What is a Digital or Electronic Signature and How it Works
Thanks to the digital signature, it is now possible to sign a document electronically with a legal value similar to a handwritten signature. We explain what is digital or electronic signature is and how it works.
The Digital Signature Authentication Rules
The digital signature (also known as electronic or digital signature) is a method that makes it possible to ensure the authenticity of an electronic document and to identify the author thereof. It must meet 7 properties necessary for the security of the document and the data transmitted:
- Identify a Signatory
- Ensure that the document has not been modified between the time of signing and the time of consultation
- Be authentic, that is, the identity of the person must be displayed clearly.
- Be forgery-proof, under no circumstances can a person impersonate the user concerned.
- Be non-reusable, the signature is an integral part of the document in question and cannot be moved to an annexed document.
- Be unalterable, once signed, a document can no longer be modified.
- Be irrevocable, the user who signed the document cannot deny his commitment and his responsibilities.
How does an Electronic or Digital Signature Work?
A digital signature has 2 main processes. First, there is the signature of the document, and secondly the verification of this document.
The document is signed in 3 simple steps: First, the document data is “ hashed ” (The document has a fingerprint, this is the document identifier. It is in binary. Example: 101100110101). The document is then signed. The signature also has an identifier in binary. (For example 111101101110). Finally, the data of the certificate and the signature are related.
The verification of the signed document also takes place in 3 stages: First, we have our two data dispersed (the imprint of the document and the imprint of the signature). The document data is “ hashed ” and the signature key is decrypted in turn. The last step is to compare the document identifier and the signature. If these are identical before sending and after verification, then the signature is valid.
In short, a certified document with two identifiers (the document and the signature). These identifiers are encrypted before sending and then decrypted after sending to compare the accuracy before and after sending.
Regulation of Digital Signatures
The digital signature has been used in Europe since the beginning of the 2000s, but it was during the summer of 2016 that its legal value gained credibility with minimal regulations throughout Europe. The eIDAS regulation takes effect the same year.
There are 3 recognized levels of signatures:
- Electronic Signature: It can be simply limited to a name written at the bottom of an electronic message. A signature is not required for this level.
- Advanced Electronic Signature: This level requires a digital signature with encrypted data (unreadable by third-party users).
- Qualified Electronic Signature: This level adds an additional reassurance factor for the user and makes it possible to guarantee the identity mentioned on the certificate with the identity of the user who received the certificate in question). The identity must then be verified face to face with a certified trusted third party.
Also Read: Best Free PDF Readers