The E-Signature Law

in the European Union

Building trust in the online

It started with the Directive 1999/93/EC of the European

environment is key to

Parliament and of the Council of 13 December 1999 with

consumers and businesses

in order to carry out
transactions electronically.

Community Framework for electronic signatures, which

is in effect in thirty European countries (EU-27, Croatia,
Turkey and Liechtenstein).

For this reason, the European

The Directive established the legal framework at an

Union has legislated the use

European level for electronic signatures and certification

of electronic signatures.

services. The aim is to make electronic signatures easier

to use and help them become legally recognised within
the Member States.
Furthermore, Regulation No 910/2014 on electronic
identification and trust services for electronic transactions
in the internal market was approved in July 2014. The
Regulation aims to enhance the existing legislation and to
expand it to cover the mutual recognition and acceptance
at the EU level of notified electronic identification schemes
and other essential related electronic trust services.

1.1 Definitions
There are three different definitions regarding electronic signatures:

1.1.1 Electronic Signature

The electronic signature is simply data in electronic form which is attached to or logically associated
with other electronic data and which serve as a method of authentication.

1.1.2. Advanced electronic signature

In the new Regulation 9/10/2014, Article 26, the definition of advanced electronic signature is an
electronic signature that meets the following requirements:
a) it is uniquely linked to the signatory.
b) it is capable of identifying the signatory.
c) it is created using electronic signature data that the signatory can use under his sole control with
a high level of confidence.
d) it is linked to the data signed therewith in such a way that any subsequent change in the data is
detectable.

Signaturit

The E-Signature Law in the European Union | 2015

1.1.3. Qualified certificate

The qualified certificate defines a process which must in particular include specific technology:
a) an indication that it is issued as a qualified certificate.
b) the identification of the certification service provider;the name of the signatory; provision for an
specific attribute of the signatory to be included if relevant, depending on the purpose for which the
certificate is intended.
c) signature-verification data corresponding to signature-creation data under the control of the
signatory.
d) an indication of the beginning and end of the period of validity of the certificate;the identity code
of the certificate.
e) the advanced electronic signature of the issuing certification service provider.

1.2 Legal effects of electronic signatures

With the above mentioned definitions the Directive establishes the criteria for the legal recognition
of electronic signatures to give the same legal effect as a traditional paper document with a wet
signature (ink).
The main provision of the Directive states that an
electronic signature may not legally be refused
simply because:
It is in electronic form.
It is not based on a qualified certificate.
It is not based upon a qualified certificate
issued by an accredited certification service
provider.
It is not created by a secure signaturecreation device.

1.3. Admissibility into evidence

The electronic signature should demonstrate that:
The appropriate level and amount of information surrounding the signing process we retained, and
The system used to retain the information is itself reliable.

Signaturit

The E-Signature Law in the European Union | 2015

1.4. Signaturits Enforcement

Signaturit provides an advanced electronic signature by uniquely identifying the signatory with the
information provided in the audit trail and the biometric data captured during the signing process.
This data is completely in line with the data protection policies applying in the European Union and
auditable by a third party whenever necessary.
In the audit trail the signatory is identified through
email authentication, IP address and location.
All the events are timestamped using an official
timestamp provided by a Time Stamping Authority
(TSA) according to the RFC 3161 standard. It
allows to demonstrate that a series of data existed
and has not been altered from a specific moment
in time, without the possibility that the owner can
backdate the timestamps.
Non-repudiation can only be achieved when
the biometric characteristics of a signature are
captured too, and when this information is securely
bound to the signed document. Signaturits
system captures biometric data, like the speed
and acceleration of the handwritten signature, is
captured during the process that allows to uniquely
identify the signatory. This information is encrypted
and embedded to the document.

1.5. Certifications
An independent third party, Auren Servicios TIC, S.L., has audited Signaturits software and
infrastructure, to certify that we accomplish with all the legal and technical requirements to provide an
advanced electronic signature. Our solution meets those requirements, such that:
It can identify the signer, providing biometric data on a graph, the signers geolocation, the data of
the device from where it was signed and, if necessary, photographic or voice capture.
Detect any changes made to the document signed, providing a key public / private system for
both signers to the supporting document, encrypting all documents generated and ensuring data
integrity at all times.
Documentation and data generated linked to the signer, providing a hash system and unique key
that relate directly to the signer.
Created by means that are not under the signers control, the signatures are generated directly
from the signers device and can only be accessed through private accounts.

Signaturit

The E-Signature Law in the European Union | 2015

About
Signaturit
Signaturit is a solution that allows to digitally sign
documents or contracts from anu device, without
installing any application.
For more information, please contact us:
marketing@signaturit.com (ES) +34 935 511 480
www.signaturit.com
Follow us:

Copyright 2015 Signaturit Solutions, SL. All rights reserved.