Over the centuries, signatures have come in many forms, from a simple mark to a copperplate John Hancock to the imprint of an intricately carved ivory seal. Now the U.S. Congress has added "electronic sound, symbol, or process" to the list.
That's how electronic signature is defined in the Electronic Signatures in Global and National Commerce Act, which went into effect on October 1, 2000. In principle, the term's broad definition means that signing one's name can be as simple as sending an e-mail or pressing 1 on a Touch-Tone phone. But companies doing business online could opt for more sophisticated technologies should they desire a higher level of security and comfort.
Anyone can create digital signatures using common desktop applications, such as Microsoft Outlook, Netscape Communicator, and Adobe Acrobat. While those signatures are images, Montreal-based onSign, a unit of Silanis Technology, offers free software for script aficionados that embeds a digital signature in the image of a user's handwritten name.
A digital signature operates by matching two "keys" -- very large numbers used to encrypt information. You use your private key to generate a signature. You then send (or store online) a digital certificate containing your public key with each signed document. The certificate explains who you are to the document's recipient, and the public key allows him or her to verify your signature. If the keys don't match -- or if the document has been altered since you signed it -- the verification attempt will fail.
In many simple digital signature programs, users issue their own certificates. That method may be adequate among correspondents who know one another, explains Lisa Pretty, executive director of the PKI Forum, a public key technology industry group. If additional security is necessary, companies such as Dallas-based AlphaTrust Corp. can fill the breach by issuing users a digital ID that allows the recipient of their documents to verify their identities and validate their electronic signatures.
In the end, ensuring 100% validity when it comes to digital identities may not be possible. But signature verification in the paper world isn't foolproof either, says Rick Lane, director of e-commerce and Internet technology at the U.S. Chamber of Commerce. "There's no difference," he says. "Those concerns don't change."
Just the Facts
Source: Electronic Signatures in Global and National Commerce Act.
Copyright © 2000 G+J USA Publishing