A digital signature is an electronic signature with the added advantage of digital authentication technology. Put simply, digital signatures provide the evidence of origin, identity, and status of electronic transactions and documents. They provide a layer of validation and security making them more difficult to forge than a handwritten signature.
Digital signatures ensure end-to-end message integrity, prove the identity of the organization that created the digital signature, and confirm that the information originated from the signer and was not altered. If any change was made to the signed documents, it would invalidate the whole transaction.
In many regions, including the U.S., EU, and APAC, digital signatures are considered legally binding and hold the same value as traditionally signed documents.
Based on technology and security levels, the main types of digital signature are:
Considered the most basic, these do not require strong ID verification or signer authentication. Uploading a scanned image of the signature, or checking a box to indicate consent of agreement or acknowledgment is sufficient to authenticate the transaction. Most common examples include standard e-commerce purchase transactions or any simple form that needs digital signing
These signatures reliably identify the signer and establishes a link between the signer and the signature. In AES signatures, signers are asked to produce a unique access code during and after the signing process and use a valid document to confirm their identity. When the signer sends the signed document, a Certificate Authority (CA) issues a certificate authenticating the electronic signature. AES uses a PKI (public key infrastructure) digital signature technology to satisfy the requirements for an electronic seal approval. A common example is candidates accepting offer letters from companies after receiving a pin or code from HR and sending back the signed document with a scanned copy of their valid ID like a driver’s license
These are one step above AES. They offer the highest level of trust by meeting additional requirements outlined in regulations like eIDAS, ESIGN, and others. A QES is issued only after a third-party CA gives prior identification of the signatory remotely via video chat or in person. Such signatures are bound using a multi-step procedure based on double-factor verification and encrypted keys
Both terms are often used interchangeably but that is not the case. An electronic signature is a legal term defining what constitutes a record of intent to form an agreement, while a digital signature is a digital authentication technology.
Put simply, an electronic signature is similar to a digitized handwritten signature verified with the signer’s identity such as email, corporate ID, or phone number. A digital signature, on the other hand, is more secure and tamper-evident. The document is encrypted and information is permanently embedded, so if a user tries to commit any changes to the signed documents, then the digital signature will be invalidated.
Several countries have written laws to define an electronic signature. For example, the ESIGN Act of the U.S. defines it as a sound, symbol, or mark, made with the intent to sign. Only a few electronic signature services combine electronic signature capture processes with digital signature authentication technology to give a record of the agreement that is court admissible with strong evidential weight.
Learn more about difference between a digital signature and electronic signature
Digital signatures employ the industry-standard technology called PKI or public key infrastructure that ensures data authenticity and integrity. PKI uses an algorithm to generate two keys – one public and another, private. For a digital signature to serve as proof of authenticity, integrity, and identity, it needs matching cryptographic hashes.
When a signer signs the digital documents, a cryptographic hash is generated – let’s call it Hash1. This Hash1 is encrypted and attached to electronic documents with the help of the sender’s private key. The receiver opens the digital documents by decrypting the encrypted hash (Hash1) with the sender’s public key certificate. A cryptographic hash is generated again on the recipient’s end – let's call it Hash2. When Hash1 and Hash 2 match, it confirms that the electronic documents have not been tampered with and are legally valid.
Creating a digital signature is very easy. All you need to do is authenticate as per the Certificate Authority’s requirements when you receive a document for signing via email and proceed to “sign.” Most of the eSignature providers walk you through the entire process.
Yes, they are legal in several countries around the world. Various regions including the European Union and countries, including the U.S., UK, France, Australia, Singapore, Germany, Switzerland, and more have enacted regulations for eSignatures. Visit our legal page for more information on region-specific laws.
PKI is key to creating digital signatures. Each digital signature transaction is carried out with a set of two keys – one public and one private. PKI holds the critical information on the cryptographic public keys that are connected to a digital certificate, which authenticates the device or user sending the digital communication.
A Certificate Authority (CA) is a third-party organization responsible for ensuring the security of keys that generate digital certificates. As digital signatures rely on public and private keys, they need to be protected to ensure safety and avoid malicious use. Both the sender and the recipient must agree to use a CA.
A digital certificate is an electronic document you get from a CA. It contains the public key for a digital signature request and specifies the identity associated with a public key. The resulting digital certificate then authenticates the proof of identity of the public key, such as the name of the organization. The digital certificate is valid only for a specified time.
