What is the difference between an Electronic Signature and a Digital Signature?

The term "electronic signature", or eSignature (eSign) is broadly used to encompass all types of signatures created electronically, but there are some significant differences

With Confidence.

Book a Demo

Signatures explained

To better understand electronic and digital signatures, you need to understand signatures in general. Let's take a look at the evolution of the signature - from handwritten, to electronic, and finally to digital signatures.

Handwritten signatures

"Handwritten signatures" are created when a person makes their mark by hand, on paper, using ink.

Most people are familiar with handwritten signatures. Historically, these were the most accepted method of legally binding a person to a contractual commitment.

Authentication of the signer's identity is confirmed by introducing another signer (co-signer or witness). The co-signer must be present at the time of signing. By co-signing, they confirm identity of the first signer.

Non-repudiation is very difficult with handwritten signatures, as it requires a forensic handwriting expert to prove non-repudiation.

Although far from perfect, and open to forgery right from the outset, handwritten signatures served their purpose, for a while.

GLOBAL LEGAL ACCEPTANCE

VERY HIGH

NON-REPUDIATION

LOW

Electronic Signatures

The need to sign documents electronically emerged when business transactions started migrating to digital processes.

As is often the case with new technologies, different opinions are formed before global standards are created. Electronic signatures are a prime example of how different opinions can create confusion in technology law.

Although many countries still accept electronic signatures, there is no official standard for them. So they too are more susceptible to forgery and non-repudiation is almost non-existent. Again, to prove authenticity, evidence is needed.

In essence, an electronic signature is nothing more than a digital image attached to an electronic message.

The very basic form of an electronic signature is when you write your name at the bottom of an email, for instance, "Regards, Mark". In many instances of eSign law, this form of signature still binds the sender to the content, making it legally binding under statutory provisions for ordinary electronic signatures.

Electronic signatures have been serving their purpose as a stepping-stone technology, while standards are being created and laws agreed upon, but their days are numbered.

Electronic signatures will always have their place. After all, they are fast, user-friendly, and very convenient. But if you're going to sign a legal contract that could end up in court, an advanced eSignature - or digital signature - is the way to go.

GLOBAL LEGAL ACCEPTANCE

MEDIUM

NON REPUDIATION

LOW

IDENTITY OF SIGNER

LOW

CONTENT PROTECTION

LOW

Frequently Asked Question:
What type of signature is it when you print and sign a document, then scan and e-mail it?

This question presents another interesting case on how modern technology can create confusion in the absence of updated law.

The fact is, without the presence of the original paper document that has the wet-ink signature on it, the electronic copy is nothing more than a basic electronic signature. Therefore, the signature is open to scrutiny and has no standing in a court of Law.

Instead of asking a customer to print, sign, scan and email a document, rather circulate the document via workflow and sign it with an auditable digital signature.

Digital Signatures

Digital signatures are also known as advanced electronic signatures (AES), qualified electronic signatures (QES) or trusted electronic signatures.

Across the world, digital signatures are fast becoming the only legally accepted replacement for handwritten signatures. Digital signatures offer inherent security and non-repudiation, which cannot be found in electronic signatures.

Digital signatures make use of a technology known as public-key infrastructure (PKI) cryptography. Not only does this address non-repudiation in a court of Law, but it also protects the integrity of documents and makes them tamper-evident.

GLOBAL LEGAL ACCEPTANCE

HIGH

NON REPUDIATION

STRONG

IDENTITY OF SIGNER

STRONG

CONTENT PROTECTION

VERY STRONG

Digital signature layers

What is the difference between Electronic and Digital Signatures

Electronic signature layer
The top layer of a SigniFlow digital signature is an electronic, graphical image. This represents an individual's handwritten signature. The image only has to be captured once, after which the system automatically layers the graphic image in the digital signature.

PKI signing key
Next, the top-middle (yellow) layer embeds a body of evidence about the signer and the process in the X.509 certificate. It embeds the identity of the signer, a trusted timestamp, and the public key needed to verify the signature.

