Electronic signatures are widely used by businesses today.
It’s remarkable to think that they were only granted the same legal weight as their ‘wet ink’ counterparts from 1st July 2016 (in Europe). Legislation around electronic signatures and associated ‘trust services’ continues to evolve, with the eIDAS (electronic IDentification, Authentication and trust Services) Regulation – Regulation (EU) No 910/2014 of the European Parliament and of the Council – providing an update to legislation across the EU.
The new eIDAS regulation has consolidated and replaced a confusing patchwork of laws pertaining to electronic signatures, making them consistent across every EU country. With electronic signatures used to sign international documents, the eIDAS regulation ensures all parties produce and receive signatures that are legally binding.
eIDAS updates the original Electronic Signatures Directive (Directive 1999/93/EC), setting out a legal framework to enable mutual recognition of electronic identification systems between Member States, and establishes trust services that can be used to support, or in place of, electronic signatures.
For a more detailed explanation of how eIDAS changes existing legislation, take a look at our Trust Services for Electronic Documents white paper. This blog post explains some of the key points to consider.
eIDAS Changes to Electronic Signatures
Previously, electronic signatures could be used by both individuals and by corporate organizations. eIDAS updates this to make a distinction between natural and legal persons, requiring that an electronic signature relates to an individual – not an organization – henceforth. This change switches the onus on to individual responsibility, ensuring greater awareness of the legal responsibility of those applying signatures as part of automated processes.
eIDAS Changes to Advanced Electronic Signatures
eIDAS redefines Advanced Electronic Signatures to allow for mobile technology to form part of the identification and authorization process – through connection to a Certificate Authority for the issuance of a digital certificate.
eIDAS Changes to Qualified Electronic Signatures
Qualified Electronic Signatures (QES) are an extension of the concept of Advanced Electronic Signatures. QES are only possible to create from a qualified electronic signature creation device (SSCD) – which must store the signature creation data. Such a device is qualified by issuance of a Qualified Certificate, from a qualified trust service provider. In turn, a qualified trust service provider is granted such status by the Supervisory Body.
The electronic signature creation device provides a level of security above and beyond an Advanced Electronic Signature, which is appropriate in certain scenarios.
What are Trust Services?
Trust services are introduced, as a concept, via eIDAS to provide additional routes to verify integrity of document content and sender. eIDAS sets out a legislative framework to put these services into practice in the EU.
As part of these changes, eIDAS introduces the concept of electronic seals. Electronic seals are similar to electronic signatures, but only available to legal persons (rather than natural persons) – such as corporate entities. These provide a route for corporate entity to apply a stamp of authentication to a document, without the fine-grained individual responsibility implicit in an electronic signature.
As the name suggests, an electronic seal works a little like its traditional, physical, counterpart. The seal guarantees that the contents of the document has not been tampered with, as well as guaranteeing the authenticity of the sender.
Time stamps are used to verify that the data contained in the document existed, and remains unchanged from, the data at the time and date of the stamp. This is particularly useful to anchor documents, such as contracts or bills, to a time and date.
The Electronic registered delivery service prevents risk of loss, theft, leakage or alteration of documents being sent from one party to another. The service also provides evidence of receipt and proof of delivery.
Website authentication, by way of electronic certificate added to the site, validates the authenticity of the site and link to entity or person(s) owning the site.
The Business Benefits of eIDAS
In the competitive and fast-paced world of business, capitalizing on changing legislation provides a competitive edge. Working with an expert partner, such as Corcentric, enables your business to quickly offer the benefits of trust services and the full range of electronic signature types to your customers.
Whether incorporating the latest changes from eIDAS within internal document distribution processes, or as a way to improve security and assurance with partners and customers, these recent changes make document transactions more secure than ever before.
Move beyond the benefits of simple electronic signatures and turn trust services to your business advantage.
Learn more on regulations and requirements in our whitepaper.