new work on validation and automated ID enrolment process.
“We also expect that among ourselves many of the members will help create solutions that enable our customers to take advantage of the standard in their every day document processes,” he added.