Reason 1: All parties need an account to sign
This depends first and foremost on the type of signature. In the case of an EES and an FES, most digital signature solutions, whether cloud-based or with a different security architecture, enable a simple and trouble-free signature process. With these, it is sufficient for the initiator of the signature to have an account with the corresponding service. The recipient of the document and thus of the signature, on the other hand, does not need such an account to be able to execute the signature electronically.
The only difference is with a QES, because of the security levels required for it. Since this type of signature has the highest possible legal validity, more data is required than for the other two versions. In addition, this type of signature is mandatory for certain documents. Basically, this means that all parties or signers must be in possession of a QES and thus be subject to the guidelines for identification and authentication.
Reason 2: E-signatures can hardly or not at all be traced back
Assumption and reality are very far apart in this misconception. In addition to the legally binding nature that secure e-signature solutions offer, these solutions also provide the possibility of authentication for the respective signers. The signed document is linked to the e-signature as well as the result of the authentication.
Flexibility should be provided by different authentication methods so that different authentication steps can be performed in the same transaction. Ideally, this solution fits the exact requirements of a company.
By providing a digital audit trail of any transaction, electronic signatures therefore not only offer good transparency, but also contribute directly to better compliance. This is in stark contrast to traditional paper-based systems, where there is hardly any way to determine afterwards who signed, when and where, and in what order. Electronic signatures therefore represent an undeniable advantage here.
Reason 3: Security concerns, information/documents may fall into the hands of third parties
Concerns about data security are unjustified for many reasons, at least if an eIDAS-compliant signature solution is used, for the following reasons:
In order to meet the security requirements of the EU, as regulated by law, the bodies responsible for issuing signature certificates must be certified. Of course, there is a great variety of providers of electronic signatures, which is also accompanied by a great disparity in this regard. At TrustCerts, for example, we only use German data centers that have also been certified by the BSI (German Federal Office for Information Security) in order to be able to offer and establish the highest possible level of security and the trust that goes with it. It does not matter where the signing or verification takes place.
If the data is transmitted electronically, it is protected by authentication techniques such as the signer's username and password, which ensure that only those who should have access can view the information. Transport encryption typically requires both a username and password (or, as with QES, a TAN) for verification. However, when signatures are transmitted, two-factor authentication may also be required by the signature recipient. For further information on electronic signatures and their security, please refer to a publication by the BSI: https://www.bsi.bund.de/DE/Themen/Oeffentliche-Verwaltung/Moderner-Staat/ElektronischeSignatur/elektronischesignatur_node.html
Reason 4: Electronic signatures require card readers and other hardware
Card readers, additional software, signature cards/ smart cards and other hardware applications are now completely superfluous. This is primarily due to the eIDAS regulation. This regulates remote signatures, among other things, and thus brings them into line with the present, i.e. the increasing security of encryption.
The private signature keys required in each case are created on the servers of the trust service providers, making them accessible worldwide without restrictions. Finally, mobile signing can be enabled using smartphones, tablets or laptops.
Reason 5: Electronic signatures are the image of a handwritten signature
A still widespread misconception is that the electronic signature is nothing more than a visual placeholder for one's own handwritten signature on digital documents.
This cannot be true for the very reason that electronic signatures are not an image file but, on the contrary, a cryptographic process. This means that the so-called hash value of a document, i.e. a unique mathematical checksum, is calculated together with the information regarding the person by a digital certificate in order to guarantee the encryption. How this works in detail will be explained in more detail in another article. Overall, the signature is thus inseparably linked to the electronic document, thus ensuring the integrity of the document. In the main, this is the case with advanced encryption, or Advanced Encryption Standard (AES) and QES.
Scanned signatures also exist, but these are found in the context of the simple electronic signature (EES). This signature does not have any sophisticated encryption and thus naturally has less probative value, as does the security level. How this is regulated in more detail in European law can be seen here: https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=CELEX:32014R0910
Reason 6: Complex contracts no longer require further human action
The challenges posed by the pandemic and the associated, albeit temporary, move away from face-to-face contact, be it in branches or appointment customer meetings, led to an intensified use of digital customer services. Above all, digital services were a prerequisite for continuing to ensure smooth business processes.
Nevertheless, to date, human interaction remains the focus for clearly defined services, such as lending or asset management.
This is where more advanced digital services help, especially in the area of customer care, seamlessly integrating digital technologies human interaction into the design of contract processes.
Examples of such aids include integrated electronic signatures, web-based video conferencing applications, and collaboration functions. These enable face-to-face meetings, which means that even more complex contracts can be processed and concluded simply and efficiently digitally.
This article has cleared up some of the misconceptions that customers have about electronic signatures, as well as some of the myths surrounding them. There are certainly a few more, which we will continue to address in this blog in the future. The misconceptions and myths surrounding the current transformation to digital everyday life will continue to accompany us for some time to come, so it is very important to us to provide the appropriate clarification, because it is our concern at TrustCerts to communicate our technology in such a way that everyone can understand it. In this way, we want to contribute to the transformation of the processes in which we ourselves are involved, so that these can be grasped as well as attacked by everyone and so that the change within the company is not started too late due to false caution or misunderstood technology, which leads to a variety of disadvantages.
If you are thinking about using an electronic signature service, we recommend our TrustSigner: https://www.trustcerts.de/loesungen/preisgestaltung/dokumente_signieren/