2020 has definitely been an eventful year for all of us and I have never experienced anything like it before in the 30+ years that I’ve lived.
Covid-19 has affected our lives negatively in many different ways but it has also changed the way we do things positively, in some cases.
Since working from home became the norm for most of us, physical signing of documents became a big bottleneck. We had a surge of inquiries asking for solutions to help solve people’s problems of having to sign documents digitally.
There were questions repeatedly asked by many and here are the top 3 questions asked:
Differences between an electronic signature and a digital signature
Typical examples of e-signatures can be a type-written signature, drawing the signature using your mouse or stylus or uploading an image of a handwritten signature.
A digital signature on the other hand, uses a mathematical technique (asymmetric cryptosystem and hash function) to create an electronic signature that can be digitally validated to prove the authenticity and integrity of a message, software or digital document.
Are electronic signatures and digital signatures legally binding?
The answer to this is that it depends on the legal system of a particular jurisdiction. In the case of Singapore, both electronic signatures and digital signatures are considered legally binding under the Electronic Transactions Act (ETA) although there are certain documents (e.g., wills and mortgages documents) which are excluded under the act and still require wet-ink signatures.
The ETA also stipulates that a secure electronic signature, which is an electronic signature that meets certain criteria be given legal presumption in the court of law of Singapore.
An interesting point to note is that a digital signature created by Netrust issued digital certificates fulfil the criteria to be a secure electronic signature.
More information about the ETA of Singapore can be found at the Singapore Statutes Online website.
How do we validate documents signed electronically?
For e-signatures created using e-signature workflow systems, audit trails of information (e.g., timestamp of the e-signature request, IP address of the user who requested the e-signature, browser the user was using at the point of an e-signature, etc.) are typically kept as evidences to be used to validate the e-signatures.
For documents digitally signed by digital certificates issued by a trusted Certificate Authority (CA), for example, Netrust, they can be easily validated using widely used document readers like Adobe Acrobat Reader for the case of a PDF document or Microsoft Word for the case of a Word document.
These widely used document readers maintain their own lists of trusted CAs which automatically trust documents digitally signed by the certificates issued by them.
CAs need to fulfil certain criteria set by the respective document reader manufacturers before they can be added to the respective list of trusted CAs.
Some examples of CA trust programs are Adobe Approved Trust List and Microsoft Trusted Root Program.