What’s a digital signature?

What’s a digital signature?

A certificate-based digital signature is a type of e-signature that complies with the strictest legal regulations — and provides the highest level of assurance of a signer’s identity.

A certificate-based digital signature is a type of e-signature that complies with the strictest legal regulations — and provides the highest level of assurance of a signer’s identity.

What are the benefits of digital signature certificates?

Trusted and compliant.

 

Digital IDs come from accredited TSPs to help you confidently comply with security and other regulations around the world.

Protected.

Protected.

 

Your digital signature and the PDF document are cryptographically bound and secured with a tamper-evident seal.

Unique to you.

 

Use a unique digital identity certificate and PIN to easily validate your credentials and identity.

Easy to validate.

 

The signed document and your digital signature can both be revalidated for more than 10 years. 

What makes certificate-based digital signatures so secure?

 

With a digital signature certificate, every signer is issued a digital ID in the form of a certificate from a trust service provider (TSP), such as a certificate authority (CA). When signing a document, the signer’s identity is re-validated and the signature is cryptographically bound to the document using public key infrastructure (PKI) technology. This makes digital signatures, such as cloud signatures, ideal for higher risk transactions or when you need to comply with regulations such as eIDAS in the European Union.

What’s the difference between certificate-based digital signatures and e-signatures?

 


To put it simply, electronic signature (or e-signature) is a broad term referring to any electronic process that indicates acceptance of an agreement or a record. A certificate-based digital signature (often just called a digital signature) is a specific type of e-signature.

 

Typical e-signature solutions use common electronic authentication methods to verify signer identity, such as an email address, a corporate ID, or a phone PIN. If increased security is needed, multifactor authentication may be used. Digital signatures use certificate-based digital IDs from TSPs and demonstrate proof of signing by binding each signature to the document with cryptography.

 

 

Try Adobe Sign - the simple digital signature solution for business growth.

See how easy it is for you, your customers, and co-workers to send and sign documents electronically from any device or browser, or within just about any popular application. With Adobe Sign, you can get important documents signed and delivered in minutes, not days.

How do digital signatures work?

 


A digital signature is a specific type of electronic signature that requires the signer to authenticate their identity using a certificate-based digital ID. The digital certificate is generally issued by an independent Certificate Authority (CA), which verifies the identity of the signer before issuing the certificate. Digital signature solution providers, like Adobe Sign, meet PKI requirements for secure & legal digital signing.

 

In some jurisdictions, like the European Union, a distinction is made between two types of electronic signatures that are typically implemented using certificates: Advanced Electronic Signatures (AdES) and Qualified Electronic Signatures (QES).  While both are uniquely linked to the signer, the latter requires that participants use Qualified Certificates issued by accredited CAs as well as a qualified signature creation device (QSCD), such as a smart card, USB token, or cloud-based trust service.

 

In addition to providing audit trails, with digital signature solution providers like Adobe Sign, the signed document itself can produce evidence of each participant’s signature. During the signing process, the signer’s certificate is bound to the document using the private key uniquely held by the signer. During the validation process, the reciprocal public key is extracted from the signature and used to both authenticate the signer’s identity through the trusted CA and to confirm that no changes were made to the document since it was signed.

 

 

How is Adobe Sign’s approach to digital signatures unique?

 

Adobe’s approach to digital signatures offers more flexibility than other signature solutions. With Adobe Sign, you can create end-to-end signing processes that include digital signatures, e-signatures, or a combination of the two, providing flexibility to build workflows in accordance with your own specific compliance or risk profile. It supports the full range of secure signature creation devices, including USB tokens, smart cards, and cloud-based digital certificates. And it lets you work with the certificate authority or timestamp authority of your choice, with support for hundreds of trusted authorities through the European Union Trusted List (EUTL) and the Adobe Approved Trust List (AATL).