Digital signature layer
The bottom-middle (red) layer stores security information about the document and the signing ceremony. When the signature is applied, it creates an encrypted hash of the document, which is signed and embedded in the PDF.

Electronic document
Every time the signature is verified, a new hash code of the document is created and compared to the original one. If so much as one Bit in the document has changed, the verification will fail. This makes the document tamper-evident.

What is an Advanced Electronic Signature?

Advanced Electronic Signatures (AES or AESign) and Qualified Electronic Signatures (QES) are standard digital signatures, but with a higher-class digital certificate.

Depending on your country, these certificates are usually issued in a face-to-face meeting, where the RA (Registration Authority) follows each CA's (Certificate Authority) pre-approved process to validate identity before issuing AES or QES certificates. These certificates are always stored on a highly secure and protected device, like a FIPS140-2 Level 2 or 3 HSM (Hardware Security Module).

SigniFlow is certificate agnostic, meaning it can sign with any of these certificates. Once the certificate is issued, you set up your SigniFlow account to point to the location of your certificate. Every time you sign, SigniFlow uses your personal digital certificate to cryptographically sign the document.

These types of signatures are the most compliant of all signatures for electronic documents.

The differences between Electronic and Digital Signatures

REQUEST A DEMO

How to verify a Digital Signature

Verifying a digital signature created requires minimal effort.

First, open the document in Adobe Acrobat® Reader. The top bar will indicate the validity of the signature on the left. If the document has changed since it was signed, the Adobe Trust indicators will show red or orange exclamation marks. This indicates that the document has been tampered with.

Then, by opening the pen icon in the middle of the left vertical bar of the PDF reader, you can view additional audit information, such as the signer's identity, TSA (Timestamp Authority) timestamp, LTV (Long-term Validation) and other properties.

SigniFlow only uses Adobe Approved Trust List (AATL) certificates to sign documents, which means every signature in the document is a digital signature that can be verified.

Additionally, you can find the signature in the document and click on it. The signature validation status, containing all of the signatory's information, will pop up. By going into the Signature Properties section, you can view further details of the certificate.

eSignatures

The only eSignature platform that allows you to choose between Electronic Signatures and Digital Signatures at no additional cost.

SigniFlow offers two types of signatures to all users. When setting up a workflow, users can set the signature type per recipient.

Request the faster, more convenient Electronic Signature for more basic contracts or internal approvals;

Or ensure maximum security and compliance with regulations by using SigniFlow's trusted free Digital Signature.

In addition, SigniFlow supports all types of internationally accredited Advanced Electronic Signatures (AES) and European Union accredited eIDAS Qualified Electronic Signatures (QES).

Effortless eSignatures, backed by big security

REQUEST A DEMO

Core eSignature Features

Included in Business License

Fast, image or font-based electronic signatures
Documents are sealed and made tamper-evident using a digital signature (seal)
A digital signature contains a Timestamp and has Long Term Validation (LTV) enabled
This eSignature is similar to, or the same type of signature as, that found as the standard offering in most competing eSign solutions, and it conforms to the specifications of BES - Basic Electronic Signature

X.509 cryptography is used to apply the signature
Supports Adobe Approved Trust List (AATL) and Adobe European Union Trust List (EUTL)
Seals the document and makes it tamper-evident every time a signature is applied
Document is sealed and tamper-evident during the workflow
Includes a TSA Trusted Timestamp in every signature
Includes Long Term Validation (PAdES_Standard_(ETSI_EN_319_142)
Supports font- and image-based eSignatures
This signature is unique to SigniFlow and is classified as a cryptographic digital signature
This signature is more secure than a BES and has the properties of an AES (Advanced Electronic Signature)

Free feature packaged with all SigniFlow Business Workflow licenses
Easily activate FaceSign when creating a workflow
Select which signers in the workflow need to take a selfie when signing
When the signer taps on the “Sign Here” button, their camera will activate and prompt them to take a selfie
The photo of the signer that is captured is embedded in the digital or electronic signature in the PDF
The photo and audit details of the capturing session are recorded in the audit log for an extended body of evidence

