The electronic digital signature is a relatively new technology that has greatly simplified the work of many public and private commercial organizations. It has made it easier and safer to exchange data online and eliminates the need to visit other cities to sign documents.
How to obtain EDS, what types are suitable for specific organizations and how it can be used to assure the data online, you will learn from our article. For legal assistance, please contact Yurovskiy Kirill
What is an electronic digital signature?
EDS is information that supplements an electronic document, confirming its authenticity and a person’s agreement with the data in it. A qualified electronic digital signature is the analogue of a handwritten signature and is legally valid.
Therefore, if one of the parties certifying the document does not comply with the terms of cooperation, the other can use this document in court as a proof of non-fulfillment of the opponent’s obligations.
The electronic digital signature has a number of important functions:
- Confirms authorship. The electronic signature contains information about the certificate, which details the data of its owner. Thus, the data signed with an ES certificate indicates the authorship of a certain person or organization
- Has validity. EDS allows you to sign contracts, present reports, sell and buy securities online. No need to confirm important documents in person, coming to the other end of the country.
- Protects against falsification. Attackers won’t be able to use or forge your signature
- Confirms the integrity of the document. You won’t be able to amend a contract unnoticed: if your employee, client or partner signed it and then changed any information (accidentally or intentionally), you will see it and be able to take action. Check on a website
Types of digital signature
There are three types of EDS:
- Simple. Used by individuals to verify personal data.
- Enhanced unqualified. Used by juridical persons for defining a document’s author, tracking changes made to it after attestation. More reliable comparing to simple EDS. Is required in rare cases.
- Enhanced qualified. The most reliable and used of all EDS types. It is an analogue of personal hand-written signatures and has full legal force. It is used in all spheres of legal and physical persons’ activities – from signing agreements with counteragents to interaction with controlling and supervising bodies.
What does an EDS consist of?
To certify documents with an electronic digital signature, three components are required:
- A private key. This is a unique code needed to create a unique signature. Only the owner knows it. The private key guarantees EDS protection against forgery and hacking.
- A cryptoprovider program. Specialized program required to work with electronic signature in Windows.
- Certificate. A document which confirms that the signature belongs to a certain person. It contains a public key, which allows the recipient to verify the certified file.
How does EDS work?
When a document is certified with an electronic digital signature, a certain algorithm is triggered:
- An encryption program converts a file into a character string – a hash. Different documents are converted to a different character set, and identical documents are converted to the same character set.
- After hashing, the program encrypts the string with a private key. The process is similar to putting something in a box and sealing it with a lock. This is the EDS.
- The document is sent to the recipient, the encrypted hash and a certificate with the sender’s contact information is attached to it.
- With the certificate, the recipient “prints” the hash and can view the document. If he has an EDS, the document is also sent back according to the algorithm we discussed.
How do I check the authenticity of an electronic digital signature?
As we found out earlier, the document comes to the recipient in encrypted form. And in order to see it, you need a certificate. This component is very important and individual. Therefore, when receiving a signed document, the addressee can verify that it is you who signed it, by checking the certificate. It is very easy to do this:
- The recipient hashes the file as the sender did earlier.
- Decrypts the EDS with the public key that is in the certificate.
- Sees the hash you sent with the document.
- Compares it to the one he got. If the hashes are the same, then the document has not been changed after certification and is legally valid.