Closeup of the feather of a fountain pen on wooden background.
Unterzeichnung

Electronic signatures: Everything you need to know

Digital transformation is at the top of the list of priorities for German companies. However, outdated methods continue to be used in contract processing, in particular when signing contracts, although the electronic signature is equivalent to a handwritten signature on paper for many applications. More and more companies in Germany, Austria and Switzerland are therefore switching to an electronic contract system, as the time saved in processing is significant and risks can be eliminated at the same time.

What is an electronic signature?

Basically, the electronic signature is a digital version of a signature, and is used to confirm the authenticity and integrity of a document. With the help of electronic signatures, digital documents, such as contracts or permits, can be signed in a legally binding manner.

Unless this is excluded from the outset by law, the electronic signature can replace a signature on paper: An electronic signature unequivocally links the signatory and the signatory with a defined and inalterably stored document or a string of characters. Electronic information is usually electronic documents, but any sequence of characters can be signed electronically.

Distinction from digital signatures

In general, the terms”digital signature“and”electronic signature“used synonymously. In particular, however, digital signature is a class of cryptographic methods that is also used in the encryption of network connections, while electronic signature is a primarily legal term coined by the EU Commission. In addition, by choosing the term, they wanted to broadly define the technical possibilities in order not only to allow signature procedures based on existing digital signatures or other cryptographic methods.

What types of electronic signatures are there?

There are basically three types of digital signatures:

  1. Simple electronic signature (EES) In the most common case, this is an e-mail that is signed with the sender's name. There are no special requirements for a simple electronic signature. It is not necessary to use a digital key to identify the sender. Simple electronic signatures can be used for informal agreements in accordance with Section 127 of the German Civil Code.
  2. Advanced Electronic Signatures (FES) must be clearly linked to the signatories so that they can be identified beyond doubt. It must also be ensured that changes to the documents linked to the signature can be identified retrospectively. An example of this is top.legal signature, which can be used, among other things, to identify signatories through the use of multi-factor authorization via an SMS security code.
  3. In accordance with the European Directive, a Qualified electronic signature (QES) is advanced electronic signature , which is based on a qualified certificate valid at the time of its creation and was created using a secure signature creation unit (SSEE).

Legal effect of electronic signatures

According to the Official Journal of the European Union dated 28.8.2014 (Art. 25 para. 1 eIDAS regulation), an electronic signature may not be denied legal effect and admissibility as evidence in court proceedings simply because it is available in electronic form or because it does not meet the requirements for qualified electronic signatures.

A qualified electronic signature also has the same legal effect as a handwritten signature. A qualified electronic signature based on a qualified certificate issued in one Member State is recognized as a qualified electronic signature in all other Member States. Documents that are “only” signed with an advanced electronic signature in accordance with Article 3 No. 11 of the eIDAS Regulation can also be submitted to court by visual evidence in court.

What is the difference between signatures in practice?

Electronic signatures differ from one another in terms of the degree of protection against forgery. At the bottom of the scale is the simple electronic signature, which does little to ensure the authenticity of the signature.

At the top end of the scale — and thus with the highest standards of protection against counterfeiting — is the qualified electronic signature, which uses encryption certificates from a trust authority (trust service) to confirm that the signing party is actually who it claims to be. This usually requires extensive authentication with the Trust Authority using a video identification process. This method is less suitable for use in a business environment, as it presents the signer with hurdles that cannot be easily overcome in a short time.

The golden medium is the advanced electronic signature. According to Art. 26, an advanced electronic signature should meet all of the following requirements:

  1. It is clearly assigned to the signatory.
  2. It allows the signatory to be identified.
  3. It is created using electronic signature creation data, which the signer can use with a high level of trust under his sole control.
  4. It is connected to the data signed in this way in such a way that a subsequent change in the data can be recognized.

In practice, this means that it must be ensured that a signed document is encrypted with a key that is under the sole control of the signee. This is the only way the recipient can be sure that the document or message comes from the person it claims to be and that the data was not manipulated during transmission.

An additional way to ensure this requirement is two-factor authentication (2FA), for example via a mobile phone.

Advanced signature compared to simple electronic signature

Signing documents using an advanced electronic signature usually requires specialized software. Simple electronic signatures can be created without software. To do this, it is usually sufficient to send a simple e-mail with your name, to provide documents with a scanned signature, or to scan signed documents and send them by e-mail.

The advanced electronic signature uses encryption technology so that the public key used can be used to determine who signed and whether the signature is valid. With a simple electronic signature, the authenticity of the signature or the unchanged quality of the document cannot be guaranteed.

Advanced signature compared to qualified signature

The advanced signature ranks first in terms of security within the EU and offers similar legal validity as a handwritten signed document, unless the law explicitly states that a conventional handwritten signature is used. As with advanced electronic signatures, qualified electronic signatures also require the use of specialized software. In addition, physical encryption tokens in the form of a USB stick or a chip card, for example, must be used to increase the level of security.

