- eSignature
- Blog
What are advanced and qualified electronic signatures?
Table of contents
A digital signature is a type of electronic signature that uses cryptographic technology to create a digital certificate, to provide proof of an identity. By creating a unique digital fingerprint, digital signatures provide the highest level of security assurance by verifying the signer’s identity.
Advanced Electronic Signatures (AES) and Qualified Electronic Signatures (QES) are both types of digital signatures and are backed with cryptography and provide security assurance of varying levels.
Digital signatures assure that:
- The document has not been tampered with since being digitally signed as the signature would be displayed as invalid if changes were made.
Among the various types of electronic signatures, advanced and qualified electronic signatures stand out as the gold standard for security and compliance. Let's look at what these signatures entail and how they contribute to a secure and efficient document signing process.
There are three types of eSignatures, each offering varying levels of security and verification requirements:
Simple electronic signature (SES)
SES is the most basic type of electronic signature. ID verification isn’t required as knowing the signer’s email address is enough for validity. Due to its simple nature, this type of signature can be used in day-to-day activities such as signing a sales order form.
- No registration required
- Authentication is optional
- Optimized customer experience and time-to-market
Advanced electronic signature (AES)
Unlike a SES signature, an AES requires additional user authentication. Signers will need to prove their identity with relevant documentation and can be asked to provide a unique access code. To complete the agreement, a digital certificate must be generated and attached.
- Relies on international standards
- Incorporates digital identity and multi-factor authentication
- Burden of proof is on the business
Examples of AES include a phone number, a student ID, an email address, a birthday, and more. So MFA, like SMS, KBA, and more are typically associated with AES.
Qualified electronic signature (QES)
The QES signature offers a higher level of security and helps businesses to safeguard compliance. This type of e-signature is based on a digital signature created through a qualified signature creation device (QSCD) such as a smart card or USB token using a unique key and digital certificate known as a qualified certificate assigned to an individual person. The digital signature is important because it applies a time stamp and electronic seal to the document. The qualified certificate and associated key must be obtained from a qualified Trust Service Provider (TSP or QTSP) and must be provided on a supported electronic signature creation device to use with a computer system.
- In certain use cases, the law requires the use of a Qualified Electronic Signature
- Requires face-to face identity verification
- Burden of proof is on the signatory
Examples of QES include utilizing verification via a mobile app, a username/password combo, a video call, and more detailed MFA like biometric comparison, ID verification, and more.
The eSignature process
Before signing a document with Conga Sign, the sender securely uploads the electronic documents. The signatory then accesses the documents through supported channels and authentication methods.
- Prior to e-signing, the electronic documents are securely added to Conga Sign by the sender.
- The signatory enters Conga Sign through one of its supported channels and authentication methods before accessing the documents.
- The signer inserts their smart card into the reader and e-signs the documents as required by clicking the "Click to Sign" signature blocks.
- As each document is e-signed, the Qualified Electronic Signatures are secured by digital signatures created using the qualified certificate, which in this example is stored on the smart card that is connected to the computer.
- In each case, this action requires a PIN or password to complete the process.
The result is a secure, tamper-evident s-signed PDF. Conga Sign guarantees the integrity of the e-signed documents and visibly invalidates the documents if any changes are made. What's more, all of the information gathered during the signing process—like who signed, in what order, when, where, which qualified certificate was used, etc.—are captured in a detailed audit trail that is permanently embedded within the signed PDF.
eSignatures offer many different levels of authentication and verification, enabling businesses to streamline processes while safeguarding the integrity of their documents. With digital signatures, the future of secure and efficient document signing is here, empowering organizations to thrive in the digital age.
Conga Sign
Conga Sign offers a range of ID verification and authentication options, so you can get documents electronically signed with confidence. With Conga Sign, you have the flexibility to choose the level of security you need. To learn more about collecting signatures from any device, anywhere—securely, request a free Conga Sign demo.
- eSignature
- Blog