Common eSignature and Digital Signature Questions
- What is a legal signature?
- Why do we sign documents?
- What are the legal purposes of an INK Signature?
- How can we sign documents electronically?
- What is a legal digital, Electronic Signature?
- What are the differences between a static digital signature and a dynamic digital signature?
- Does it matter whether a company uses a digital static or digital dynamic signature to sign legal documents?
- What’s the difference between a digital signature on a transaction and a handwritten digital signature?
- Can you print a copy of a digital document that has been signed with a handwritten digital signature and see the signature?
- What does post validation mean?
- How does a handwritten digital signature meet the law?
- What is the difference between a handwritten digital signature and a handwritten biometric digital signature?
- What is the difference between Static and Dynamic?
- What is digital evidence?
- What is the function of an electronic signature capture control?
- At the time of electronic signature capture where is the signature stored?
A signature is the mark of a specific individual, against a specific document, at a specific time and with a specific intent.
For centuries the accepted culture for all countries and age groups, is that you make your mark to accept, agree or receipt, it is proprietary and shows ownership, trust and authority. Today with all of the technology in the world, and new laws, nothing much has changed, nor is it expected to in the near future. What has really changed is electronic transaction identification, not our signature culture.
It is a symbol of intent required by legislation and is evidence that a particular person approved a document. It is a warning or notice to the signer that he or she is entering an important legal commitment.
There is a digital alternative that meets the WET INK signature law, in countries whose laws were based on English Law. In addition, best practise technology provides digital forensic evidence for forensic document examiners, which replaces paper and wet ink interrogation processes.
Where there is a requirement by Law for a wet ink signature, certified technology meets the legal definition of a signature and associated requirements in digital form. The law regarding specific document types requiring a wet ink signature is unlikely to change and so migrating from a wet ink culture to a digital ink culture is as easy as signing your name.
Static is a digital signature and only contains an image:
- No contextual information
- No link to document
- No link to individual
- Easy to cut, copy & paste
- Not secure
- Does not meet all legal requirements
- Is very commonly used
Dynamic is a handwritten digital signature and contains:
- Contextual information
- Link to document
- Link to individual
- Cannot Copy and Paste
- Is secure
- Does meet all legal requirements
- Can be digitally forensically interrogated
Yes, it does matter. If you are signing a legally enforceable contract then you MUST use a dynamic electronic signature with biometric verification and meets all legal requirements. Dynamic electronic signatures are best practice.
A transaction is usually a x509 or similar and is hidden, and contains no contextual evidence, or digital evidence.
Yes you can.
When you extract biometric data from several documents signed by the same person (after they have been signed), then add them to a biometric engine as individual biometric templates and see which ones will register a token and which ones will not (these are usually the forgeries).
What is the difference between a handwritten digital signature and a handwritten biometric digital signature?
A digital signature captures biometric data and handwritten signature does not. Both are legally acceptable in a court of law.
Static is a scanned signature or a photo of a signature, dynamic is a signature captured live.
Digital evidence is data captured by each signor when they sign the document, it can be date, reason, time, driver license number, machine ID, OS, device ID etc.
It captures the behaviour pattern of the signor; it captures digital evidence, and triggers a hash. All three are then bound using des 3 des to the document.
Best practice is that the signature is never stored, only the signature data is stored in an encrypted file.