Why an E-Signature is Actually More Secure than a Physical Signature

Security & Legality |  November 13, 2014 Brooke Bates
E-signature Security

When you sign your name on a dotted line, that signature is as identifiable as your thumbprint, in some ways. But, like a thumbprint, your autograph is just a one-dimensional mark on paper – and it doesn't tell you much about what actually happened when you signed. An e-signature, on the other hand, is like a three-dimensional thumbprint. It carries layers of information about who signed what, when, where and how, creating a robust data trail that details what that e-signature really signifies. In some ways, electronic signatures can actually be more secure than their handwritten counterparts inked with pen on paper. Here's why.

Legal Matters

E-signatures gained legal footing in 2000, when Congress signed the Electronic Signatures in Global and National Commerce Act, enabling the use of electronic records and signatures for commercial transactions. President Clinton signed the act in writing as well as electronically. The law defines an electronic signature is "an electronic sound, symbol or process attached to, or associated with, a contract or other record and adopted by a person with the intent to sign." So instead of virtually signing your name, you may simply check a box or enter an identifying code to enter a legally binding agreement. But that action, as simple as it may be, carries a lot of weight.

Both federal and state laws give electronic signatures the same legal standing as "wet signatures." Forty-seven states, as well as the District of Columbia, Puerto Rico and the Virgin Islands, have adopted the Uniform Electronic Actions Act (UETA), which states that an "electronic signature may not be denied legal effect or enforceability solely because it is in electronic form." Although the other three states – New York, Illinois and Washington – haven't enacted UETA, they have similar state laws enforcing e-signatures. If the authenticity of a signature is challenged, the court will look for evidence that the signer was really the signer. In other words, they'll look a lot deeper than the signature itself. The facts, circumstances and processes surrounding the signature provide the evidence that will prove its authenticity – and all of this data comes embedded in an electronic signature. In this sense, an e-signature can actually be more secure than a handwritten one, thanks to the rich data trail comprised by the technology. Here's how it works:

E-signature Security Features

People often use "electronic signature" and "digital signature" interchangeably, but the latter is actually the technology that secures the former. A digital signature is an encryption technology used to verify the authenticity of an e-signature. In combination, these tools can collect a bounty of persuasive electronic evidence behind an actual signature. First, it authenticates user identities and ensures that people are who they claim to be when they sign. That's why you may be asked to enter personal information, such as the last four digits of your social security number. After your initial login, you may use a unique password to sign in and verify your identity for future sessions.

To further protect the document and your signature on it, e-signature technology also collects "process evidence" to prove what happened at every stage of the signing process. It does this by recording the exact steps signers go through when signing, capturing data about the appearance and order of web screens, documents and legal disclosures, and every action taken during review and signing, such as checking boxes or clicking buttons to accept and confirm records. This process evidence must be securely embedded into the document, tying together the intent of the signer with other information to support the signature.

Locked Up Tight

An e-signature solution backed by digital signature technology is sealed against tampering. Once a document is signed electronically, any attempt to edit the information will automatically render the digital signature – and therefore the electronic signature – visibly invalid. This is a noticeable advantage over a signed piece of paper, which won't necessarily alert you if it was forged or altered. In short, e-signatures pack a punch of informative data – all in one compact, streamlined package. The more information it can record, the stronger it will be. Unlike filing, storing and lugging around boxes stuffed with signed documents, electronic files are much more portable, easier to manage, and able to travel seamlessly through various archival systems. This ease of access is crucial, because electronic evidence of signatures must be accessible by all parties for the life of the record.

Plus, unlike a flammable box of papers stashed in a dark closet somewhere, the data systems that host e-signature solutions must be just as secure as the solutions themselves. Whether they are deployed on premise, on the cloud or as software-as-a-service, these data systems must meet regulatory security standards with features such as device management and intrusion detection. The security, traceability and longevity of the electronic format add dimension to the signature you're used to signing every day. These robust layers of data protect the electronic document and any associated signatures – therefore protecting the overall transaction to give e-signers peace of mind.

Brooke N. Bates is a freelance business journalist, published author, blogger and marketing consultant based in Cleveland. Before launching her freelance business, BantaMedia, she worked as a digital marketing specialist for a credit union and as editor of interactive media at a national chain of business publications, where she managed strategy and development of print, digital, social, email, video and web content. 

Subscribe to Our Blog

I would like to receive communications from OneSpan and consent to the processing of my personal data. I understand I may unsubscribe at any time.

To view how we process and manage your personal information, please visit our Privacy Policy