Signature methods, or how to actually sign electronically in practice

Blog Signature methods, or how to actually sign electronically in practice

Signature methods, or how to actually sign electronically in practice

Let's start with an interesting fact. Have you ever sent an email and written at the end, for example, "Regards, Jan Novák"? If so, you signed electronically. Even this simple method is considered an electronic signature under European and Czech legislation. However, in terms of digital trust, it is poor and carries absolutely no guarantees. Anyone can sign on your behalf.

Signature methods, or how to actually sign electronically in practice

Electronic signature by certificate

From the point of view of evidence and trust, electronic signatures based on certificates are the most important today. However, the certificate itself is not used to sign directly; it is the basis for knowing who created the electronic signature.

Signature certificates can also be used to create higher legal levels of electronic signatures, e.g. qualified signatures (which must be signed by state organisations) or guaranteed signatures based on a qualified certificate (which must be used to sign an electronic document with which a natural or legal person acts towards the state administration). Certificates and their associated keys can be used for signing in two basic ways:

On a local device. Either the certificate is installed directly in the operating system, or the user owns the smart card (or token). For signing, an application is then needed to facilitate the technical creation of the electronic signature and its insertion into the document to be signed. However, owning and using a certificate on a local device entails unpleasant obligations. Every year the certificate needs to be renewed, which is certainly not a happy experience for the average user. Furthermore, it is more or less complicated to sign with local devices in web applications, while it is practically impossible on mobile devices.

Remotely using a remote signature service. The provider of such a service provides a guaranteed level of electronic signatures (e.g. ICA Remote Sign qualified electronic signature or BankID Sign guaranteed electronic signature with qualified seal). In particular, the user does not have to renew his certificates himself. Their life cycle is part of the service. Furthermore, remote signing is much easier to use in web applications and thus on mobile devices, as the entire signature creation process is "handled" through commonly used techniques and protocols:

    • Integration between the signing application and the remote signature service via API,
    • Authentication of the user and authorization of the use of his certificate for electronic use.

Remote electronic signing is therefore much more suitable wherever it is not desirable to be tied toeto a specific device. This is because it offers the possibility to have a high-quality signature from virtually anywhere.

Electronic signature

Correct signature in the correct place in accordance with eIDAS.

Anytime, anywhere
Safely
For organisations

Read more

Electronic seal

Electronic seal recognised throughout the EU. Integrated with signature.

Qualified seal
Advanced seal
Plain seal

Read more

OBELISK Cloud

Digital trust as a service for paperless processes and digitization.

Comfortable
Safely
Qualified

Read more

Single Signature Certificates

One-time signature certificates enable secure and legally binding electronic signing even without prior registration. They are generated only for a specific document and a single use, thus ensuring a high level of protection and integrity of the signature. Strong authentication and secure storage of private keys are prerequisites.

This type of certificate signing is ideal for:

  • Quick and easy signing of documents with certificates without the need to issue and manage them
  • B2C processes
  • Paperless HR and more.

 

Single-use certificates meet the requirements of eIDAS and provide a legal and secure path to electronic signatures.

SMS / Certified signature

The second frequently used method of signing is the so-called certified electronic signature, or OTP (One-Time-Password) electronic signature. It is used when contracts are signed remotely, whether for insurance, rent or lease. The signer receives a One-Time-Transaction Code (OTP) via email or SMS to authorize the signature transaction. In addition, this code is "printed" into the document as part of the signature visualization. The insertion of the visualisation into the document is again done via the electronic seal of the document author (e.g. the insurance company). Again, this is a simple electronic signature, which, however, is sufficient according to the legislation for signing documents in the above examples.

Dynamic biometric signature

Biometric signing, also known as dynamic biometric signatures or handwritten biometric signatures, is one of the most common forms of electronic signatures in recent years. This signature is created using a sign-pad (signature plate) or a special tablet on which the user signs in a similar way to paper.

What's going on in the background?

When signing, not only the signature image is recorded, but also unique biometric data such as:

  • Pressure exerted on the stylus tip
  • Speed and smoothness of movement
  • Writing direction and vectors
  • Precise timing of individual moves

 

This data is encrypted and integrated with the signature image into the document via an electronic seal.

Where can you find a biometric signature?

Biometric signatures are commonly used:

  • At mobile operator branches
  • At doctors and in healthcare
  • In banks and financial institutions
  • In internal company processes, for example when signing employment contracts or other important documents

 

Although a biometric signature provides a higher level of security and authenticity, it still legally falls into the category of a simple electronic signature. This means that its legal strength depends on the context of use and the way it is stored.

Related
products and services

OBELISK Signing Portal

Consultation on the digitization of organizations

OBELISK Digitalization Platform

QTSP Accreditation

QTSP Accreditation

NATO Secret clearance

NATO Secret clearance

CSC Membership

CSC Membership

Membership of the ESD

Membership of the ESD