Written by Ana Canteli on 12 April 2019
The handwritten electronic signature means capturing your signature using technological tools - this can be a pen tablet, a mobile app or mobile devices - in which biometric data can be collected, such as speed, pressure, and degrees of inclination; so that it can be used as a means of personal identification. Any signatory can use this distinctive signature identification without having to own anything (smart electronic card), to register, or to defray costs or acquire any legal damage.
The recognition of a digitized handwritten signature is done by analyzing the image of your signature, while the handwritten e-signature provides not only visual information - the picture of your signature - but also dynamic information (how it was made); thanks to the collection of the biometric data of the signer, in a technological solution, which in turn provides security measures.
Nowadays, the handwritten electronic signature and its synonyms (biometric signature, dynamic signature, digitized signature) are not regulated in the national (Spain) or EU legal framework, and there is no approved standard.
But the digital transformation is not the prelude to a time of change, but the beginning of an era of change in which organizations and people demand agile and accurate tools to lighten and shorten the signing experience when submitting a request, accepting an order, paying taxes and fees, or responding to a request.
In any case, the fact that a handwritten digital signature is not regulated by national or European Union law does not invalidate its use, since the standard was drafted in such a way that the use of other types of signatures was foreseen, based on the use of secure signature creation devices. The secure devices are characterized by containing the necessary technology that provides guarantees of authenticity and integrity of the documents signed, which can be used by an expert calligrapher in case of litigation.
According to the LFE (Electronic Signature Law), the electronic signature is the set of data in electronic format, consigned together with others - a document for example - that can be used as a means of identification of the signatory. In turn, the electronically signed document is a legal concept equivalent to a handwritten signature and is intended to attest to the will of the signer.
According to EU Regulation 910/2014 that defines e-signatures in the EU, better known as elDAS, these are data in electronic format, attached to other electronic data or logically associated with them, which the signatory uses to sign. This is the most basic definition and the common element of the three types of electronic signatures that exist:
the electronic signature or a simple signature
the advanced electronic signature
the qualified electronic signature
The three types are differentiated by the level of security they provide; for its ability to identify the signer and for its ability to guarantee the integrity of the electronically signed documents.
The digital signature consists of the use of cryptographic mechanisms on the content of a document in electronic form, so that the recipient of the document is confident that the sender of the message is authentic (authentication), that the document has not been altered (integrity) and that the issuer can not deny the issuance of the document (non-repudiation).
The digital signature is legal, but its purpose is not to attest to a voluntary act of the signer; it only aims to encrypt the data of the document, to give it greater security.
The digitized signature is a handwritten signature converted into an image. To do this, you can scan your signature or capture the rubric using a graphics device; a photograph, a scanner; or using a signature device such as a pad, mobile app or mobile devices that allow you to save your signature image and use it when necessary. The scanned signature has the assessment of simple e-signature, so it is legal, but it does not offer guarantees regarding the identity of the signer.
For electronic handwritten signatures to be legally endorsed, they must comply with a series of security and technical requirements that guarantee the link between the document and the identity of the signatory.
Among the technical requirements include:
Biometric data capture of the pressure, stroke speed, position and time used by the signer.
Confidentiality of biometric data.
The unique relationship between the signer’s biometric data and the signed document.
The integrity of the signed data, avoiding the subsequent change of the data.
The authenticity of the document and its relationship with the signatory.
Making it impossible to embed the signature file in another document.
Signature verification.
Inviolability of the signature capture system.
Permanence in time.
Concerning security requirements, for a handwritten e-signature it is required:
That the signature of digital documents is carried out in isolated devices from the signature application and with technical capacity for the capture of biometric data.
That the signatory makes the rubric on a tactile device, in the same way as it would on a piece of paper. Coding the capture of the dynamic data, a product of the signature, as well as other evidence (the device with which it has been made, date, time and place of the signature, a photograph of the signatory or validation of official documents).
That the provider of the biometric signature technology generates the signed document by adding the following metadata: hash of the evidence, signature device and evidence encrypted with a key guarded by a trusted third party, for example, a notary.
That the supplier of the digital signature technology encrypts the biometric information plus the above data, with a public key whose private counterpart is kept in the custody of a third party (a notary). It guarantees impartiality and the impossibility of reusing that information for the falsification of signatures.
That the signature solution shows on the mobile app or mobile device, the document to be signed following the logic WYSIWYS - What you see is what you sign -.
That the electronic signature service of the digital signature solution provider makes an advanced e-signature, in long signature file format, on the document together with its metadata. This process allows keeping the documents and their e-signatures over the useful life of the digital certificates used. This is possible using a recognized electronic certificate and including a time stamp, which ensures the integrity of the signed document. It is an extra guarantee if the advanced electronic signature is made through a one-use certificate (instead of using the same certificate for the signature of all operations) since the use of a single certificate reduces security risks that are derived from an eventual endanger of the signature key.
If these requirements are met, the handwritten digital signature will guarantee the following characteristics:
The authenticity of the signatory through the biometric data of the signature, which can not be transferred to another document, thus leaving the document and the signatory linked.
The integrity of the document, making an advanced e-signature based on a recognized electronic certificate. Biometric data is protected in the document by encryption, and a third party holds the key that protects.
Cost savings: It is estimated that each paper signature costs an organization more than 5 euros in expenses such as paper, print, scan, archive and replacing lost documents. 100 Signatures on paper equal to 1081.49 litres of water, 45.36 kg of wood and 10.89 kg of waste.
Save time: Business processes are delayed to obtain the signed documents, while the electronic signature can be managed to be applied when required, no matter where the signer is.
Savings in space: the electronic management of documents, including the signature process, considerably reduces the need to maintain physical files.
Greater security: the use of recognized e-signatures, backed by a recognized electronic certificate, offer the maximum legal guarantees. Enterprise content management systems such as OpenKM enable users to sign pdf documents or provides the possibility to sign documents that will be converted to this format. The most common example of an electronic signature is to sign a pdf. Within the document management system, you can facilitate the process of editing the pdf document, thanks to its friendly interface. You can add notes, categorize, highlight the status of the pdf document by using the stamping functionality and add more information in the form of metadata.
A higher level of service: You can offer the possibility of handwritten documentation, stored securely in electronic document management systems. In this way, both staff and clients will perceive the suite of programs as the suitable and safe environment in which to process services and offer products.