Qualified e–signature exchange: What it is and why it matters

At the very most basic level, a signature is a method of recording the agreement of a particular individual to the content of a document in a way that is uniquely attributable to them.

Of course, historically, and still today, signatures were most commonly recorded in black ink on paper, and witnessed by an independent party, where considered necessary.

What are the problems with paper-based signing and Standard e-Signatures?

There are two significant problems with the paper-based signing of documents.

The first is a practical issue. With the ubiquity of home working, email, electronic document transfer packages, and cloud-based and paperless working, physical signatures are becoming increasingly less convenient both for businesses and individuals.

Signatories of paper documents either must wait for postal delivery, or to print documents themselves and return them. They must also arrange for signings to be witnessed in person. The second is the vulnerability of physical signatures to fraud. The frequency of inheritance disputes concerning the authenticity of a Will shows the extent of the fraud risk associated with paper signatures. Physical signatures could simply be copied and often vary considerably, meaning that fraudsters do not need to be 100 per cent accurate in replicating a signature. There is also a risk of documents being intercepted in the post or tampered with after they have been signed.

Although Standard e-Signatures are widely used across many use cases, they do not require any type of signer identification and so are more risky for higher value transactions such as the signing of deeds or items where monies are associated. Advanced e-Signatures uniquely link the e-signature to a document through a series of authentication processes, however, these too are open to fraud for higher risk transactions.

What is qualified e-signature exchange?

Qualified e-signature exchange (QES) is a method of recording signatures electronically and remotely, which reliably links a specific person to the act of signing. As a result, it significantly reduces the potential for fraud that exists with paper-based signing and less secure methods of electronic signing.

A qualified e-signature is an electronic signature that meets the requirements of the ICO and the European Union’s eIDAS regulation on electronic identification and trust services for electronic transactions. Qualified e-signatures are based on Advanced Electronic Signatures (AdESs) and are created using a Qualified Signature Creation Device (QSCD).

To be considered a Qualified e-signature, an electronic signature must meet the following requirements:

  • The signatory must be linked and uniquely identified to the e-signature.
  • The data used to create the e-signature must be under the sole control of the signatory.
  • The e-signature must be capable of detecting any changes to the data since the eSignature was applied.
  • The e-signature must ensure that the signatory has control over their private key.
  • The e-signature must keep data confidential and protected from forgery.

Specialised software and Near Field Communications (NFC)-based technology with anti-tamper and anti-spoofing face identity checking with liveness detection are used to assist with e-signature validation and identity verification.

Why do qualified e-signatures matter?

Qualified e-signatures are considered to be the highest level of electronic signature and have the same legal effect as a handwritten signature.

They are substantially more secure than virtually all paper-based methods of signature recording and negate various opportunities for fraud, whether by way of forgery, corruption or tampering. At the same time, they allow businesses to maximise the wider benefits of secure document transfers and cloud-based working, because matters can remain in the cloud without the interruption of hard-copy paperwork and the need to store those hard copies.

There is a growing move towards Qualified e-Signatures as businesses recognise that the benefits they gain in minimising fraud risk and getting a level of sureity on who is behind the e-signature far outweigh the increase in costs.

How can I begin using qualified e-signatures?

Implementing Qualified e-signatures in your business processes is straightforward and can be achieved through the use of a simple API, connecting VirtualSignature-ID to your existing software platforms, allowing Adobe PDFsto be imported and used.

To find out more about how we can help you integrate Qualified e-signatures into your processes so you can enjoy the full benefit of the cloud and high level security features, contact us today.

Get in Touch

VirtualSignature-ID is a UK Government approved Identity Service Provider (IDSP) that offers professional services firms a suite of end-to-end eSignature, ID verification, AML and KYC solutions that can be incorporated into existing workflows and case, practice and document management systems. If you would like to find out more about how can help with your digital onboarding or discuss a particular solution that will fit your organisation’s requirements, then give our team a call on 0333 335 5176 or contact us and we’ll be pleased to demonstrate how the platform works.

For news and updates, you can follow us on Twitter and LinkedIn.