The analogue of a regular handwritten signature in the computer world is called an electronic signature, and is used in the same way to authenticate a person's identity.
While with a hand writing signature there may be doubts as to who affixed it, when and under what circumstances, with an electronic signature technology is applied to ensure that the electronic document is not "touched" after it has been signed and that the document is signed accurately by the person who writes that they signed it.
What are the different types of electronic signatures?
According to the Law on Electronic Document and Electronic Certification Services there are 3 types of signatures:
- Simple - the most basic form of electronic signing, but does not guarantee the identity of the signer or protect the document from changes after signing.
- Advanced - most often requires the use of a qualified electronic signature certificate and offers a significantly higher level of security and guarantees for the identity of the signer compared to a simple electronic signature.
- Qualified - This type of signature is strictly regulated and recognised in many jurisdictions and is the highest level of electronic signature, offering maximum security and, above all, legal value.
All three types of signatures have legal value, the difference between them being the extent to which it can be verified who has affixed them.
Who can issue a qualified electronic signature?
A Qualified Electronic Signature can only be issued by an accredited Certification Service Provider. These organisations are the guarantor in the processes related to the electronic signature of documents.
How is a qualified electronic signature issued?
In order to create a qualified electronic signature, you need to contact one of the accredited QES issuers (so-called certification-service-providers).
After verifying your identity, the provider issues a digital certificate - a qualified electronic signature certificate.
Does the qualified electronic signature have an expiry date?
Yes. The electronic certificate, on which basis the electronic signature is issued, has a validity period specified in the certificate itself. After the expiry of this term the certificate becomes null and void.
In certain cases, you may request that your certificate be terminated before its expiration date. For example, if you have lost the smart card it is stored on or if your key has been compromised.
Certificate service providers shall publish the validity status of all issued certificates so that third parties can check whether the certificate is valid, expired or revoked.
Digital certificate, electronic signature and qualified electronic signature certificate
Много често, когато се говори за електронни подписи се говори и за цифрови сертификати. А самите цифрови сертификати понякога се наричат удостоверение за квалифициран електронен подпис. Т.е. имаме три термина, но два от тях описват едно и също нещо.
In conclusion
Qualified electronic signatures are governed by local laws and international regulations. They set strict requirements for the processes of issuing qualified digital certificates, key management, signature archiving and other aspects of electronic signatures to ensure the reliability and legal validity of signatures.
The combination of these technologies and regulatory requirements provides an extremely high degree of security and trust in advanced and qualified electronic signatures, making them suitable for a very wide range of applications, including financial transactions, legal documents, contracts, agreements, protocols, certificates and much more.
