Electronic signatures

Put simply, the electronic signature is the digital counterpiece to the hand written signature on paper. From the technical and especially the economic point of view, there is a lot more behind it. The electronic signature is applied to unambiguously identify the signatory of an electronic document. Moreover the electronic signature guarantees that the signed document is not modified by third persons on its way to the recipient.

How does electronic signatures work?
A system of two different electronic keys is applied, a private and a public key. These keys consist of a huge sequence of numbers. As there exists an unlimited number of different possible number combinations, individual keys can be assigned to individual persons. The individual respectively private key unambiguously identifies its owner. Usually it is stored on a smartcard. A system with different pairs of keys is called Public Key Infrastructure (PKI).
More about Public Key Infrastructures

Signing with the private key
The private key is confidential – the public key is available to the public. If a sender of a document signs with a private key, the recipient can – by means of the online requested public key – verify the authenticity of the signature and if a document has been modified during transfer. The identity of the sender and the integrity of the document are unambiguously verified.
More about the functionality of the electronic signature

Is “electronic“ the same as “digital“?
Many users and signature software providers, e.g. OpenLimit, utilize the terms "electronic signature" and "digital signature" synonymously. Indeed, this is not completely correct. Whereas "digital signature" is a technical term and describes a certain cryptographic procedure of the signing process, the term "electronic signature" belongs to the legal terminology. One can say that the execution of a digital signature generates an electronic signature.

The electronic signature in Europe
The starting point for signature legislation in Europe is the Directive 1993/93/EC from the European Union. All European countries enacted own signature laws based on the Directive. The different laws define the electronic signature and divide it in different security levels. Often a division into three parts is applied. Corresponding to the European Directive electronic signature ’means data in electronic form which are attached to or logically associated with other electronic data and which serve as a method of authentication’. The advanced electronic signature provides a higher authenticity. The signatory can be unambiguously identified and ‚any subsequent change of the data is detectable’. The qualified electronic signature offers the highest security level. Here the signatory has to confirm the electronic signature by entering a PIN in a card reader connected via USB. Moreover, the private key used for signing documents has to be issued by an authorized provider.
More about signature legislation in Europe

Infrastructural requirements
To electronically sign a digital document in a legally compliant and secure manner, several components are required. The signatory needs a private key from an authorized certification authority. Usually it is delivered on a signature card with a memory chip. In addition a card reader with PIN entry is needed. And of course, a special software for creating and verifying the electronic signature, is required.

Electronic signatures