Ver versión en Español
A comprehensive electronic signature service covering all the market’s needs
Thanks to TrustCloud, any company is able to securely sign digital documents and use all the electronic signature solutions (simple, advanced, qualified and biometric), being able to launch for each transaction a signature typology and even several simultaneously.
TrustCloud E-Sign is a qualified service in charge of managing the signature process from beginning to end, combining it with other secure digital transactions such as the signer’s identification or the validation of his identity document.
TrustCloud Sign functionalities
Types of electronic signature
The most basic version of electronic signature is known as simple electronic signature, and the European Regulation eIDAS defines it as data in electronic format attached to other electronic data or logically associated with them that the signatory uses to sign.
We can find this type of signature in examples such as:
- Entering a username and password.
- Using a coordinates card.
- Mark the checkboxes as confirmation/consent method.
The advanced electronic signature is the electronic signature that enables the signatory to be identified (identity) and to detect any subsequent change in the signed data (integrity). It is also uniquely linked to the signatory and has been created by means that the signatory can keep under its exclusive control.
An advanced electronic signature based on a qualified digital certificate and generated by a secure signature-creation device is considered a qualified electronic signature (“qualified” under the previous regulations). A qualified electronic signature has the same value as a handwritten signature for data in electronic form as a paper signature. The qualified signature is the one generated, for example, with the digital certificates of the FNMT (in Spain, the National Mint and Stamp Factory) or the Chamber of Commerce (Camerfirma), and with the electronic ID as long as it is carried out in a qualified HSM (Hardware Security Module) of a CA (Certificate Authority).
Considering the importance of secure digital transactions within the current and global economic system, and with the aim of promoting a single common digital market and establishing a Community legal framework for the use of electronic signatures and other trusted services, Regulation 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trusted services for electronic transactions in the internal market (“Regulation eIDAS“) was adopted, creating a secure and reliable virtual environment for all European citizens for their electronic transactions.
This standard is fully applicable in all the State Members of the European Union since July 2016, repealing both the previous Directive 1999/93/EC on electronic signatures and those national laws and regulations whose content is contrary to the provisions of eIDAS.
Difference between digital, electronic and biometric signature
A digital signature is a cryptographic technology that allows the recipient of a digitally signed message to identify the entity that created the message (in order to authenticate the origin and not to be repudiated), and to confirm that the message has not been altered since it was signed by the sender of the document to the signature (i.e., to guarantee its integrity).
The digital signature is a more extended concept than the electronic signature, since it refers to a series of cryptographic methods, while the concept of “electronic signature” is fundamentally legal.
According to the legislation, the electronic signature is the set of data relating to a person recorded in electronic form, and that together with others or associated with them, can be used as a means of identification of the signatory.
On the other hand, the biometric signature is a type of digital signature that makes use of the physical intrinsic features of the signatory (fingerprint, iris, trace used when signing with a digital pencil…) to create the signature’s image/graph and proceed to its identification.
The biometric signature is a technology that allows capturing the image of the handwritten signature through digital tablets with the biometric data of the signatory – speed, writing acceleration, pressure, inflections, direction changes and pencil movement.
These characteristics identify the signatory in a unique way as these are features that are inherent to the person and allow each individual to authenticate uniquely.
Application of the biometric signature
Like other electronic signatures, biometric signatures make it possible to sign documents without the need for paper. Any type of business or personal transaction can be done with this technology.
Through digitizing tablets (or other devices prepared for the biometric signature) the parties can conclude agreements, complete contracts, and all this with a high level of reliability similar to the handwritten signature on paper, with the same legal validity. This is because the document is saved not only with the signature of the signatory, but also with the biometric data of the same, which will be attached to the document. The entire set of evidence will be encrypted and properly stored to ensure its authenticity and security.
Benefits of biometric signature
By being able to dispense with paper, inks, printers and other drawing materials, companies will be able to generate greater savings and a more positive impact on the environment. Also, signature documents, being digital, can be exchanged and processed remotely, without wasting time and travels for meetings.
In addition, biometric signature technology has the following advantages:
- Fraud and repudiation prevention: which is possible following the identification of the signatory at the time of signature.
- Signature guarantee: the signature process does not allow the completion of a signature process until all requested signatures have been captured.
- Document and signature audit: the technology facilitates the verification of the authenticity of the documents and their respective signatures.
- Improved processes: digital processes improve all types of personal or professional management, increasing their efficiency and transparency.
What is the difference bewteen e-signature and electronic signature?
They are both the same. Just as the term e-mail designates the exchange of electronic mail, e-signature is a way of naming the electronic signature. In effect, it is a legal way of obtaining reliable consent or approval on electronic documents or forms.
Are all types of electronic signatures equally secure?
No. While the simple type cannot always guarantee who has made the signature (since it does not offer sufficient data to prove the identity of the real signatory), the advanced and qualified electronic signature can prove it, and generate other data of probative value that ensure the authenticity and intentionality of the electronic signature. In addition, the qualified signature with a qualified certificate depends on a physical object that contains the source for electronic signature, and which is under the control of its holder after identification in person at a public certification authority. An example of qualified signature with qualified certificate would be to sign electronically through the chip contained in some ID cards, which can only be accessed with a suitable card reader (HSM).
Which electronic signature is best to use?
It depends on the use case, the security that needs to be obtained and the usability that is wanted to be offered, since a more secure electronic signature implies a more complex user experience. For example, the acceptance of conditions of an online purchase is usually done by simple signature with a checkbox, since it is not necessary to know who is buying. On the other way, online procedures with Public Administrations require a qualified signature, since it is very important to know which citizen is requesting and executing the procedure, and if he/she really intends to do it.