Electronic signature facts for kids
An electronic signature is a way to agree to something using electronic information.
For a long time, people have used contracts to show that two groups or people agree on something. They often write down their agreement and both sign it. Today, many documents are sent online. So, we still need a way to show agreement in the digital world. That's where an electronic signature helps!
The idea of electronic signatures isn't new. Even in the mid-1800s, some laws accepted signatures sent by telegraph. Later, in the 1980s, signatures sent by fax machine were also accepted.
Electronic signatures come in different types. All types can prove that someone agreed to something. Some types can also protect the information from being changed easily. They can even legally prove who agreed. To do this, they use ideas from public-key cryptography. These ideas include digital signatures, certificates, and special codes called hash codes. An electronic signature often includes a timestamp. This shows exactly when the signature was made. Just like cryptography, electronic signatures can be used for any kind of digital information.
Even though electronic signatures often use cryptography, the term has a special legal meaning. This is different from the technical term digital signature. Many countries have rules that make some electronic signatures as good as a handwritten signature for many important things.
There are different ways to create an electronic signature. Many countries have rules about what these signatures must be like. Good examples of these rules are eIDAS in the European Union, NIST-DSS in the United States, and ZertES in Switzerland.
Contents
What are the Different Kinds of Electronic Signatures?
Electronic signatures have different levels of security and legal power. Here's a simple way to understand them:
| Type of Signature | Electronic Signature | Advanced Electronic Signature | Qualified Electronic Signature |
|---|---|---|---|
| How secure is it? | Low | High | Very high |
| Example | An email where you type your name at the end. | An email that uses a special digital signature to prove it's from you. | An email that needs a special digital certificate to open. This certificate is usually on a smart card. You might need a password or fingerprint to use the smart card. The company that gave you the certificate also checked your identity. |
| Can you tell if the message was changed? | No | Yes | Yes |
| Can the signer be legally identified? | No | No | Yes |
| Is it like a handwritten signature legally? | No | Sometimes, for certain cases | Yes |
How a Qualified Electronic Signature Works
This picture shows how a digital signature works, especially for a "qualified electronic signature." It explains how someone signs a document and how others can check that the signature is real.
What is an Advanced Electronic Signature?
For an electronic signature to be called "advanced," it needs to meet a few important rules:
- The person who signs can be clearly identified and linked to their signature.
- The signer must be the only one who controls the special information (like a private key) used to create the signature.
- The signature must be able to show if the information it's attached to has been changed after it was signed.
- If the information *has* been changed, the signature must become invalid. This means it won't work anymore.
What is a Qualified Electronic Signature?
A qualified electronic signature is a very secure type of electronic signature. It follows strict rules, like the EU Regulation No 910/2014 (called the eIDAS Regulation) for online deals in Europe. It helps prove who made a digital statement over a long time. Qualified electronic signatures are considered the digital version of a handwritten signature.
Qualified electronic signatures use digital certificates. These certificates are given out by special, trusted companies. The certificate and a secret key are kept very safely, often on a smart card. To use the information on the smart card, the user must prove who they are. This is usually done with a password or biometric data, like a fingerprint. The company that gives out the certificate also checks the user's identity very carefully, often by looking at official government ID documents.
Besides the rules for an "advanced electronic signature," a qualified electronic signature also legally identifies the person who signed it to the authorities.
See also
In Spanish: Firma electrónica para niños
