Electronic Signatures vs Digital Signatures Explained

The term "electronic signature", or eSignature (eSign) is broadly used to encompass all types of signatures created electronically, but there are some significant differences

With Confidence.


Book a Demo

Book a Demo - Above Footer

Electronic Signatures vs Digital Signatures Explained


To better understand electronic and digital signatures, you need to understand signatures in general. Let's take a look at the evolution of the signature - from handwritten, to electronic, and finally to digital signatures.

Handwritten signatures


"Handwritten signatures" are created when a person makes their mark by hand, on paper, using ink.

Most people are familiar with handwritten signatures. Historically, these were the most accepted method of legally binding a person to a contractual commitment.

Authentication of the signer's identity is confirmed by introducing another signer (co-signer or witness). The co-signer must be present at the time of signing. By co-signing, they confirm identity of the first signer.

Non-repudiation is very difficult with handwritten signatures, as it requires a forensic handwriting expert to prove non-repudiation.

Although far from perfect, and open to forgery right from the outset, handwritten signatures served their purpose, for a while.


Global Legal Acceptance
VERY HIGH

NON-REPUDIATION
LOW

Electronic Signatures Explained


The need to sign documents electronically emerged when business transactions started migrating to digital processes.

As is often the case with new technologies, different opinions are formed before global standards are created. Electronic signatures are a prime example of how different opinions can create confusion in technology law.

Although many countries still accept electronic signatures, there is no official standard for them. So they too are more susceptible to forgery and non-repudiation is almost non-existent. Again, to prove authenticity, evidence is needed.

In essence, an electronic signature is nothing more than a digital image attached to an electronic message.

The very basic form of an electronic signature is when you write your name at the bottom of an email, for instance, "Regards, Mark". In many instances of eSign law, this form of signature still binds the sender to the content, making it legally binding under statutory provisions for ordinary electronic signatures.

Electronic signatures have been serving their purpose as a stepping-stone technology, while standards are being created and laws agreed upon, but their days are numbered.

Electronic signatures will always have their place. After all, they are fast, user-friendly, and very convenient. But if you're going to sign a legal contract that could end up in court, an advanced eSignature - or digital signature - is the way to go.


Global Legal Acceptance
MEDIUM

NON REPUDIATION
LOW

IDENTITY OF SIGNER
LOW

CONTENT PROTECTION
LOW

Frequently Asked Question:

What type of signature is it when you print and sign a document, then scan and e-mail it?

This question presents another interesting case on how modern technology can create confusion in the absence of updated law.

The fact is, without the presence of the original paper document that has the wet-ink signature on it, the electronic copy is nothing more than a basic electronic signature. Therefore, the signature is open to scrutiny and has no standing in a court of Law.

Instead of asking a customer to print, sign, scan and email a document, rather circulate the document via workflow and sign it with an auditable digital signature.

Digital Signatures Explained


Digital signatures are also known as advanced electronic signatures (AES), qualified electronic signatures (QES) or trusted electronic signatures.

Across the world, digital signatures are fast becoming the only legally accepted replacement for handwritten signatures. Digital signatures offer inherent security and non-repudiation, which cannot be found in electronic signatures.

Digital signatures make use of a technology known as public-key infrastructure (PKI) cryptography. Not only does this address non-repudiation in a court of Law, but it also protects the integrity of documents and makes them tamper-evident.


Global Legal Acceptance
HIGH

NON REPUDIATION
STRONG

IDENTITY OF SIGNER
STRONG

CONTENT PROTECTION
VERY STRONG

Digital signature layers

What is the difference between Electronic and Digital Signatures

Electronic signature layer
The top layer of a SigniFlow digital signature is an electronic, graphical image. This represents an individual's handwritten signature. The image only has to be captured once, after which the system automatically layers the graphic image in the digital signature.

PKI signing key
Next, the top-middle (yellow) layer embeds a body of evidence about the signer and the process in the X.509 certificate. It embeds the identity of the signer, a trusted timestamp, and the public key needed to verify the signature.

Digital signature layer
The bottom-middle (red) layer stores security information about the document and the signing ceremony. When the signature is applied, it creates an encrypted hash of the document, which is signed and embedded in the PDF.

Electronic document
Every time the signature is verified, a new hash code of the document is created and compared to the original one. If so much as one Bit in the document has changed, the verification will fail. This makes the document tamper-evident.

What is an Advanced Electronic Signature?


Advanced Electronic Signatures (AES or AESign) and Qualified Electronic Signatures (QES) are standard digital signatures, but with a higher-class digital certificate.