A quick video selfie verifies that the person is alive
Security certified as the #1 anti-spoofing, 3D liveness solution in the world
Select which signers in the workflow need to take a selfie and/or do the liveness test when signing
When the signer taps on the “Sign Here” button, their camera will activate and prompt them to undergo the liveness test
The photo of the signer that is captured during the liveness test is embedded in the digital or electronic signature in the PDF
The photo and audit details of the liveness session is recorded in the audit log for an extended body of evidence
Proves 12.8 million to 1 that that the face embedded with the signature is the person who signed the document
Paid service – per signature transactions using Liveness

The following security properties are standard in SigniFlow's digital signature offering, at no additional cost:

Digital Certificate: All signatures are created using the digital X.509 standard for public key certificates
Timestamping: Timestamping is applied through a trusted Timestamping Authority (TSA)
Long Term Validation: An embedded record of the state of the certificate at the time of signing
Tamper Evident: Document content is protected from start to end using cryptographic algorithms
3 x Audit Logs (body of evidence): PDF, SigniFlow system generated events, embedded Steganography (replicating a Write Once Read Many - or W.O.R.M. - environment)
Embedded Identity: The identity and authentication data of the signer is embedded in the digital certificate
Geolocation: The geolocation of the signer is embedded in the digital certificate

The race to zero emissions is on

Features

Businesses everywhere have spoken - and we've listened. We get you. Dealing with customers and suppliers, each with their own systems and processes, can be a tedious task.

You need more than just eSign workflow. You need an intuitive tool that understands your day at the office.

24/7 Support

We get your office hours

Finally, a software company that has actual people giving its customers - and their customers - 24/7 online support, for free. Our support ninjas are the best in the game.

Availability

Industry-leading infrastructure

Connect to any of our 8 international data centres and experience true 99.9% uptime. Over the past 24 months, we've exceeded our 99.5% uptime target across all regions.

Security

IT Security Management

Our Information Security Management System is ISO27001:2013 certified and our Quality Management System is ISO9001: 2015 certified by TÜV Rheinland.

Compliance

Compliance is our game

SigniFlow's international, segregated security infrastructure ensures customer data is processed in accordance with the most stringent international privacy and cross-border data protection laws, such as GDPR, LGPD and POPI.

The SigniFlow eSignature complies with the EU eIDAS Regulation, the US ESIGN Act, the South African ECT Act, and many other regulations around the world, including countries like Australia, United Kingdom, United Emirates, Qatar, Brazil, Argentina, Peru, Chile, Malaysia, Singapore, Vietnam, and many more.

To find out more about eSignature regulations in your country, contact us for a free consultation.

Certifications

International Best Practices

Languages

Fully Supported

FULL FEATURES OVERVIEW

Deployment Options

Cloud (SaaS)

Get your business online in minutes
Connect to any of our global Cloud services in your region. Register for a free trial account or get yourself or your business online in minutes by visiting our eSign License Plans and subscribing today.

→ Read more

Your Cloud

Own your deployment
SigniFlow's Hybrid technology allows you to deploy SigniFlow in your favourite Data Centre. We support Hypervisor Vitual Machine (VM) and modernised containerised cluster deployments, like Kubernetes.

→ Read More

On-Premise

Bring it in-house
SigniFlow Hybrid technology caters for the most demanding of security use-cases. Deploy SigniFlow in your Server room on a HyperVisor Virtual Machine environment and connect it to your legacy systems.

→ Read more

SigniFlow Hybrid Technology

Technology so powerful, it's changing the game
It's about what you want. Our Hybrid technology was developed by SigniFlow engineers over the course of 8 years, to ensure the most stringent customer demands for choice and security would be met.

Essentially, SigniFlow Hybrid technology allows any customer, in any location, to rapidly deploy their own SigniFlow instance in almost any environment, and any location. The tech does all the heavy lifting for you when it comes to cryptography, identity management, and Public Key Infrastructure (PKI). In addition, it caters to high-security use cases, where customers want to deploy on-premise behind a private firewall or use their own private PKI.

