*** Welcome to piglix ***

Electronic signatures


An electronic signature, or e-signature, refers to data in electronic form, which is logically associated with other data in electronic form and which is used by the signatory to sign. This type of signature provides the same legal standing as a handwritten signature as long as it adheres to the requirements of the specific regulation it was created under (e.g., eIDAS in the European Union, NIST-DSS in the USA or ZertES in Switzerland).

Electronic signatures are a legal concept distinct from digital signatures, a cryptographic mechanism often used to implement electronic signatures. While an electronic signature can be as simple as a name entered in an electronic document, digital signatures are increasingly used in e-commerce and in regulatory filings to implement electronic signatures in a cryptographically protected way. Standardization agencies like NIST or ETSI provide standards for their implementation (e.g., NIST-DSS, XAdES or PAdES). The concept itself is not new, with common law jurisdictions having recognized telegraph signatures as far back as the mid-19th century and faxed signatures since the 1980s.

An electronic signature is intended to provide a secure and accurate identification method for the signatory to provide a seamless transaction. Definitions of electronic signatures vary depending on the applicable jurisdiction. A common denominator in most countries is the level of an advanced electronic signature requiring that:

Electronic signatures may be created with increasing levels of security, with each having its own set of requirements and means of creation on various levels that prove the validity of the signature. To provide an even stronger probative value than the above described advanced electronic signature, some countries like the European Union or Switzerland introduced the qualified electronic signature. It is difficult to challenge the authorship of a statement signed with a qualified electronic signature - the statement is non-reputable. Technically, a qualified electronic signature is implemented through an advanced electronic signature that utilizes a digital certificate, which has been encrypted through a security signature-creating device and which has been authenticated by a qualified trust service provider.


...
Wikipedia

...