Digital signatures in PDF/A
Digitally sign and complete legally binding business transactions faster
It wasn’t that long ago that the idea of being able to digitally sign a document and have evidence of its origin and authorship was nothing but wishful thinking. However, with PDF/A, a document specification has been created that makes all this possible. Now contracts and other business transactions executed electronically are not only legally binding but today’s reality!
The use of what are called hash functions, which work together with algorithms, is what made the electronic signature possible in the first place. Such signatures involve a private and a public key. The private key is used when attaching the signature and the public key when verifying the signature.
Sign visibly or invisibly
PDF and PDF/A documents differentiate between visible and invisible signatures. Whereas the visible signature changes the appearance of a document, the invisible signature is generally used in those cases where the security feature of an electronic signature is required, but the appearance of the document must under no circumstances be altered. The appearance stream is a common feature of both types of signatures; however the one for the invisible signature will be empty.
Are digital signatures lawful?
Laws have changed with the appearance of electronic signatures. The German Signature Act (SigG) and the Regulation to the Signature Act (SigV) stipulate the capabilities that electronic signatures must have. The German Civil Code (BGB) and Code of Civil Procedure (ZPO) determine under what circumstances an electronic signature may be used and whether it is legally binding. Only qualified electronic signatures may be used on digital documents when statutes require that a written form (with signature) be used for contracts and other agreements. In this case, the private key must be stored on a system (such as a chip card or a USB flash drive) that only allows the key to be used following authentication by the user. Still, you’ve got to be careful, because in the eyes of the law the owner of the certificate is always also the individual making the signature. The burden of proof lies with the certificate owner (i.e. the owner of the chip card or flash drive) in cases where the owner has not signed a document, despite the fact that the certificate unmistakably reveals his unique identity.
The ability to affix legally binding signatures to PDF/A documents is a boon to the growing demand for secure electronic documents. Being able to digitally institute agreements while staying on the right side of the law is no longer a pipe dream.