The three different types of electronic signatures are simple electronic signatures (SES), advanced electronic signatures (AES), and qualified electronic signatures (QES). Learn about how these e-signatures work and when to use which type.
What is an electronic signature?
Electronic signatures, also known as e-signatures, consist of a group of different methods of attaching identity to documents using an electronic process. Technically speaking, what qualifies as an electronic signature is an electronic entity (“sound, symbol, or process,” according to the E-Sign Act) linked to a record that one intends to sign. Something as simple as a picture of a handwritten signature or as complex as a digital signature certificate generated via PKI (public key infrastructure) can qualify as an e-signature. They have grown in popularity tremendously in recent years, likely due to the increasingly paperless world that we find ourselves in; documents need to be signed and e-signing is a convenient and efficient solution.
Many businesses, consumers, and even some governmental processes have introduced and embraced the use of electronic signatures on their electronic documents. Depending on the specific use case, different types may be used, each offering a different level of authentication of the identity attached. Nowadays, in many jurisdictions, electronic signatures are considered equivalent to handwritten signed documents.
Although "electronic signatures" and "digital signatures" are often used interchangeably in colloquial use, they are, in fact, not the same thing. The difference is that a digital signature is a specific type of secure electronic signature that uses an algorithm to cryptographically authenticate a document.
What is the difference between a digital certificate and an electronic signature?
Digital certificates use PKI certificates issued by a trusted certificate authority, like Sectigo, to authenticate the identity of the requestor. This type of authentication is the best way to ensure the integrity of electronic documents and directly link the identity to the document, ensuring its legitimacy.
Digital signatures comply with the most demanding regulatory requirements, including the United States Electronic Signatures in Global and National Commerce Act (ESIGN Act), the Uniform Electronic Transactions Act (UETA), and other applicable international laws like eIDAS.
Other types of electronic signatures use different, less secure methods of authentication. These can include email addresses, phone numbers, or other types of contact information. There are many different types of electronic signature laws around the world and different requirements for verifying the signer's true identity.
3 main types of electronic signatures
There are three main categories of electronic signatures. The specific differences are described by the 2016 electronic Identification, Authentication, and Trust Services regulation (eIDAS regulation) passed by the European Union (EU). They are also applicable in the US.
This piece of regulation creates a legal framework concerning the electronic identification, signing process, seals, and documents throughout the EU. These signatures are often built into business processes and workflows as default options, and they have become ubiquitous in the internet user experience.
Simple Electronic Signatures (SES)
SES are the broadest and simplest types of electronic signatures. eIDAS defines them as "data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign." They do not need any type of identity verification from the signer, and trust in these signatures is the responsibility of the individual accepting the document.
In some cases, simple electronic signatures can be considered legally binding. However, for many documents, higher qualifications must be met.
Advanced Electronic Signatures (AES)
Unlike the simple version, advanced electronic signatures do require a level of identity verification. They are based on certificates that uniquely identify the signer of the electronic document. They are often transmitted via a specific delivery service that can provide audit trails and other types of evidence about the transmitted data. These signatures are typically certified by a Certificate Authority (CA).
Qualified Electronic Signatures (QES)
QES are like advanced electronic signatures, but they go further to meet additional requirements outlined in the eIDAS regulations. Qualified electronic signatures must have a certificate based on public keys that were issued with proper technological means. They also must have prior identification of the signatory by an audited entity, such as a Certificate Authority. This identification can be completed face-to-face, which can be conducted remotely via video chat or in person.
There are many different legal requirements for electronic signatures around the world. In the United States, the legality of them largely revolves around four major pillars.
Intent with an electronic signature is no different than with a handwritten or wet signature. It must be clear that the signatory intends to affix their name/identity to the electronic document. In this case, you cannot force someone to opt out and consider it to be a legal signature.
When an electronic document or contract is signed, every party signing it must specifically give consent. Without this, the use of electronic signatures cannot be considered valid unless they opted in at a previous date and never withdrew their consent.
The specific method used for affixing the electronic signature must not only keep a record for that signature, but it must be a demonstrably accurate record. This record should also fully explain the method that was used to create and affix the signature.
The record of an electronic signature must be accurately reproduced and available for the files of any party entitled to such data. This leaves an audit trail and allows access to any necessary records.
Validity and verification
How do you verify an electronic signature?
Verifying an electronic signature depends on the type of e-signature being used. As discussed above, simple electronic signatures do not need specific identity verification methods to be used in many countries and situations.
Advanced electronic signatures, however, force signers to use digital certificates as a method of identity verification. There are many methods to generate and verify these AES certificates. Most major platforms, like DocuSign will allow you to do so.
Qualified electronic signatures are the most secure, and thus the most difficult verification method. They use a qualified trust service provider (QTSP) like Sectigo, often specifically authorized by a government to:
- verify the signer’s identity either through face-to-face or a video conference call with a valid method of identification.
- validate the identity of the signer at the time of signature through signer-held or cloud-based certificates.
What makes an electronic signature valid?
For an electronic signature to be considered valid, especially in a legal setting, certain minimum criteria must be met. There must be clearly demonstrated intent, security of the signed document, and prevention of tampering in the future. The legality of a document can be called into question if there is any evidence of possible alteration of the document after it was signed. Ensuring there is an audit trail, evidence of authentication, and proper security is why many choose well-known e-signature solutions to help.
Examples of e-signatures
There are a variety of electronic signature solutions available from providers such as DocuSign and Adobe. Manual methods can also be used. Depending on the use and level of security necessary, the signature process may vary and may include more or less contact information of the signer (such as name, date, IP address, etc.).
Is a scanned handwritten signature an electronic signature?
Yes, this would be a simple electronic signature. It is not safe for obvious reasons, but it is part of the collective umbrella that is electronic signatures.
Is a typed name an electronic signature?
Yes, this is also an example of a simple or basic electronic signature. An e-signature can take many forms and signing something like a Word document with a typed name is one of them. As long as it demonstrates intent and understanding, it can be considered an electronic signature. Usually, when a typed name is used as a signature, the /s/ signature symbol precedes it.
Electronic signatures can be used nearly anywhere. However, there are particularly common use cases, including:
- Sales contracts
- Purchase orders
- Vendor contracts
- Real estate contracts
- IP licensing agreements
- Legal agreements
- Non-disclosure agreements
- Employee contracts
To ensure you and your organization use valid and verified e-signatures, learn about Sectigo’s document signing certificates. Contact our team for further information on what types your business should be using.