Are there any “false friends” (i.e. misunderstandings, confusions) that we should be aware of when transitioning from the handwritten signature to the electronic one? If yes, which ones?

Aurélie: The electronic signature technology is rather new and rapidly evolving, so some confusions or misunderstandings between notions still happen from time to time. Generally speaking, people know what a handwritten signature is and how to use it. Centuries of usage could make us to believe that an electronic signature is and works exactly the same as the handwritten one; just it is applied on a digital document. To a certain extent and when specific conditions are met, this is true. Nonetheless, an electronic signature can be of different types or levels (i.e. simple, advanced and qualified). Each level comes with its specific features and legal value, which depends on how thorough the signer is identified beforehand.

This identification process is also something that people are not very familiar with. When signing on paper, it very rarely happens that the signers are required to present their ID cards or get identified by a third-party. Yet, this process is mandatory for anyone who wants to sign with a qualified or advanced electronic signature. Signing electronically can easily replace the traditional paper signing process, but it also opens new possibilities offering new types of guarantees (over signers’ identity, consent etc.). To take advantage of all this, signers and users alike have to do a bit more and a bit differently.

Can you give us more examples of electronic signature errors you are confronted with?

Aurélie: When using general public tools, such as Adobe Reader, the most common mistake is signing with the wrong certificate. It has already happen to me to receive documents signed with an authentication certificate instead of a signature one. Such tools use by default the first certificate associated with signer’s identity or the signer himself does not know how to select the right one.

Recently, I have also received a document “signed” with an electronic seal, containing the name of the signer and the mention “This stands for a qualified electronic signature”. Such combinations appear more and more in the business world and people tend to think that any image resembling a handwritten signature or containing the name of the signer is an electronic signature having the legal effect of the handwritten one. This is not the case unless that respective e-signature relies on cryptographic mechanisms and meets the current regulatory requirements.

So, coming back to the document you were talking about… Was it signed with a valid e-signature? How could you tell?

Aurélie: No, of course not. After checking, the combination proved to be invalid. The easiest way to verify the validity of an electronic signature (or any other combination of elements that give the impression of an electronic signature) is to use a dedicated validation service, such as the one provided by LuxTrust via COSI, our trust services hub. It enables companies to check automatically multiple e-signatures or e-seals. In the absence of such a service, individuals could use the DSS webapp provided by the European Commission. It is a free service, but you can check only an e-signature at a time.

In linguistics or casual situations, “false friends” can cause misunderstandings, maybe put the speakers in embarrassing situations, but they represent a good learning tool. In professional contexts where electronic signature is used, making mistakes can be more problematic, having legal and financial implications, so it is best to avoid them completely. 

Aurélie Bayard

 

Aurélie Bayard has 20 years of experience in developing projects in the banking, automotive and industrial fields. She has spent the past 10 years at LuxTrust where she has developed technical and functional solutions that enhance customers' journeys while meeting business, legal, compliance and security needs. Persuaded by the benefits of secure digital identities, she is a strong advocate for the use of the electronic signature solutions and their complementary services.