Depending on your country, these certificates are usually issued in a face-to-face meeting, where the RA (Registration Authority) follows each CA's (Certificate Authority) pre-approved process to validate identity before issuing AES or QES certificates. These certificates are always stored on a highly secure and protected device, like a FIPS140-2 Level 2 or 3 HSM (Hardware Security Module).

SigniFlow is certificate agnostic, meaning it can sign with any of these certificates. Once the certificate is issued, you set up your SigniFlow account to point to the location of your certificate. Every time you sign, SigniFlow uses your personal digital certificate to cryptographically sign the document.

These types of signatures are the most compliant of all signatures for electronic documents.

How to verify Digital Signatures


Verifying a digital signature created requires minimal effort.

First, open the document in Adobe Acrobat® Reader. The top bar will indicate the validity of the signature on the left. If the document has changed since it was signed, the Adobe Trust indicators will show red or orange exclamation marks. This indicates that the document has been tampered with.

Then, by opening the pen icon in the middle of the left vertical bar of the PDF reader, you can view additional audit information, such as the signer's identity, TSA (Timestamp Authority) timestamp, LTV (Long-term Validation) and other properties.

SigniFlow only uses Adobe Approved Trust List (AATL) certificates to sign documents, which means every signature in the document is a digital signature that can be verified.

Additionally, you can find the signature in the document and click on it.  The signature validation status, containing all of the signatory's information, will pop up. By going into the Signature Properties section, you can view further details of the certificate.

How to verify a digital signaure

eSignatures


The only eSignature platform that allows you to choose between Electronic Signatures and Digital Signatures at no additional cost.

SigniFlow offers two types of signatures to all users. When setting up a workflow, users can set the signature type per recipient.

Request the faster, more convenient Electronic Signature for more basic contracts or internal approvals;

Or ensure maximum security and compliance with regulations by using SigniFlow's trusted free Digital Signature.

In addition, SigniFlow supports all types of internationally accredited Advanced Electronic Signatures (AES) and European Union accredited eIDAS Qualified Electronic Signatures (QES).


Effortless eSignatures, backed by big security
SigniFlow Sales - Portfolio to PO

Core eSignature Features

Included in Business License

The race to zero emissions is on

Features


Businesses everywhere have spoken - and we've listened. We get you. Dealing with customers and suppliers, each with their own systems and processes, can be a tedious task.

You need more than just eSign workflow. You need an intuitive tool that understands your day at the office.

Request More Info


Talk to our Sales Team about
all your business needs.

Contact Sales
We get your office hours
Finally, a software company that has actual people giving its customers - and their customers - 24/7 online support, for free. Our support ninjas are the best in the game.
Industry-leading infrastructure
Connect to any of our 8 international data centres and experience true 99.9% uptime. Over the past 24 months, we've exceeded our 99.5% uptime target across all regions.
IT Security Management
Our Information Security Management System is ISO27001:2013 certified and our Quality Management System is ISO9001: 2015 certified by TÜV Rheinland.
Compliance is our game
SigniFlow's international, segregated security infrastructure ensures customer data is processed in accordance with the most stringent international privacy and cross-border data protection laws, such as GDPR, LGPD and POPI.


Image
Image
Image
Image

all features

Deployment Options


Image

Cloud (SaaS)


Get your business online in minutes
Connect to any of our global Cloud services in your region. Register for a free trial account or get yourself or your business online in minutes by visiting our eSign License Plans and subscribing today.
Image

Your Cloud


Own your deployment
SigniFlow's Hybrid technology allows you to deploy SigniFlow in your favourite Data Centre. We support Hypervisor Vitual Machine (VM) and modernised containerised cluster deployments, like Kubernetes.
Image

On-Premise


Bring it in-house
SigniFlow Hybrid technology caters for the most demanding of security use-cases. Deploy SigniFlow in your Server room on a HyperVisor Virtual Machine environment and connect it to your legacy systems.
Image

Hybrid


Technology so powerful, it's changing the game
SigniFlow Hybrid technology allows any customer, in any location, to rapidly deploy their own SigniFlow instance in almost any environment, and any location.

deployment modes

Why choose SigniFlow?


Increased Security

World-class, industry-leading modern infrastructure and technology that addresses the security use case.

More Choice

Brand it your way, deploy it where you want it, and sign with the compliant eSignature type of your choice.

Simplicity

A solution that offers peace of mind and simplicity, without compromising on security or compliance.

Affordability

There is no reason to pay the prices our competitors charge. Get a quotation from us and compare.

Request a Quote

24/7 Online support

We understand your office hours. SigniFlow offers 24/7 online support to all customers.

No matter where you are and no matter what time it is, we are always online to help you meet your deadlines.


SigniFlow 24/7 Support