7 min read

What is Digital Signature: Key to Secure Online Transactions

Last updated 23 May 2023
What is Digital Signature
What is Digital Signature: Key to Secure Online Transactions

Have you ever been curious about signing a document electronically or the difference between a regular and a digital signature?

You’re not alone. As we move towards digital documentation, grasping the concept of digital signatures is crucial.

This article will delve into the meaning, advantages, and functionality of digital signatures.


Table of Contents

What is a Digital Signature?

A digital signature is an electronic signature that helps to confirm and verify the legitimacy of a digital document or message.

By using digital signatures, it becomes possible to ascertain that the information has indeed been sent by the right person or entity, thereby ensuring its authenticity and integrity.

Also Read: What is Electronic Signature – A Comprehensive Overview


The Difference between an Electronic and a Digital Signature

A digital signature is generated using a digital certificate and bound to a document using public key infrastructure (PKI), making it more secure and tamper-evident.

On the other hand, an electronic signature refers to any electronic method used to indicate agreement or approval of a document, which can include digital signatures and other forms such as typed names or scanned images of signatures.

While both types of signatures can provide legal validity to electronic documents, digital signatures offer higher security and verification due to their use of PKI technology.

Electronic Signature

Digital Signature

It can be as simple as an image of a handwritten signature or a typed name

Utilizes a digital certificate and public key infrastructure (PKI) for added security

Relies on the authenticity of the signer’s identity based on the context of the signature

Signer’s identity is verified by a trusted third party, such as a certificate authority (CA) or trust service provider (TSP)

Can be easily replicated or falsified

Offers greater security against forgery or tampering

Often used for less sensitive documents or transactions

Recommended for important, sensitive, or legally binding documents and transactions

 


Global Digital Signature Legal Framework

Many countries worldwide have enacted laws and regulations recognizing the legal validity of digital signatures.

For example, the ESIGN Act and UETA legally recognize electronic and digital signatures in the United States.

In the European Union, Regulation (EU) No 910/2014 establishes a common legal framework for electronic trust services, including digital signatures.

On the other hand, a few countries such as Indonesia (UU ITE), Singapore (ETA), India (IT Act), Brazil (ICP-Brasil), and Canada (PIPEDA) have their laws and guidelines for using digital signatures in their country.

These regulations aim to legally recognize and enforce electronic documents and transactions while ensuring the authenticity and security of digital signatures.


Digital Signature Legal Framework in Indonesia

According to Indonesian Law Number 11 of 2008, an electronic signature consists of Electronic Information that is attached, associated, or related to other Electronic Information used to verify and authenticate.

Referring to the definitions of electronic and digital signatures above, it can be concluded that they are different entities.

Furthermore, according to Article 54 of Government Regulation No. 82 of 2012, there are two types of electronic signatures in Indonesia:

  1. Certified Electronic Signature, which is an electronic signature made through the services of an electronic certification service provider and can be proven with an electronic certificate.
  2. Non-Certified Electronic Signature, which is a signature made without using the services of an electronic certification service provider.

Therefore, the validity of digital signatures in Indonesia is only recognized if they are made through an electronic certification service provider.


Why Use Digital Signatures?

There are several reasons to use digital signatures, including:

  1. Authenticity: Digital signatures ensure the authenticity of signatories’ identities and prevent signature forgery, providing a high confidence level in the sender’s identity.
  2. Integrity: Digital signatures ensure the message’s integrity and prevent tampering during transmission, as any changes in the message after the signature invalidates the signature.
  3. Non-repudiation: Digital signatures prevent the signer from denying having signed the information later on, providing legal validity and proof of agreement.
  4. Efficiency: Digital signatures allow faster and more efficient signing and authentication processes, reducing paper usage and processing time.

Types of Digital Signatures

There are three types of digital signatures in the world, namely:

  • Simple – the most straightforward type that does not use any encryption method. Examples include signatures in emails or scanned wet signatures.
  • Basic – still without encryption, but can show changes in your document. Thus, you can know who edited, opened the document, etc.
  • Advanced – the best type that uses full cryptography technology, making the signature secure and having the same legal force as a wet signature.

How Digital Signatures Work

According to Wikipedia, the following is the process of how digital signatures work and their verification process:

  • Initially, the message sender calculates the message’s Message Digest (MD). You can obtain this by converting message M with a one-way hash function.
  • Next, the MD is encrypted using a private key cryptography algorithm like the RSA algorithm. The resulting encryption is called a digital signature (S).
  • Then, the digital signature (S) is placed on the message M.
  • Finally, the signed message M is sent using a communication channel.

When message M reaches the receiver, a verification process occurs to prove the message’s authenticity. The verification process is as follows:

  • The digital signature (S) is opened (decrypted) using the public key given to the receiver. This process will produce the Message Digest (MD).
  • The receiver then converts M into MD using a one-way hash function. This hash is similar to the one used by the sender.
  • If the result is MD = MD, the received signature is valid and genuine from the correct sender.

Advantages of Digital Signatures

In summary, the following are the advantages of digital signatures:

  • It saves time as you can sign from anywhere without distance barriers.
  • Increases productivity due to the ability to sign quickly.
  • It avoids document damage, as physical documents may wear out over time or be lost.
  • Enables a paperless and environmentally friendly process.
  • Increases security, as digital signatures can be validated and authenticated easily.

Weaknesses of Digital Signatures

Meanwhile, here are some weaknesses of digital signatures:

  • It is still a relatively new technology, so many people need more understanding and education.
  • Simple digital signatures (uncertified), such as those made through scanning or Microsoft Paint, are very insecure and easily forged.

Examples of Digital Signature Usage

Here are some examples of sectors that frequently use digital signatures in real life:

  • Banking — credit card transactions where you will be asked to place a signature on a particular device as a validation method.
  • Fintech — fintech applications require you to perform digital signatures to access some features, such as buying and selling assets, changing identity, etc.
  • Healthcare — digital signatures can speed up obtaining signatures from patients, doctors, and insurance companies.
  • Production — many companies worldwide use standard ISO digital signatures to speed up production processes, improve quality, etc.
  • Law — digital signatures have good evidentiary power for legal purposes or as evidence in court.

How to Send a Digital Signature

Here’s how to send a digital signature through a certified provider such as Mekari Sign:

  1. Ensure you have created a digital signature in Mekari Sign and followed the steps to select the storage folder.
  2. After selecting the storage folder, you can enter the email addresses of the signatories.
  3. In addition, you can also enter an email subject and message. This is to provide clear information about this digital signature.
  4. Finally, click Send Document in the top right corner.

Conclusion

Digital signatures are essential for anyone who securely and efficiently validates and verifies digital messages and documents.

With the increasing adoption of digital transactions, understanding and utilizing digital signature technology is becoming more critical.

If you want to use digital signatures, check out Mekari Sign, a user-friendly digital signature platform offering advanced security features to protect your data.

Sign up today and start using digital signatures with confidence!

Try Mekari Sign now!

Category : Blog
WhatsApp WhatsApp Sales