13/10/2019 How Digital Signatures Work | DocuSign

FREE TRIAL CONTACT SALES

Sales: 1-877-720-2040 Support Access Documents Log In

What are digital signatures?

Digital signatures are like electronic “fingerprints.” In the form of a coded message, the digital
signature securely associates a signer with a document in a recorded transaction. Digital
signatures use a standard, accepted format, called Public Key Infrastructure (PKI), to provide
the highest levels of security and universal acceptance. They are a specific signature technology
implementation of electronic signature (eSignature).

What’s the difference between a digital signature and an electronic

signature?
The broad category of electronic signatures (eSignatures) encompasses many types of
electronic signatures. The category includes digital signatures, which are a specific technology
implementation of electronic signatures. Both digital signatures and other eSignature solutions
allow you to sign documents and authenticate the signer. However, there are differences in
purpose, technical implementation, geographical use, and legal and cultural acceptance of digital
signatures versus other types of eSignatures.

In particular, the use of digital signature technology for eSignatures varies significantly between
countries that follow open, technology-neutral eSignature laws, including the United States,
United Kingdom, Canada, and Australia, and those that follow tiered eSignature models that
prefer locally defined standards that are based on digital signature technology, including many
countries in the European Union, South America, and Asia. In addition, some industries also
support specific standards that are based on digital signature technology.
https://www.docusign.com/how-it-works/electronic-signature/digital-signature/digital-signature-faq 1/6
13/10/2019 How Digital Signatures Work | DocuSign

Want to sign online but don’t need a digital signature?

› Learn more about electronic signatures
FREE TRIAL CONTACT SALES

Sales: 1-877-720-2040 Support Access Documents Log In

How do digital signatures work?
Digital signatures, like handwritten signatures, are unique to each signer. Digital signature
solution providers, such as DocuSign, follow a specific protocol, called PKI. PKI requires the
provider to use a mathematical algorithm to generate two long numbers, called keys. One key is
public, and one key is private.

When a signer electronically signs a document, the signature is created using the signer’s private
key, which is always securely kept by the signer. The mathematical algorithm acts like a cipher,
creating data matching the signed document, called a hash, and encrypting that data. The
resulting encrypted data is the digital signature. The signature is also marked with the time that
the document was signed. If the document changes after signing, the digital signature is
invalidated.

As an example, Jane signs an agreement to sell a timeshare using her private key. The buyer
receives the document. The buyer who receives the document also receives a copy of Jane’s
public key. If the public key can’t decrypt the signature (via the cipher from which the keys were
created), it means the signature isn’t Jane’s, or has been changed since it was signed. The
signature is then considered invalid.

To protect the integrity of the signature, PKI requires that the keys be created, conducted, and
saved in a secure manner, and often requires the services of a reliable Certificate Authority
(CA). Digital signature providers, like DocuSign, meet PKI requirements for safe digital signing.

https://www.docusign.com/how-it-works/electronic-signature/digital-signature/digital-signature-faq 2/6
13/10/2019 How Digital Signatures Work | DocuSign

Get Started

FREE TRIAL CONTACT SALES

Want to know more
about our
Sales:Standards-
1-877-720-2040 Support Access Documents Log In

Based Signatures?

DIGITAL SIGNATURES

Need to talk to someone

or have more than 10
users?

CONTACT SALES

Want to try DocuSign for

free? Get your free 30-
day trial.

FREE TRIAL

Digital signature FAQs

How do I create a digital signature?

eSignature providers, such as DocuSign, that offer solutions based on digital signature
technology, make it easy to digitally sign documents. They provide an interface for sending and
signing documents online and work with the appropriate Certificate Authorities to provide trusted
digital certificates.

Depending upon the Certificate Authority you are using, you may be required to supply specific
information. There also may be restrictions and limitations on whom you send documents to for
signing and the order in which you send them. DocuSign’s interface walks you through the
process and ensures that you meet all of these requirements. When you receive a document for
signing via email, you must authenticate as per the Certificate Authority’s requirements and then
“sign” the document by filling out a form online.

What is Public Key Infrastructure (PKI)?

https://www.docusign.com/how-it-works/electronic-signature/digital-signature/digital-signature-faq 3/6
13/10/2019 How Digital Signatures Work | DocuSign

Public Key Infrastructure (PKI) is a set of requirements that allow (among other things) the
creation of digital signatures. Through PKI, each digital signature transaction includes a pair of
keys: a private key and a public key. The private key, as the name implies, is not shared and is
used only by the signer to electronically sign documents. The public FREE key isTRIAL
openly CONTACT
availableSALES
and
used by those who need to validate the signer’s electronic signature. PKI enforces additional
Sales:
requirements, such as the Certificate Authority 1-877-720-2040
(CA), Support end-user
a digital certificate, Access Documents
enrollmentLog In
software, and tools for managing, renewing, and revoking keys and certificates.

