How to create a Digital Signature in 4 steps? Tools & Best Practices

by Valentina Kaurin. Article updated on 25 January 2021, first published on May 2020
electronic-signature-legally

Traditionally, a handwritten signature on paper has been defined as the only authentic act to sign a document. Following the rise of electronic commerce, commercial and business law have had to evolve to enable the digital economy to execute a paperless contract within a given legal framework.

According to the Electronic Identification Authentication and Trust Services (eIDAS) regulation, electronic signatures have the same legal status as handwritten signatures throughout the European Union and the UK.


E-signatures are defined as:

An electronic signature, or eSignature, is information in an electronic form, which is associated with other data in electronic form and which is used by the signatory to sign

(eIDAS)

Electronic signatures have become crucial to current businesses. More and more companies are now moving towards this digitised alternative. This easy to use and a time-saving solution is perfect for optimising tasks that previously slowed down your workflow. However, depending on your sector, a more Advanced Electronic Signature might be needed for it to qualify as sufficient proof in court. Indeed, electronic signatures aren't all legally binding.

Types of Electronic Signatures

In the UK, electronic signatures have been legal since the Electronic Communication Act 2000 was passed. The bill made e-signatures legally binding. However, depending on the type of agreement signed, it is advised to use a more secure type of signature.

There are three types of E-signature according to eIDAS:

  • Basic eSignatures: Non-encrypted and free eSignatures, used for non-formal agreements such as signing for delivery. These signatures are still legally binding, but they need extra evidence support to be qualified as proof in court. Furthermore, it is the least secure type of e-signatures and is easy to forge.
  • Advanced eSignatures: Digital signatures linked to an online digital certificate, typically an encrypted signature issued by a Trusted Service Provider (TSP) or Certificate Authority (CA), certified by qualified authorities such as eIDAS. It is the 2nd most secure eSignature due to its ID verification standards and online document tracker, guaranteeing a safe platform where both agreeing parties are authenticated and have access in real-time to the changes made to the contract.

  • Qualified eSignatures: Digital signatures stored by a Qualified Signature Creation Device (QSCD), issued by a CA certified as a Qualified Trust Service Provider (QTSP). It is the most secure eSignature due to its form of storage being a highly trusted device such as a USB Token. It guarantees a secure platform where the contract is visible for both parties, offering live updates on the modification of the agreement.

Basic eSignatures vs Advanced eSignatures

Even though basic electronic signatures are a very popular and easy way of signing an agreement without the need for physical intervention, they need substantial proof in order to be admissible as evidence in court. These basic electronic signatures are not safe and can lead to fraudulent documents.

This is why both advanced and qualified eSignatures are advised because they allow for a more secure transactional operation thanks to the use of a certificate-based digital ID or Qualified Signature Creation Device (QSCD). These methods use cryptography to secure the transaction. Moreover, it allows the user to record and be notified of every action of the documents signing process.

Since both advanced and qualified eSignatures adhere to the strictest legal regulations, most countries in the world recognise these signatures. They comply with international security standards of signers trust and assurance and have a solid legal foundation. Thus, this option is used by large companies looking for the most secure way to conduct international trade.

How to Obtain an Advanced eSignature

Here are the 4 Steps to obtaining an advanced signature:

  1. Find a Trusted Service Provider (TSP) or Qualified Trust Service Provider (QTSP), certified in the relevant country. Scroll down for a list of recommended TSPs.

    *Though each country has its own regulatory authorities, every EU country follows the eIDA regulations. These unify eSignatures regulations for every EU country, including the UK, even post-Brexit.

  2. Fill out the necessary information for the TSP/QTSP of your choosing
  3. Pay for the fees
  4. Obtain your digital signature certificate or Qualified Signature Creation Device (QSCD)

How to Recognize a Trusted Service Provider

This company must provide you with its Certifying Authority (CA) license of compliance upon request.

This certificate confirms that this trusted third party meets all the requirements, namely:

  • Compliance with the highest standards of security eIDAS & UK eSign regulations
  • The use of an integrated signature timestamp with probative value (date and time)
  • Its presence on the approved list of Certificate Authorities (CA) in the relevant country
  • The inclusion of a detailed recorded audit log of live updates on the agreements

Trusted Service Providers and Certification Authorities

These trusted third parties, certified by their corresponding authorities guidelines, issue electronic signature certificates or qualified creation devices with probative value. Their digital tracking system confirms the validity of commercial transactions and customer signatures.

The data`s safety is guaranteed by the unalterable qualities of the signed documents. The legality of signatures and transactions is reinforced by encryption standards, secure storage, and record procedures.

Here is a list of recommendations for trusted third parties known for being accredited with the highest security standards and international regulation adaptability, offering different types of eSignatures:

Yousign

Approved by Fintech and Legaltech, Yousign provides electronic signature certificates from countries all over the world who`s a line of work specializes in the European market.

Companies such as BpiFrance, Verspieren (insurance broker), Allianz, FCA Capital France, Auchan, FMA assurances, and Cadis Formation use the platform to digitise their workflows using electronic signatures, as well as to e-sign HR documents and financial documents.

Yousign provides a high standard of quality to ensure that an electronic signature has the legal value that is beyond reproach:

  • The tool is eIDAS qualified, with a certificate of conformity in support
  • The solution benefits from a qualification and compliance certificate issued by ETSI
  • The platform also holds the RGS conformity certificate issued by LSTI, a certificate attesting to compliance with French, European, and international safety standards
  • ANSSI has also included Yousign on its list of trusted service providers holding the Security Visa
  • An electronic safe is directly integrated into the software to store and archive signed documents

Signable

Signable was established in the United Kingdom for high-performance quality and advanced technology. A highly user-friendly digital signing tool, Signable offers everything needed to satisfy your expectations.

Some of the companies that trust Signable are BMW, The Body Shop, Krispy Kreme, and Hertz.

Some of the features include:

  • Maintenance support
  • Software as a Service (SaaS) model for storage outsourcing
  • Electronic Signature Validation
  • Electronic Document Signature
  • Document Time Stamp

To send an electronic signature:

  • Upload the document online
  • Fill in the requested information
  • Indicate the email address to which you wish to send it
  • The document will be sent along with a link to where the e-signature can be inserted

SignNow

SignNow is designed for signing, sending, and managing documents from virtually anywhere with any device. This electronic signature application simplifies the management of administrative documents within companies.

SignNow supports major platforms such as Salesforce, G Suite, Netsuite, Oracle, and Office 365.

This tool makes it easier to manage commercial documents. There is no longer the need to print out documents, sign, scan, and send them all back to the recipient.

Features:

  • Option to request additional information
  • Send an email for document signing to multiple recipients at one time using templates
  • Option to have recipients digitally draw their signature to Esign rather than to have it typed
  • Option to request payments on documents online
  • Option to CC additional people

Certified with the most secure and quality standards:

  • eIDAS,
  • GDPR,
  • ETSI,
  • ANSSI