In this day and age where it is easier and more convenient to transfer documents online, a digital signature is necessary to prove authenticity. GrabSign is a licensed certificate authority that provides digital signature services to clients in Australia and beyond. Here is everything you need to know about digital signatures and how they work.
What is a Digital Signature?
In layman’s terms, a digital signature is a digital code that is attached to an digitally-transmitted document for authentication purposes. The signature is used to verify the document’s contents and the sender’s identity. Digital signatures are used in virtually all industries as long as there are important documents exchanged electronically.
There are three classes of digital signatures:
Class 1 digital signatures provide a basic level of authentication and are mostly applicable in industries where the risk of compromise to data is low. Validation and authentication are solely based on an email ID and username. Hence, Class 1 digital signatures should not be used for legal and business documents.
Class 2 digital signatures are recommended for use where the risk of compromise to data is moderate. They are commonly used in government agencies for e-filing of tax documents and other documents. Validation and authentication are based on verifying the signee’s identity against a pre-verified database.
Class 3 digital signatures are recommended for use in environments where the risk of compromise to data is justifiably high. They are mostly used in business and government settings. They require application of a certifying authority to prove a user’s identity before signing the document.
How Does it Work?
Digital signatures are based on public key cryptography technology, which uses two mutually authenticating cryptographic keys. The encryption and decryption is a complex task that can only be computed by a computer, so there is zero chance of human interference or doctoring.
When you sign an electronic document, the server hosting you creates a one-way hash (a fancy term for encryption) using the public and private keys assigned to you. This creates a signature that only a server’s public key can decrypt. As such, the recipient will rely on the decrypted public key to validate your identity and the document’s authenticity. If the document was tampered with during transmission, the decrypted public key will differ from the original, hence invalidating it.
Case scenario: supposing Joe wants to send a sensitive document to Jane and still maintain its authenticity. Here is how the process will play out:
- Joe will select the document to be sent to Jane and clock on the ‘sign’ tab on the application.
- The server will compute a unique hash value that it will assign to the signed document.
- The hash value will be encrypted using Joe’s private key that only he has access to, after which the document will be ready for transmission.
- Once Jane receives the document, the application she is using will notice that the document is signed. It will then proceed to decrypt the digital signature using Joe’s public key. If the decrypted public key does not match the hash value, the document will be declared invalid.