There’s a slew of very diverse requirements on how business documents must be signed to be legit, and just as many interpretations. The very terminology can raise eyebrows, and there’s certainly not sufficient room in a blog to clear it all up. Still, if you deal with signatures in the legal context of Germany, there are a few facts that you should have straight. So what is an electronic signature, and how does it differ from a digital one? Defining the two is where many people take a wrong turn.
Germany’s Digital Signature Act (SiG) defines an electronic signature as an electronic declaration of intent or confirmation of a transaction by a natural person. An electronic signature may be given on your own or someone else’s behalf, but it is always tied to an individual. It is, in essence, the electronic equivalent of signing your name in ink.
A digital signature, however, is merely a term applied to the electronic signature’s underlying technology. At the heart of this is an encrypted checksum that allows the receiving system to verify the integrity of a signed document or detect if it has been tampered with.
A receiving system is able to verify the authenticity of a signature e.g. through an electronic certificate or a copy of the sender’s handwritten signature that allows the signatory to be identified biometrically.
While many organisations shun away from the perceived complexity of possible concepts and approaches, today’s advanced signature mechanisms are pretty much available off the peg, and the exact type and scope of the ideal solution can quickly be determined through optimised checklists and workshops.
Some preliminary considerations can also make it much easier to choose a signature solution and thus dramatically speed up project turnaround. For one thing, this means identifying exactly what sort of documents must be signed. The so-called qualified electronic signature (QES), which was first introduced in Germany in 2001, is considered to be the most secure method. However, this extreme level of security is rarely needed in real-life scenarios.
The types of documents determine the standards an electronic signature must meet. To break it down:
1. For an intra-company verification of a signature, including a scanned image of a handwritten signature (either manually or automatically), or a system log may well be sufficient. This is referred to as a simple signature according to the Signature Act.
2. In business transactions, however, the standards are a bit stricter:
Our solutions are built to meet these standards. Bechtle has partnerships with various signature providers and manufacturers of signature technology, and the solutions we implement may be designed with components from a single or multiple manufacturers. They include:
These solutions can also be embedded into DMS and ECM systems in order to automate signature processes and ensure consistent archiving of signed documents for a gapless digital workflow.
Get in touch with your Bechtle account manager today if you have any questions about electronic signatures.