Understanding e-signatures: the key differences and requirements

With e-signatures being increasingly used in the business world, we explore the key differences and requirements

The modern business world is a long way down the digitisation road, so it’s no surprise that more and more people are signing documents electronically from the comfort of their own homes. E-signatures are now part and parcel of the new normal and have now almost entirely replaced wet ink signatures for sales contracts, vendor/supplier agreements, HR paperwork and more.

E-signatures are legally binding and have precedence in court, so you can rest assured that they are just as valid as traditional signatures. Plus, the ability to sign documents from anywhere in the world provides much more efficiency and convenience.

Organisations can use e-signatures to significantly streamline administrative processes, save time and reduce paper waste. But not all e-signatures are the same. The EU eIDAS regulation – applicable across Europe and the UK defines three types of e-signatures: simple, advanced, and qualified. Each has different characteristics that affect their legality and enforceability. Here’s a closer look at the differences.

1. Simple electronic signatures

Simple electronic signatures, as defined by the EU, cover almost any form of electronic message associated with an individual. This includes email signatures, e-cards, and even free e-signature tools that you might use in your personal life.

There is no universal answer to whether simple e-signatures are legally admissible. It depends on the jurisdiction and how the signature was added. However, it is unlikely that anyone will take you to court to prove that your e-signature or greeting in a birthday card belongs to you. In the UK, there have been two contrasting rulings on the legal status of e-signatures. In 2006, a court ruled that automatically generated email signatures were not legally binding as they didn’t provide sufficient evidence of the signatory’s intent. However, in 2014 another court ruled that a regulated agreement under the Consumer Credit Act 1974 could be signed electronically using a simple e-signature, setting a liberal precedent around e-signature legality.

2. Advanced electronic signatures (AES)

Advanced electronic signatures offer a number of advantages over simple e-signatures. They can be used to identify signatories and track any changes made to signed documents. AESs also rely on public key infrastructure (PKI) which gives them added security and legal authority compared to simple electronic signatures.

AES’ meet certain requirements laid out in EU law and are generally considered to be admissible as evidence in legal proceedings. This all makes them ideal for business applications that naturally come with a higher level of risk or contracts such as rental agreements, copyright contracts, and personal insurance.

3. Qualified electronic signatures (QES)

The final e-signature pillar, a QES is considered to have more probative value than an AES, which means that courts will give more weight as evidence. The first key difference is that they offer a higher level of security than AES. This is because qualified signatures are created using a qualified signature creation device (QSCD), which stores the signing key. Examples of physical QSCDs include smart cards, SIM cards or USB tokens.

It’s also possible for signatories to create a QES without having a physical device in their hands. In this instance, signatories remotely access a signing key, which is stored in a trusted service provider’s data centre. This is often the preferred choice for organisations since it streamlines device management.

A QES must also be based on a ‘qualified certificate for electronic signatures’, which is another key difference between an AES and a QES. Only ‘Qualified trust service providers’ (QTSPs) listed on the European Union’s trusted provider database can issue this certificate. To become a QTSP, organisations must successfully complete a series of evaluations and audits that ensure compliance with eIDAS regulations.

Don’t forget about timestamping

Many organisations use timestamping – which establishes the sequence of events by linking documents to exact times and data – to enhance their e-signature processes and support legal cases.

Organisations that choose to use timestamping in conjunction with e-signatures can create a more robust and legally binding process. According to eIDAS regulation, qualified timestamps must meet certain requirements in order to be enforceable. They must be unmodifiable, based on coordinated universal time, and provided by a QTSP. Qualified timestamps are valid for up to 30 years, whereas electronic and digital timestamps do not have the same legal validity.

Choosing the right e-signature solution

The EU’s eIDAS regulation requires businesses to use electronic signatures that are secure and provide a high level of legal protection. However, it can be difficult to understand all the different types of e-signatures and the one which is the best fit for your business.

That’s why it’s important to take the time to review your e-signature processes, understand your specific business requirements, and make sure you implement a solution that provides sufficient legal protection.

If you want to take your business to the next level with Actalis’ e-signature tools, please visit: https://www.actalis.com/electronic-and-digital-signatures?utm_medium=content&utm_source=information-age&utm_campaign=actalis_en_content_solutions_rlyl&utm_content=&utm_term=

Related:

Electronic signatures: please sign on the digital line — Exploring the advantages that electronic signatures can bring to businesses.

How to inspire and empower your remote or hybrid workforce — Four experts explain how organisations can inspire and empower your remote or hybrid workforce.