What are the benefits of electronic signatures?

The main advantage of a digital signature is that a signer can sign documents quickly and easily without having to resort to the cumbersome and time-consuming routine of printing, signing and scanning. This process saves time and money.

Our data shows that contract processing on an electronic basis is up to 9 times faster than a paper-based contract system. We also see in contracting higher rates, as the probability of bouncing is reduced due to the simplicity of the system.

Are electronic signatures secure?

In principle, any signature, whether electronic or on paper, can be forged. However, the electronic signature has clear advantages in terms of manipulation options. In contrast to verifying a signature or ID card, every layperson is given all the tools to determine beyond doubt whether the signed document has been manipulated and whether the signature provided actually comes from the person in question.

Using the latest technical options, it is currently easier to fake a signature than to manipulate the encryption mechanism using a standard IT infrastructure.

In addition, metadata as well as the time of signature and IP address of the input device are stored as part of the provision of the electronic signature. This burden of proof can no longer be reproduced with a physical signature, particularly one year after the signature has been made.

Technical implementation of the electronic signature

So that the integrity of a document can be established beyond doubt, a hash code is calculated from the electronic document using a hash function.

A hash function is an algorithm that efficiently returns a string of any length (input value) to a fixed-length string (hash value). This means that the document is translated into a column of random characters. The algorithm of the hash function is public in order to be able to verify the integrity of the process.

Every user of the publicly available hash function, inevitably when using the same document, receives an identical hash value. If you change any section in the document, the characters in the hash also change. By comparing generated hash values, it is therefore technically easy to establish the integrity of a document beyond doubt.

Electronic signature process (on top.legal) in practice

This is how electronic signatures are implemented within our CLM software:

  1. The parties are invited to sign
  2. The contract to be signed is transferred to signature mode
  3. The software calculates the hash value (checksum) including the metadata of the signing parties
  4. The hash value is saved in an audit-proof manner and stored in the pdf.
  5. The hash value is usually encrypted with the signer's private key
  6. The encrypted value can also be stored directly in the pdf together with the further information (encryption algorithm used, public key, etc.).
  7. The signatories receive access to the signed contract via email or via a secure link
  8. The recipient can use a check algorithm to check the validity of the signature and determine whether the present document is also the one that is surrounded by the signature. Many manufacturers offer free test editions of their signature software for this purpose, and some also offer online verification via the Internet.

Find out in a live demo how you can digitize your contract process with top.legal.

Book a live Demo

Ausgewählte Artikel

Unterzeichnungsstandards Die richtigen Signierstandards für Unternehmensverträge

Für Unternehmen, die ihre Vertragsprozesse optimieren wollen, ist es wichtig, die verschiedenen Unterzeichnungsstandards und ihre Unterkategorien zu verstehen. Jede Methode hat ihre eigenen Vorteile, rechtlichen Überlegungen und optimalen Anwendungsfälle, die von der Art des Vertrags und den beteiligten Parteien abhängen.

a checklist representing signing standards for different contracts

Effektiv verhandeln: Ein vollständiger Leitfaden mit Checkliste

Verhandlungen sind das Herzstück von B2B-Transaktionen, da sie die Bedingungen und Ergebnisse von Geschäftsabschlüssen direkt beeinflussen. In einem wettbewerbsintensiven Markt müssen Unternehmen ein Gleichgewicht zwischen dem Schutz ihrer Interessen und der Förderung langfristiger Partnerschaften finden, was Verhandlungen zu einem entscheidenden

a group of professionals negotiating with each other

Mehr zum Thema effizientere Vertragsprozesse

Contract Management Training Courses: Overview of Career Development

Contracts are the backbone of many business relationships and often determine the success or failure of a project. The ability to effectively manage contracts is therefore invaluable. Contract management Continuing education can not only improve your overall professional skills but also significantly increase your career opportunities.

Standard Contractual Clauses: Definition and Relevance in Data Privacy

Data protection and data privacy are becoming increasingly important in today's digital era. Standard Contractual Clauses (SCCs) are an essential part of international data protection case law.

The Different Types of Service Level Agreements

Service Level Agreements (SLAs) sind Verträge, die zwischen Dienstleistern und ihren Kunden geschlossen werden, um die Erbringung und Qualität von Dienstleistungen festzulegen. SLAs dienen als wesentliches Werkzeug zur Sicherstellung einer hohen Servicequalität und klaren Erwartungen zwischen den beteiligten Parteien.

Ready to start?

Find out how top.legal increases the efficiency of your company.

illustrated arrows Illustrated pencil strokesillustrated pencil strokesillustrated pattern of dots.