What is a Certificate Authority (CA)?

Digital signatures rely on public and private keys. Those keys have to be protected in order to
ensure safety and to avoid forgery or malicious use. When you send or sign a document, you
need assurance that the documents and the keys are created securely and that they are using
valid keys. CAs, a type of Trust Service Provider, are third-party organizations that have been
widely accepted as reliable for ensuring key security and that can provide the necessary digital
certificates. Both the entity sending the document and the recipient signing it must agree to use
a given CA.

DocuSign is also a CA when signers sign using the DocuSign Express Digital Signature. That
means you can always send a document with a digital signature by using DocuSign as the
Certificate Authority. Alternatively, you can securely establish your own CA using the DocuSign
Signature Appliance and still access the rich features of DocuSign cloud services for transaction
management. Some organizations or regions rely on other prominent CAs, and the DocuSign
platform supports them, as well. These include OpenTrust, which is widely used in European
Union countries, and SAFE-BioPharma, which is an identity credential that life science
organizations may elect to use.

Why would I use a digital signature?

Many industries and geographical regions have established eSignature standards that are based
on digital signature technology, as well as specific certified CAs, for business documents.
Following these local standards based on PKI technology and working with a trusted certificate
authority can ensure the enforceability and acceptance of an e-signature solution in each local
market. By using the PKI methodology, digital signatures utilize an international, well-understood,
standards-based technology that also helps to prevent forgery or changes to the document after
signing.

What digital signature solutions does DocuSign offer?

DocuSign Standards-Based Signatures enable you to automate and manage entire digital
workflows using DocuSign’s powerful business capabilities while staying compliant with local and
industry eSignature standards, including CFR Part 11 and the EU eIDAS regulation. In the EU,
DocuSign delivers all of the signature types defined under eIDAS, including EU Advanced
Electronic Signatures (AdES) and EU Qualified Electronic Signatures (QES).

Are eSignatures, based on digital signature technology, legally

enforceable?

https://www.docusign.com/how-it-works/electronic-signature/digital-signature/digital-signature-faq 4/6
13/10/2019 How Digital Signatures Work | DocuSign

Yes. The EU passed the EU Directive for Electronic Signatures in 1999, and the United States
passed the Electronic Signatures in Global and National Commerce Act (ESIGN) in 2000. Both
acts made electronically signed contracts and documents legally binding, like paper-based
FREE TRIAL
contracts. Since then, the legality of electronic signatures has been upheld CONTACT SALES
many times.

By now, most countries have adopted legislation

Sales: and regulations Support
1-877-720-2040 modeledAccess
after the United States
Documents Log In
or the European Union, with a preference in many regions for the E.U. model of locally managed,
digital signature technology-based eSignatures. In addition, many companies have improved
compliance with the regulations established by their industries (e.g., FDA 21 CFR Part 11 in the
Life Sciences industry), which has been achieved by using digital signature technology. These
country- and industry-specific regulations are continuously evolving, a key example being the
Electronic identification and trust services (eIDAS) regulation that was recently adopted in the
European Union.

What is a digital certificate?

A digital certificate is an electronic document issued by a Certificate Authority (CA). It contains
the public key for a digital signature and specifies the identity associated with the key, such as
the name of an organization. The certificate is used to confirm that the public key belongs to the
specific organization. The CA acts as the guarantor. Digital certificates must be issued by a
trusted authority and are only valid for a specified time. They are required in order to create a
digital signature.

COMPANY

PRICING

RESOURCES

SUPPORT

TRENDING TOPICS

© DocuSign Inc. 2019

221 Main St., Suite 1550
San Francisco, CA 94105
Sales: 1-877-720-2040

   

https://www.docusign.com/how-it-works/electronic-signature/digital-signature/digital-signature-faq 5/6
13/10/2019 How Digital Signatures Work | DocuSign

 United States 

Terms of Use Privacy Policy Cookie Settings Intellectual Property

FREE TRIAL CONTACT SALES

Sales: 1-877-720-2040 Support Access Documents Log In

https://www.docusign.com/how-it-works/electronic-signature/digital-signature/digital-signature-faq 6/6