Trustworthiness
of the inSign signature
You have received an electronic document processed with inSign containing digital signatures? Please find here everything you need to know.
What is the legal binding force of the electronic signature?
Advanced electronic signature (AES)
An advanced electronic signature is placed with the finger or a suitable pen. It looks like a handwritten signature on paper.
In addition to the signature image, biometric data is recorded and attached to the PDF in encrypted form. By means of an expert opinion, the signature can be assigned to a person and thus proven valid.
In addition to the signature image, biometric data is recorded and attached to the PDF in encrypted form. By means of an expert opinion, the signature can be assigned to a person and thus proven valid.
Qualified electronic signature (QES)
The qualified electronic signature is created with a personal certificate and a PIN/TAN. After signing, the document contains a seal with the name of the trust service provider and the note "Signed by... on... at…".
An identity check takes place before the first signature. Thus, the signature is provable, as it can be mapped to the signatory.
An identity check takes place before the first signature. Thus, the signature is provable, as it can be mapped to the signatory.
Simple electronic signature (SES)
A simple electronic signature is made by typing the name on the keyboard. The document contains a stamp with the note "Signed via keyboard by... at...".
For this signature it is more difficult to prove validity than for the advanced and qualified electronic signature. It is hardly possible to determine whether the signature at hand was made by a specific person.
For this signature it is more difficult to prove validity than for the advanced and qualified electronic signature. It is hardly possible to determine whether the signature at hand was made by a specific person.
All signature types are legally secure according to the eIDAS Regulation but differ in their provability.
How do I recognize if my document has been tampered with?
Opening your document using a corresponding application (e.g. Adobe Acrobat Reader), various metadata in addition to the actual content can be viewed. Please ensure that the document and all revisions have been signed with a certificate. This verifies that the document’s contents have not been subsequently modified.
If your document has been tampered with after signing, it gets marked by a red X and the following message
“The signature is not valid. After signing the document has been altered or tampered with.”
How to recognize a genuine inSign document?
It depends how you open your PDF document.
Adobe Reader
Select under the menu item “View” – “Navigation Panes” – “Signatures”. Open your document in Adobe Reader. Click the signature field, then “Signature properties” followed by “Display signatory’s certificate”. The “Summary” tab should display any of the following certificates:
Adobe Reader
Select under the menu item “View” – “Navigation Panes” – “Signatures”. Open your document in Adobe Reader. Click the signature field, then “Signature properties” followed by “Display signatory’s certificate”. The “Summary” tab should display any of the following certificates:
Foxit Reader
If you use “Foxit Reader”, you can proceed in the same way as you would using Adobe. Click the signature field, then “Signature properties” followed by “View certificate”.
Browserviewer
Unfortunately, the Chrome, Firefox, Edge and Safari browser viewers cannot display any certificate information. Therefore, it cannot be verified if the document is a genuine inSign document.
Please note: All documents containing a certificate issued before 06/12/2019 will be marked with the status “UNKNOWN”. Most documents that contain a certificate issued after 12/06/2019 will be marked with the status “VALID”. The status depends on whether the certificate used is based on a ROOT certificate listed on the EUTL (European Trust List). The biometric data is stored in the PDF document correctly in both cases.
If you use “Foxit Reader”, you can proceed in the same way as you would using Adobe. Click the signature field, then “Signature properties” followed by “View certificate”.
Browserviewer
Unfortunately, the Chrome, Firefox, Edge and Safari browser viewers cannot display any certificate information. Therefore, it cannot be verified if the document is a genuine inSign document.
Please note: All documents containing a certificate issued before 06/12/2019 will be marked with the status “UNKNOWN”. Most documents that contain a certificate issued after 12/06/2019 will be marked with the status “VALID”. The status depends on whether the certificate used is based on a ROOT certificate listed on the EUTL (European Trust List). The biometric data is stored in the PDF document correctly in both cases.
Why are certificates limited in time?
Qualified certificates are never valid indefinitely. It is possible for your certificate to stay valid beyond its expiration date. The most important thing is that the certificate was valid at the time of signing.
What are the advantages of digitally signed documents?
A document containing digital signatures will be existing in its original quality in years to come. Ink-on-paper signatures, however, fade over time. This makes it nearly impossible to provide evidential value by subsequent digitization of the signature, i. e. by scanning and destroying the original.
Specific questions on signature types
AES:
How can I find out which key was used to encrypt the biometric data?
How can I find out which key was used to encrypt biometric data?
Since December 2020, information and metadata about the creator of the key are stored in the PDF document. To retrieve this information, start by opening the document in Adobe Reader. Then click on a signature field and then on “Signature Properties”.
QES:
How to validate a qualified electronic signature?
There are various online validation services, e.g. one of them is being offered on the website of the European Commission:
https://ec.europa.eu/cefdigital/DSS/webapp-demo/validation
Our customers trust
Would you like to use inSign for your day-to-day business?
Just give it a try, it is easy as pie.
