What is an Electronic Signature?
With an electronic signature, it is possible to ensure document integrity and authenticity of origin.
What is an electronic signature used for?
An electronic signature allows us to safely carry out electronic transactions with clients, banks, suppliers or public administrations, meaning millions of daily communications with partners around the world.
In the business context, purchase orders, invoices, shipment notices, contracts, etc., are sensitive and important transactions. They require different technologies to properly create, send and receive messages.
The sensitivity and importance of these communications mean it is necessary to adopt systems that also guarantee their security, confidentiality and integrity.
Characteristics of an Electronic Signature
EDICOM's Electronic Signature Services
EDICOMSignADoc
A service to approve contracts and any type of document by using an electronic signature.
Remote Signing
Advanced electronic document signature services from secure EDICOM signature creation devices.
What is electronic certification?
A digital certification is a document signed electronically by a certification service provider that links signature verification data to a signatory and confirms the signatory's identity. The signatory is the person who possesses a signature creation device and who acts on their own behalf or on behalf of a natural or legal person they represent.
To this end, the applicant is accredited by the certification authority and is unequivocally linked to the certificate. Thus, it provides a unique electronic identifier that allows you to carry out all types of electronic transactions requiring authentication.
Certificates must be issued by an accredited certification authority, integrated in a PKI (Public Key Infrastructure).
Uses for Electronic Certification
1. Electronic signature
Certification is used to sign all kinds of digital documents, from simple e-mails to the most complex commercial contracts. This means a non-repudiation guarantee, unequivocal knowledge of who the document sender is, and document integrity.
2. Communication security
Certifications codify communication between two people, making all transmitted information confidential. This guarantees that any document sent by either party is closed and can only be opened by the legitimate recipient.
3. Certified digitalization
The legislation of many countries allows an original paper document to be substituted with its digital equivalent. This ensures identical legal guarantees, provided that certain procedures, like digital signatures, are observed.
4. Personal identification
This allows for identity recognition in the digital or physical space, allowing or restricting access and recording identity.
5. Software signing
Digital certificates are used to sign software. This allows the entity using the software to ensure original status, know who created the software, and—most importantly—ensures that the signature is not modified after it is created.
How does an electronic signature work?
In an analog context, authenticity is proven by a handwritten signature. An individual or several individuals use it to acknowledge the content of a document and, if applicable, their commitment to comply with the obligations and agreements established therein.
In the context of electronic messages, confidentiality, integrity and authenticity are addressed through cryptography with electronic certificates and electronic signature processes. An electronic certificate is a piece of software. It explicitly identifies a person through a known public code and contains the certificate owner's data, as well as a private code known only by the certificate holder.
With these certificates, an electronic signature is obtained based on a process like this:
1. Certification transmission
The sender obtains the document summary or HASH. This establishes the message's unique digital imprint. If the message has any minor change, this imprint changes.
2. Encryption
This HASH is encrypted with the sender's private code.
3. Receiving
The receiver gets the message and the encrypted HASH.
4. Decryption
Decryption is carried out with the sender's public code. If the process is carried out successfully, the origin of the message is guaranteed (the message is authentic).
5. HASH application
At the same time, the receiver applies the same HASH algorithm to the message as the sender. The imprint obtained is compared to the "decrypted" imprint. If they are the same, this verifies that the message has not been modified (the message is intact).
Types of Electronic Signatures
Electronic signature types are defined in Directive 1999/93/EC. Their recognition has been extended and streamlined through eIDAS regulation.
Electronic signatures technically provide better security and privacy levels based on two fundamental factors:
Certifications Issued by a Trusted Service Provider
Certification Support Systems
The type of certification and signature creation device used will provide greater guarantees to the extent that we use secure signature creation systems based on recognized certifications. From here, there are 3 types of recognized signatures:
Qualified Trust Services
A qualified trust service has the corresponding accreditations and the proper technology to offer specific electronic identification services such as electronic signatures.
The services provided by this type of supplier give individuals and legal entities the secure electronic identification mechanisms that allow them to carry out activities where the electronic signature replaces the handwritten signature—with identical legal guarantees.
Stay up to date by subscribing to our monthly newsletter
O formulário foi enviado com êxito.
Algo não funcionou corretamente!
Assine nossa newsletter
Enviando
Por favor espere. Isso pode levar alguns segundos.
