StepOver International GmbH delivers exclusively outside the EU. For deliveries inside EU, please select the language English-UK&Ireland. Do not show note
Electronic signatures and their secure storage are becoming increasingly important. From simple receipts to the signing of complex contracts, handwritten signatures form a vital part of our day-to-day lives. Because of this, people ask: "What are electronic signatures and how can I integrate them into my business?" With the following questions and their answers, we hope to offer you a well-founded introduction to "the world of electronic signatures".
Electronic signature refers to the data interconnected with electronic information with which one can identify the signatory and verify the integrity of the electronically signed information. In general, "signed information" refers to the electronic documents that one wants to sign (contracts, etc.) and "interconnected data" to the biometric features or unique and private certificate that refer to a person or an organisation.
With electronic signatures, some or all of the following tasks can be carried out:
Therefore, electronic signatures are used in the same way as, or more than, a handwritten signature produced on a paper document.
There are three types of electronic signature:
Note: By law, all these electronic signatures can be used as evidence before a judge within the EU.
The terms "digital signature" and "electronic signature" are often used synonymously. However, this is incorrect. The term "digital signature" describes a type of cryptographic (that is, mathematical) process, while "electronic signature" is a purely legal term and is far broader. Electronic signatures not only include the digital signature, most of the time as a certificate, but also other forms of signature that are valued for their identification of, for example, biometric features. The handwritten electronic signature captured on signature pads is an example of this.
When business proceedings are drawn out because a signature is needed, something that until that moment was done on paper, but that in reality can also be done electronically. When media transfer (creation of electronic documents, printing them for signing and scanning them to archive them) costs time and money.
Regarding the handwritten electronic signature, many talk about a "secure" signature (currently it is also called a "legally secure" signature). All of this is, in our opinion, bold to say the least. "Legally secure" has a declaration of quality, which we should not employ as users or providers of electronic signatures as, at the end of the day, it is the judge of each specific case who determines how much evidential value is attributed to a handwritten electronic signature. Therefore, we talk exclusively about signatures with evidential weight; according to the law, a judge cannot reject an electronic signature as evidence just because it is a signature produced electronically, and not on paper.
In a trial, handwritten signatures are considered "subject to inspection" (this also happens with paper signatures).
To guarantee the authenticity of an electronic signature according to eIDAS (EU norms) and E-Sign Law (US electronic signature law), the following requirements must be met:
Hence, in terms of verification of authenticity, the following irrevocable mantra exists in the EU and USA:
In summary: As you can see, the more understandable your signature solution is for the judge and the more carefully the biometric data (=identification features) are treated, the more sure you can be that your electronic signature will have major weight during the trial. In this case, the more the better!
An electronic signature (with evidential weight) must be able to reliably detect the changes made by the signatory in the document. We also speak about the integrity of documents. The detection is carried out via the application of so-called "checksums" to the signed document. To carry these out, thorough knowledge about the format of each document is necessary. Unfortunately, some document formats are not open to the public and/or are constantly modified by their manufacturers without prior warning. Long-term archiving must also be taken into account. In Germany, for example, it is common to have to guarantee access to many types of documents for 10 years. In all of these cases, it must be guaranteed that the documents remain legible by means of a visual display during this time. Because of the aforementioned requirements, there are only a few document formats that can be used. The selection is limited to PDF/A documents and TIFF documents. Due to the considerably lesser usage of TIFF format among our clients, we currently do not offer this format. The auditable format (available to the public) PDF/A is currently the chosen format both for our clients and for us. Without guarantee, but with a fairly reliable performance down to version 1.4. Microsoft Office documents such as Word, Excel, etc., do not meet the aforementioned conditions. Because of this, we strongly recommend the acquisition of a PDF/A converter (e.g. our software tool PDF Converter*).
*Our plug&sign software eSignatureOffice includes a free PDF converter (not PDF/A).
In the case of StepOver products, a patented system ensures maximum security. In short: a checksum is created on the signed documents. This checksum will come to form part of a high-security cryptographic key. With this key, the signature’s biometric data are codified and added to the electronic document in a non visible form. The image of the signature is only used as visual confirmation that the signature has been produced. If the document is modified after its signing and a check is carried out, it would check that the new checksum no longer fits with the original checksum. Consequently, the key created is not the same as that which had been created with the biometric data codified upon signing. Therefore, the decodification of the biometric data is no longer possible and the document or signature is no longer valid. In the same way, our system does not allow copying of the codified block of the biometric data from one document to another, as the checksum in this case would not be correct either and the biometric data would not be decipherable. With the aim of guaranteeing maximum security, all steps of the StepOver security process are carried out on the signature tablet itself, so that viruses and Trojans cannot intercept the biometric signature.
If you have any doubts, we recommend that you hire legal advice. StepOver cannot offer this service, as it does not employ lawyers. However, we can gladly provide information, give our opinions, and share with you our experience of more than 15 years in the electronic signature sector.
A handwritten electronic signature is, generally, as legally secure as a paper signature. However, under the law of some EU countries, electronic signatures might not offer the same possibilities as the written form. This means that in reality, you will be able to use electronic signatures in 95%-98% of habitual business cases, but not in those cases in which the law explicitly demands the use of the written form for the signature. In the US, with a few exceptions, electronic signatures can be used for all documents and comply with all formal requirements.
Besides this, the value of a handwritten electronic signature always depends on its evidential weight. The general declarations that present handwritten electronic signatures as "legally secure" or "legally binding" are not well-written; rather, they form part of the marketing.
This question cannot be answered in a general statement. In an exhaustive informative meeting with our advisory team, taking into account the existing IT infrastructure in your business and an objective evaluation of the risks and the specific scenario for application, we can give you a recommendation of what type of electronic signature is the most useful and what type of signature pads and signature software you need.
StepOver offers on the one hand its signature pads and the corresponding signature software, both products for handwritten electronic signatures, and on the other hand, webSignaturOffice, a signature solution that can also be used for signing with certificates. Both product lines offer, depending on the configuration and integration, a simple or advanced electronic signature according to eIDAS (EU norms) and E-Sign Law (US electronic signature law).