→ Read more

Core Deployment Features

SigniFlow Private Tenant licenses can be deployed in almost any data centre

Supported data centres:
- Hyperscale data centres like Azure, AWS, GCS or AliCloud
- Telecom data centres
- Enterprise data centres
- On-premise data centres
Supported deployment platforms:
- Hypervisor Virtual Machine (VM)
- Modernised containerised clusters (like Kubernetes)
- Windows IIS
SigniFlow high-availability and scaling components
- Web application
- Document Management Interface (DMI)
- Windows Service
- SQL Database (monolithic or cluster)
- Document storage (Server HDD, NAS, SAN, etc.)
Branding:
- Customised system branding (login screen and system)
- Customised email branding
Integration
- Customer-specific custom API
- Customer-specific middleware
- Customer-specific identity management
Business departments or business groups
- Single tenant or multi-tenant deployment options
Standard 24/7 global support Hybrid customer care agreement
Customised customer-specific support SLA

A SigniFlow Hosted Hybrid refers to a Private Tenant, hosted by SigniFlow.

SigniFlow offers eight data centre locations using Microsoft Azure's agile data fabric architecture running in modernised containerised Kubernetes clusters to deploy, host and manage your Private Tenant.

Data centre locations:
- Africa (Johannesburg South Africa)
- Australia (Sydney)
- Asia 1 (Singapore 1 - with SingPass Digital ID)
- Asia 2 (Singapore without SingPass ID)
- Asia 3 (Malaysia)
- Europe (Netherlands)
- Latin America (Brazil)
- United Kingdom (London)
- United States (Virginia)
Branding:
- Customised system branding (login screen and system)
- Customised email branding
Integration
- Customer-specific custom API
- Customer-specific middleware
- Customer-specific identity management
Business departments or business groups
- Single tenant or multi-tenant deployment options
Standard 24/7 global support Hybrid customer care agreement
Customised customer-specific support SLA

Why choose SigniFlow?

Increased Security

World-class, industry-leading modern infrastructure and technology that addresses the security use case.

More Choice

Brand it your way, deploy it where you want it, and sign with the compliant eSignature type of your choice.

Simplicity

A solution that offers peace of mind and simplicity, without compromising on security or compliance.

Affordability

There is no reason to pay the prices our competitors charge. Get a quotation from us and compare.

REQUEST A QUOTE

24/7 Online support

We understand your office hours. SigniFlow offers 24/7 online support to all customers.

No matter where you are and no matter what time it is, we are always online to help you meet your deadlines.

What is the difference between an Electronic Signature and a Digital Signature?

Book a Demo

Signatures explained

Handwritten signatures

GLOBAL LEGAL ACCEPTANCE

NON-REPUDIATION

Electronic Signatures

GLOBAL LEGAL ACCEPTANCE

NON REPUDIATION

IDENTITY OF SIGNER

CONTENT PROTECTION

Frequently Asked Question:What type of signature is it when you print and sign a document, then scan and e-mail it?

Digital Signatures

GLOBAL LEGAL ACCEPTANCE

NON REPUDIATION

IDENTITY OF SIGNER

CONTENT PROTECTION

Digital signature layers

What is an Advanced Electronic Signature?

How to verify a Digital Signature

eSignatures

The only eSignature platform that allows you to choose between Electronic Signatures and Digital Signatures at no additional cost.

Core eSignature Features

Included in Business License

Features

24/7 Support

Availability

Security

Compliance

Certifications

International Best Practices

Languages

Fully Supported

Deployment Options

Cloud (SaaS)

Your Cloud

On-Premise

SigniFlow Hybrid Technology

Core Deployment Features

Why choose SigniFlow?

Increased Security

More Choice

Simplicity

Affordability

24/7 Online support

Frequently Asked Question:
What type of signature is it when you print and sign a document, then scan and e-mail it?