In fact, the electronic signature makes it possible to eliminate printing, which is an important CSR initiative. From 2025 onwards, most European companies must commit to a CSR approach.
This article will examine the legal implications and the many possible uses. However, it is essential to remember that the electronic signature, like the handwritten one, represents consent and commitment from the person signing.
What is consent?
Consent is a strong act that commits the signatory in the context of an electronic signature. It must be expressed clearly, explicitly, freely, and informedly without constraint or pressure.
In a digital context, consent can take various forms, from a simple click on a box on a form to a qualified electronic signature. The choice of means of obtaining consent will depend essentially on the nature of the commitment.
How can an electronic signature have the same legal value as a handwritten signature?
For an electronic signature to have the same legal value as a handwritten signature, it must meet specific requirements. These requirements are defined by legislation.
What does the law say?
In France, the electronic signature was regulated by Law no. 2000-230 of March 13, 2000, adopted following the European Directive 1999. This law gave electronic signatures the same legal value as handwritten signatures, provided that the process was reliable.
An electronic signature is “a reliable identification process guaranteeing its link with the act to which it relates, and conferring on the latter the authenticity and, where applicable, the integrity of the data to which it refers.”
These articles stipulate that the electronic signature must be :
- Reliable, i.e., it must make it possible to identify the signatory and guarantee the integrity of the document signed;
- Durable, i.e., it must enable the link between the signature and the signed document to be maintained.
What about the eIDAS regulation?
Adopted on July 23, 2014, eIDAS (Electronic Identification And Trust Services) is a European regulation that applies to all EU member states. In this sense, eIDAS is a genuine legal innovation that aims to encourage the development of digital uses in Europe.
The eIDAS regulation has had a significant impact on electronic signatures in Europe. It has clarified and harmonized the rules applicable to electronic signatures, facilitating their deployment.
What are the 3 types of electronic signatures?
The eIDAS regulation distinguishes three types of electronic signatures: simple electronic signature, advanced electronic signature, and qualified electronic signature.
The reliability of an electronic signature is based on the signatory’s identification and the signed document’s integrity.
Uses of qualified electronic signatures
The qualified electronic signature is the most secure of all. It carries a presumption of reliability, thus reversing the burden of proof. Thus, in a dispute, the burden of proof is reversed: it is up to the person contesting its validity to prove that it is invalid. In short, qualified electronic signatures are presumed to be reliable. It, therefore, has the same value as a handwritten signature.
It is created using a QSCD (Qualified Signature Creation Device), such as a smart card or a server managed by a Qualified Trust Service Provider (QTSP). This is known as a remote QSCD.
The qualified electronic signature is based on a qualified electronic certificate delivered face-to-face or equivalent after checking the identity of its owner.
A qualified electronic signature is required for specific documents, such as authentic instruments or certain documents subject to administrative control. It is used for documents with high legal risk or regulated transactions.
The uses of advanced electronic signatures
An advanced electronic signature guarantees the authenticity and integrity of the signed document. It is created using a technical process that identifies the signatory and ensures that the document has not been altered.
To present proof of the advanced signature, it must be available, legible, and known by the signature user.
The advanced signature can be issued by a Certification Authority or a PSCQ (in the eIDAS sense).
The advanced signature is highly recommended for signing documents such as commercial contracts, credit agreements, or insurance policies requiring detailed identity verification. It guarantees the identity of the signatory. The integrity of the document is also guaranteed. In the event of a dispute, the burden of proving the authenticity of an advanced signature lies with the party wishing to assert its validity.
Uses of the simple electronic signature
The simple electronic signature is the most common type of electronic signature. However, its reliability and probative value depend on the evidence associated with it.
It is sufficient for documents with low legal or financial risks, such as purchase orders or general terms and conditions of use (GTCU).
It provides proof of the document’s integrity, even if the signatory’s electronic means of identification rely on a limited degree of reliability.
In conclusion
o be legally valid, signed documents must be protected. To avoid any dispute over proof of signature, it is therefore strongly recommended to rely on proven solutions developed by trusted service providers.
Advanced and qualified electronic signatures use a digital certificate associated with the signatory’s name and a secret key managed by be ys. The simple signature, on the other hand, is protected by a server seal affixed by be ys.
The choice of electronic signature level depends on the use and importance of the document to be signed. A high-level electronic signature will be more difficult to contest in a dispute.
Once the signing has been completed, the documents can be stored in a secure digital archive or safe to guarantee their integrity.
KYC and electronic signature: the winning bet for security
KYC (Know Your Customer) and electronic signatures are two essential security tools for companies wishing to protect their data and transactions. KYC makes it possible to identify and verify the identity of a customer or partner. It comes into play in the context of electronic signatures. In fact, they must ensure that the person signing is who they claim to be behind the screen.
There are two ways of verifying identity within the electronic signature:
- Level 1: sending identity documents (ID card or passport)
- Level 2: Level 1 + visual identification to ensure the signatory is alive and well. This identification can be done face-to-face or remotely via a PVID (Remote Identity Verification Provider).
A KYC process helps combat identity theft. Significantly, the cost of fraud weighs heavily on the global economy. A PwC study revealed that 47% of companies worldwide have been victims of fraud in the last two years. For example, the banking and insurance sector suffered an estimated 525 million euros in fraud in France in 2020.
The KYC process and electronic signature must be integrated into a fully digitized customer experience. The aim is to offer users a fluid, simple, and rapid experience.