Tuesday, May 24, 2022

What makes electronic signatures secure for business usage?


An electronic signature is a legally valid and efficient way to get approvals on electronic documents. It replaces physical signatures almost completely. Electronic signatures are secure and verifiable. They address all the issues with handwritten signatures. Adoption rate of E-signature solutions is on the rise in India as it is around the world.


Tampering of paper documents and forgery of signatures is quite easy. How does one know if the paper has really been signed by the intended signer? One cannot.


An electronic signature on the other hand establishes beyond doubt the identity of the signer by performing multi-factor authentication. The typical factors used are email id, mobile number, access id, login credentials (such as Active Directory). The digital signature solution maintains the audit trail for traceability. It includes IP address of the signer’s system, timestamp as well as the reason for signing. Also once the document is signed, it is sealed or made tamper evident by certifying it using a PKI digital signature certificate.


Signatures done using digital signature certificates are also one kind of electronic signatures. The signature certificates are issued by a Certifying Authority after verification of the identity of the applicant. This ensures that the signatures are verifiable. Also, most signature certificates are issued in a FIPS 140-2 secure hardware device like a USB token or HSM. Also, every certificate is password protected thus providing multi-level authentication.


In the context of an enterprise, the digital signature solution TRUESigner is built in a way that builds a strong security framework ensuring only bonafide access to the signatures from authorized individuals and from whitelisted IP addresses only.


Thus, electronic signatures help with the last mile digitization in a safe, secure and scalable manner.