 

With Adobe Sign, organizations in the European Union can confidently deploy signature processes in compliance with both the Advanced Electronic Signatures (AdES) and Qualified Electronic Signatures (QES) requirements specified in the new electronic identification and trust services (eIDAS) regulation.

 

 

Adobe Sign: Setting the global standard for compliance. 

Supports the broadest range of legal requirements.

Adobe Sign helps you maintain compliance with local and industry regulations, no matter your industry or where you do business. Our flexible digital signature processes comply with EU’s eIDAS regulation for advanced electronic signatures (AdES) and qualified electronic signatures (QES).

Supports the broadest range of legal requirements.

Adobe Sign helps you maintain compliance with local and industry regulations, no matter your industry or where you do business. Our flexible digital signature processes comply with EU’s eIDAS regulation for advanced electronic signatures (AdES) and qualified electronic signatures (QES).

Guidance for Industry.

Provides freedom to choose from hundreds of TSPs.

Adobe’s standards-based approach gives you the freedom to choose from hundreds of trust services providers (TSPs), including certificate authorities (CAs), so you can comply with the laws and regulations that govern your country or industry. With Adobe Sign, documents can be digitally signed, timestamped, and validated using EU Trusted Lists (EUTLs) or the global Adobe Approved Trust List (AATL).

Provides freedom to choose from hundreds of TSPs.

Adobe’s standards-based approach gives you the freedom to choose from hundreds of trust services providers (TSPs), including certificate authorities (CAs), so you can comply with the laws and regulations that govern your country or industry. With Adobe Sign, documents can be digitally signed, timestamped, and validated using EU Trusted Lists (EUTLs) or the global Adobe Approved Trust List (AATL).

Approved Trust List.

Compliance and flexibility in a single solution.

Need to use different types of e-signatures? Doing business around the world? Adobe Sign has you covered. Just select the signature workflow you need and manage risk for any type of signing transaction — from a simple e-signature to a highly regulated qualified digital signature in the cloud. Now you can always get the security and authentication you need, from one solution that offers maximum flexibility.

Compliance and flexibility in a single solution.

Need to use different types of e-signatures? Doing business around the world? Adobe Sign has you covered. Just select the signature workflow you need and manage risk for any type of signing transaction — from a simple e-signature to a highly regulated qualified digital signature in the cloud. Now you can always get the security and authentication you need, from one solution that offers maximum flexibility.

Assures compliance and flexibility.

World’s first open standard, global cloud signature.

 

Flexibility meets legal compliance with our cloud signatures — the first e-signature solution that delivers open, digital signature certificates in the cloud. And we’re setting the global standard with digital signing on mobile and web. Now you can confidently sign with advanced (AdES) and qualified (QES) e-signatures backed by trusted, compliant certificates from expert TSPs.

Flexibility meets legal compliance with our cloud signatures — the first e-signature solution that delivers open, digital signature certificates in the cloud. And we’re setting the global standard with digital signing on mobile and web. Now you can confidently sign with advanced (AdES) and qualified (QES) e-signatures backed by trusted, compliant certificates from expert TSPs.

Adobe Sign digital signature FAQ


Although sometimes used interchangeably with “electronic signature”, the term “digital signature” refers to an e-signature that is generated using a digital certificate issued by a trust service provider (TSP), such as a certificate authority (CA), after a thorough verification of your identity. A more detailed description of these types of e-signatures is a “certificate-based digital signature” or, when created remotely, a cloud signature.

When a signer uses a digital identity certificate provided by a trust service provider (TSP) as part of a document signing process in Adobe Sign, the signer’s certificate is cryptographically bound to the document using the private key uniquely held by that signer. During the validation process, the reciprocal public key is extracted from the signature and used to both authenticate the signer’s identity through the TSP and help ensure no changes were made to the document since it was signed. Additionally, the audit trail of a document signed with a certificate-based digital signature provides further information, such as the signer’s IP address or geolocation at the time the document was signed.

