As organizations continue the transition to online processes, look for cost savings, take environmental responsibility, and reduce response times, they need to ensure the documents they access are trusted and secure.
Enabled by proven public key infrastructure (PKI) technology, digital signatures are widely recognized as a best practice for providing digital verification of electronic transactions.
Digital signatures provide “non-repudiation” — the ability to identify the author and whether the document has been changed since it was digitally signed.
This functionality is particularly useful for workflow processes where one or multiple approvals are required, such as supply-chain management or financial management of forms like expense reports. Digital signatures provide confidence to customers, citizens and consumers that the material actually came from the originating organization.
Depending on organization requirements, Entrust can help with a variety of solutions for the implementation of digital signatures.
We are all familiar with paper signatures – a hand-written signature on a paper document. Aside from legal and contractual issues, the primary properties of a paper signature are:
– it is intended to be associated with a particular individual;
– it generally shows a commitment related to a particular document, with the exact meaning depending on context.
Though far from perfect, paper signatures serve surprisingly well in many parts of the world as the basis for business and legal transactions. Societies have learned to use paper signatures in circumstances in which a physical marking on a paper document, augmented by sufficient controls and context, provides sufficient recallable evidence of a commitment related to that document by the marking party. The evidence is important in order to reconstruct circumstances, in the rare case of later disputes.
How do digital signatures work?
A digital signature is the term used for marking or signing an electronic document, by a process meant to be analogous to paper signatures, but which makes use of a technology known as public-key cryptography.
Additional security properties are required of signatures in the electronic world. This is because the probability of disputes rises dramatically for electronic transactions without face-to-face meetings, and in the presence of potentially undetectable modifications to electronic documents. Digital signatures address both of these concerns, and offer far more inherent security than paper signatures. Compared to all other forms of signatures, digital signatures are by far the most easily verified and the most reliable with respect to providing document integrity.
What is the difference between paper and digital signatures? Entrust Solution
– Property can be applied to electronic documents and transactions
– Signature verification can be automated
– Signature automatically detects alterations to the document
– Can be used to signify a commitment to a contract or document
– Can be augmented by use of a witness to the signature process
– Recognized by legislation
How is a Digital Signature Created?
– capturing the entire context of the electronic transaction or document, and precisely what the signer is committing to;
– ensuring that the data displayed to the user accurately reflects the data to be digitally signed;
– requiring the user to signal an understanding of the commitment being made, and a desire to be bound to this;
– authenticating the user in order that the user’s private key becomes available to the signing device;
– computing the signature based on the signer’s private key and the data being signed;
– a timestamp server optionally appending a time-date field to the data and signer’s signature and then signing; and
– forwarding the signed transaction for processing, storage, or subsequent verification.
Ask us more about Digital Signatures by Entrust