What is the difference between a Digital Signature and an Electronic Signature | DocuSign

What differentiates a digital signature from an e-signature?

Digital signatures can be used to sign agreements and contracts online, but what is the difference between a digital signature and an electronic signature? In this article, we give an overview of the differences between an electronic signature and a digital signature and in what instances you might use each of them. 

What is an electronic signature, and what is a digital signature?

Electronic signatures are a category of methods for signing a document. Electronic signatures are fast to set up and simple to create. DocuSign eSignature is an example of electronic signature software. You can use electronic signatures on many different types of contracts. Here are 10 documents you can sign online with an electronic signature. In contrast, a digital signature is one type of electronic signature, and it’s usually used in industries that are regulated or where additional verification of identity is required. The use of a digital signature online proves that the signers have confirmed their identities. There are a range of digital signature types for which digital certificates can be issued to signers in real-time. Digital signature technology can be used with an electronic signature to make a document more secure, and digital signatures usually have a detailed audit trail which enables parties to identify when specific changes have been made to a document, who it’s been signed by and by when. 

What is a Digital Signature?

So, what is a digital signature, and how do you use one online? Digital signatures are digital records that offer additional safeguards against tampering and forgery. Some say that digital signatures are like electronic “fingerprints. Digital signatures are based on a technology standard called Public Key Infrastructure (PKI). PKI is used to create a tamper-evident “digital certificate” that is unique - it associates each signer with a document. They provide a higher level of authentication than a basic electronic signature. Digital signatures comply with strict regulations, including the European eIDAS regulation and the Electronic Identification and Trust Services for  Electronic Transactions regulations. 

Two digital signature levels are accepted online in the UK that provide a stronger signer authentication or ID verification than a simple electronic signature (SES). Both of these methods offer legal validity and extra security when signing documents:

  • Advanced Electronic Signature (AES) - If you create a digital signature online using AES, it will include additional authentication steps. 
    • Signers are asked to produce a document to confirm their identity along with a unique access code following the signing. The identification required may be a passport or Driving Licence, for example. 
    • A digital certificate is generated and attached as part of this transaction and should be linked to detect any subsequent changes. This way of signing is usually used when the transaction taking place is of a high value.
  • Qualified Electronic Signatures (QES): A QES requires that a digital certificate is issued by a QTSP - a qualified trust service provider via a Qualified Signature Creation Device. This requires that the person signing the document has face-to-face identity verification from a QTSP. It’s used when even more advanced security measures are needed than that offered by AES. It’s the digital equivalent of a handwritten signature. The QES is legally valid and corresponds to a handwritten signature in Germany and throughout Europe. 

When would you most likely use a digital signature rather than an electronic signature?

Regulated industries, governmental entities or specific European use cases may require or prefer digital certificate-based signatures, as they offer a heightened level of identity verification and assurance compared to electronic signatures.

Advanced Electronic Signatures are often required for financial services transactions or those involving legal or government documents. Advanced Electronic Signatures are often required by HR when onboarding new employees, too. Digital signatures are often used when an extra form of identity is required. There are a few instances where a QES is required by national law for certain agreements, and only qualified electronic signatures are explicitly recognised to have the equivalent legal effect of hand-written signatures all over the EU Member States. Additionally, organisations may choose it for certain agreements. For example, TeleDoctor24 have chosen to use qualified electronic signatures as they have been digitising the healthcare system by legally issuing prescriptions through their user-friendly app. They can issue a qualified electronic signature from a video call on electronic prescriptions and sick leave forms. HM Land Registry in the UK accepts witnessed electronic signatures and conducting a pilot for qualified electronic signatures in conveyancing. Here’s more information on how digital signatures work and more about the types of digital signatures available.

How does the security and verification process differ between digital and electronic signatures when using DocuSign?

There are additional forms of security completion required when using a digital signature. DocuSign is a CA. This means you can always send a document with a digital signature by using DocuSign as the Certificate Authority. Alternatively, you can use a 3rd party Certificate Authority and still access the rich features of DocuSign cloud services for transaction management. 

DocuSign offers simple, advanced and qualified electronic signatures. QES requires face-to-face identity verification or the virtual equivalent. It’s the only form of digital signature that European Union law considers as the equivalent of a handwritten signature. They are often used for high-value, regulated, or cross-border agreements. Advanced Electronic Signatures require that signatures must be linked to the signer. Advanced electronic signatures do require a level of identity verification. They are based on security certificates that uniquely identify the signer of the electronic document. There are many methods to generate and verify these AES certificates.

DocuSign and Digital Signatures Online

DocuSign is on the EU Trust List, which means that they are authorised to issue qualified electronic signatures (QES) across the EU, which are also accepted in the UK. DocuSign can also issue Advanced Electronic Signatures (AES) and provides flexible options to verify the identity of signers, including using DocuSign ID Verification. You can also find out more about digital signature support with DocuSign.

Find out more about Digital ID Verification in the UK with DocuSign. Around the world, there are international standards that specify requirements for digital signatures and the methods used to authenticate a signer. Discover more about digital signature compliance around the world.

Elsa Kesler
Demand and Content Marketing Manager