The electronic signature and eIDAS
What does it mean for your company?
More and more companies are choosing to sign their contracts with digital signatures. These offer various advantages compared to written signatures, such as added security and convenience. The law distinguishes between various types of electronic signatures, with different legal value. In this blog post, we highlight the main benefits and issues.
In an increasingly digitised world, printing out and manually signing documents seems almost anachronistic: it is laborious, time-consuming and not particularly secure. As a result, more and more companies are replacing traditional signatures with electronic or digital equivalents. The Chief Information Officer (CIO) is often the driving force behind the use of digital signatures. After all, this is fully in line with the values that ICT managers feel strongly about:
You can be sure that the signed document comes from the person who digitally signed it. This is not the case with a letter or email without a digital signature.
The trust between the sender and the recipient is guaranteed.
You can be sure that the message has not been altered between the sender and the recipient.
The author of the message or document cannot subsequently dispute or cast doubt on whether or not they sent it.
In addition, factors such as user-friendliness and cost efficiency come to the fore. And by choosing a digital signature, you eliminate the unnecessary printing and scanning of documents – which is also good for the environment, of course.
Three types of signatures
European Regulation (EU) 910/2014, better known as eIDAS (electronic IDentification, Authentication and trust Services) defines a legal framework for the various types of digital signatures. It distinguishes between three types of digital signatures with different levels of security, the degree to which they guarantee the integrity of the documents and their ability to identify the signatory. Before implementing the use of a digital signature, it is therefore best to determine which method is appropriate for the documents circulating within your organisation.
‘Normal’ or simple electronic signature
This is the most accessible electronic signature. For example, this might involve a scan of a document with a manual signature or the signature at the bottom of an email. It offers less certainty about the true identity of the signatory (authenticity and non-repudiation) and opens up a loophole for making further changes afterwards (integrity).
Advanced electronic signature
The advanced electronic signature uses asymmetric cryptography. It involves two unique codes that are inextricably linked: a public key and a private key. Together, they form a pair of keys. A copy of the public key is passed to the party with whom you wish to communicate, while the private key is only known to the owner of the key. The information to be sent is secured with a public key in such a way that only the owner of the corresponding private key can decrypt it. A certification service provider records exactly which public key belongs to which person in a digital certificate.
Although the advanced electronic signature has a certain legal evidential value, it does not automatically qualify as a legally valid alternative to a handwritten signature. A well-known example is verification by means of a username and password within an application.
Qualified electronic signature
The qualified signature is the only electronic signature in the European Union that is considered the full legal equivalent of a handwritten signature. In order to obtain a qualified signature, it must not only be advanced but must also be created by a qualified signature creation device and based on a qualified digital certificate. Examples include the combination of a Belgian eID and a smart card reader.
Areas of application
There can be no doubt that electronic signatures offer various advantages, but for which types of transactions might this technology prove useful? In fact, it applies to virtually all processes for which signatures are required, from the signing of purchase and sales contracts to employment contracts, quotations, rental contracts, assessment forms and so on.
Electronic signatures are optimally suited to transactions on the road, for example for digitally signing and immediately storing proof of hours worked or parts used on location. We expect the use of electronic signatures to increase significantly, both inside and outside companies, definitely seen the current circumstances.
Digital signature solution in the cloud
Our own solution, SignHere, paves the way for numerous applications of electronic signatures. It offers various options, from simple signatures (sent by email or SMS) to qualified eIDAS signatures with legal validity that use an eID or Itsme. Once the user has created an account, he or she can upload any document such as invoices, employment contracts, attendance lists, minutes, contracts, VAT certificates, insurance policies, etc. The recipients will receive an email from which they can click through to the document and sign it immediately, wherever they are and on any device with an internet connection. SignHere also offers digital signatures as a cloud service.