Electronic signature and digital certificate, are both the same?

The digital transformation of companies has been accompanied by new technologies and concepts that, without adequate information, can be difficult to differentiate. 

In the business world, it is becoming increasingly common to talk about electronic signatures and digital certificates. Sometimes they are used as synonymous terms, but although both are electronic services, they are not the same. In this article we will discuss what they are, what their functions are and what particularities will help us to differentiate them. 

What is a digital certificate?

A digital certificate is an electronic document used to identify a person on a digital platform or system.  In other words, it is our identity in the virtual world. 

The European Commission's definition of a certificate in the eIDAS Regulation is: an electronic statement that links the validation data of a signature to a natural person and confirms at least the name or pseudonym of that person.

This digital accreditation allows its holder to carry out online transactions that require proof of identity. Likewise, with a digital certificate it is possible to sign documents electronically.

As it is a digital document, it is necessary to host its information in an electronic medium. For this purpose, the digital certificate can be installed in the browser, saved in a USB memory, in a computer or in the hard disk. This type of certificate is known as a software certificate. 

The digital certificate can also be stored on a qualified signature device, such as: 
- Cryptographic token
- Cryptographic card
- HSM or secure cryptographic server (Cloud).

📢 By using this type of device together with a qualified digital certificate, which is the one issued by a Qualified Trust Service Provider, we will obtain a qualified electronic signature, the only one comparable to a handwritten signature. 

The digital certificate has multiple uses and practical applications in a professional environment. Therefore, in the current context, more and more companies are issuing their employees with their own digital certificate. As a result, employees can carry out procedures and electronically sign any type of document securely from anywhere, avoiding unnecessary movement.

HOW TO DIFFERENTIATE A DIGITAL CERTIFICATE

✔️ It is an accreditation that allows authenticating and signing electronic documents.
✔️ There are different types depending on the type of holder or the scope of application.
✔️ They are classified into software or hardware type. 
✔️ They can be stored in qualified signature creation devices and obtain qualified electronic signature ( only under certain specific conditions).

What is an electronic signature?

The electronic signature is the set of data in electronic form used by the signatory to sign. Thus, it is not a signature as such, but rather, it is the name given to the digital data associated with an electronic document and which proves the signatory's acceptance or approval. 

According to the definition in the eIDAS Regulation, an electronic signature is the data in electronic format attached to or logically associated with other electronic data used by the signatory to sign. According to eIDAS , there are three types of electronic signature clearly differentiated by the level of security and legal certainty of each one of them: 

-Simple electronic signature. This is the most basic signature and the one that provides the least security to the user. This type of signature does not allow the univocal linking of the holder.
-Advanced electronic signature. At the intermediate level of security we find this type of signature uniquely linked to the signatory, thus allowing his identification. However, this signature cannot be equated with a handwritten signature. 
-Qualified electronic signature. Also called non-repudiation signature, it provides the highest level of security and maximum legal guarantees, avoiding situations of vulnerability. Despite the legal validity of any type of signature, only the qualified electronic signature is supported as full proof. 

>> Related post:  simple, advanced or qualified signature. Types of signature and their differences

HOW TO DIFFERENTIATE THE ELECTRONIC SIGNATURE

✔️ It is a tool that allows signing electronic documents.
✔️ There are 3 types of electronic signature with different levels of security.
✔️ The electronic signature can be based on a digital certificate or not.
✔️ It is not a credential to identify a person on the internet.
✔️ It is not possible to authenticate with it in electronic offices and other platforms.

Qualified electronic signature based on digital certificates: maximum guarantees and legal certainty

The nature of the electronic signature and the digital certificate are different, but they are not incompatible elements, quite the contrary. Having clarified both concepts and their functions, it is necessary to address aspects relating to the relationship between the electronic signature and the digital certificate in order to understand how their union maximizes the guarantees of security and protection.

The first thing to know is that electronic signatures can be based on a digital certificate or not. In turn, certificates are classified into two types differentiated by the issuer: unqualified digital certificates and qualified digital certificates. The latter are those issued exclusively by a Qualified Trust Service Provider and that strictly comply with the conditions established in the eIDAS Regulation. 

In order to achieve maximum guarantees, only those electronic signatures that are based on a qualified digital certificate (and that are created by means of a qualified electronic signature creation device) are considered as qualified electronic signatures, the only one comparable to handwritten signatures.

The main difference with the rest of signatures is that the qualified electronic signature based on digital certificates provides the highest level of security and the maximum legal guarantees. In addition, only the qualified electronic signature is supported as full proof and even the burden of proof is reversed in case it is challenged.

Electronic signature and issuance of digital certificates: solutions for companies

Uanataca's solutions, flexible and without initial investment, allow companies to undertake their digitalization process in a simple way and with maximum guarantees. Through innovative solutions, companies can issue digital certificates to employees as well as facilitate the electronic signature of documents to customers without sacrificing the maximum guarantees of the qualified electronic signature.  

ISSUANCE OF DIGITAL CERTIFICATES: AN AUTONOMOUS MANAGEMENT

The digital certificate issuance service allows the autonomous management of the complete life cycle of different types of certificates adapted to different scenarios and use cases.
Uanataca's digital certificate issuance process is 100% digital, multiplatform and paperless.

ONE-SHOT SIGNATURE: YOUR CUSTOMERS WILL SIGN QUICKLY AND WITH FULL LEGAL GUARANTEES

The One-Shot Signature is a solution that combines the immediacy of a simple and easy process with the maximum guarantees of the electronic signature based on qualified digital certificates.
Thanks to One-Shot Signature it is possible to sign documents with a digital certificate without the need for your customers to already have one. This avoids situations of vulnerability.