A cloud signature or “remote signature” is a type of certificate-based digital signature that uses standard protocols to generate an e-signature using digital identity certificates that are provided as-a-service in the cloud from an accredited trust service provider (TSP). Compared to traditional certificate methods that are based on smart cards or tokens, a cloud signature allows significantly more flexibility as they can be used easily across desktop, web, and mobile.

With over 7 billion mobile devices on the planet, cloud applications gaining broad adoption, and cyber threats at an all-time high, there is increasing market demand for secure digital solutions that also provide great user experiences. Adobe designed our cloud signatures to provide maximum flexibility with the highest level of trust and regulatory compliance for all types of signing workflows by:

 

  • Bringing higher levels of signer identity authentication to web apps and mobile devices 
  • Enabling certificate-based digital signatures in the cloud, including eIDAS advanced electronic signatures (AdES) and qualified electronic signatures (QES)
  • Helping your organization comply with local, regional, and industry regulatory requirements via our TSPs
  • Eliminating the hassle of installing desktop software, downloading documents, and plugging in USB tokens or smart cards
  • Utilizing a standards-based framework to interoperate with digital IDs and other trust services, so you have flexibility to choose the solution that best fits the risk requirements of any signing workflow

 

 

Signer authentication is a compliance essential. But different industries, countries, and regions hold signatures to different standards. For example, in the EU, the Electronic Identification and Trust Services (eIDAS) regulation has defined types of e-signatures and related legal probative value. Depending on the needs of your organisation, you can choose the trust services provider (TSP) that best fits the risk requirements for compliance of any signing workflow.
  

Trust service providers (TSPs) are companies that offer a wide range of secure identity and transactions services, including certificate authority (CA) and timestamp services. Adobe Sign lets you work with your choice of accredited TSPs, so you can confidently comply with laws or regulations governing your specific country, region, or industry.

A certificate authority (CA) issues and maintains digital identities (IDs) in the form of certificates. Once a signer’s identity is confirmed, the CA issues the certificate-based digital ID, private PIN, and/or hardware security device (such as a USB token or smart card) that can be used to apply a certificate-based digital signature, such as a cloud signature. Using a CA provides assurance that the person with the digital ID is who they claim to be. A CA is sometimes a part of a portfolio of trust services offered by a commercial vendor, such as a TSP. At other times, a CA is built and maintained internally by IT-provided services within an organization.

Timestamps accurately record the time of a signing event. When used with certificate-based digital signature technology and in compliance with relevant regulations, they provide strong legal evidence that a transaction took place at a specific point in time. Timestamps can also be configured to enable long-term validation (LTV) for up to 10 years to meet extended document retention requirements. Adobe Sign works with the Adobe qualified timestamp service or other third-party timestamp services. For more information on the Adobe timestamp service, see Adobe Trust Services.

eIDAS is the short name for EU regulation N°910/2014 which covers trust services and electronic identification (eID) for electronic transactions in the European single market to enable secure and seamless electronic interactions between businesses, citizens, and public authorities.

To achieve the highest levels of security, digital signature processes use a technology approach called Public Key Infrastructure (PKI) for encryption, signing , and certificate authentication. A PKI protects sensitive data by providing unique digital identities for users, devices and applications and secure end-to-end communications. Digital IDs are issued by CAs and TSPs that meet defined requirements. These providers, in turn, are part of a standards-based, industry-wide effort to allow verification of signer identities and document authenticity on a global scale.

 

Industries and governments publish lists of authorities that meet defined requirements. Adobe uniquely enables global validation for the entire industry through publication and management of trusted lists. Global and regional lists, like the Adobe Approved Trust List (AATL) and the European Union Trusted Lists (EUTL), are fully supported in Adobe solutions.

A digital certificate is an electronic document issued by a Certificate Authority (CA), which validates the identity of the signer. The CA issues an encrypted an digital certificate containing the applicant’s public key and a variety of other identification information.