They are, essentially, the digital equivalent to adding a notarized signature to your paperwork. In the case of digital signatures, a trusted third party, known as a Certificate Authority (CA) is responsible for verifying your identity.
Certificate Authorities bind your identity to a PKI-based digital certificate which allows you to use your certificate to create digital signatures locally using a token or remote using any of the cloud-based signing platforms.
When you apply a digital signature to a document, cryptography binds your digital certificate (provided after vetting the user’s identity) with the data being signed into one unique “fingerprint.” Just like with a real fingerprint, the cryptographic components that make up your digitally signed document cannot be replicated or altered. This is what makes digital signatures secure and compliant and therefore more powerful in the eyes of the law
In summary, a carefully thought-out and secure cryptographic operation allows digital signatures to assure the following:
According to the US Federal ESIGN Act, electronic signatures are defined as:
“Electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record."
More loosely, e-signatures are used to refer to any signature that is applied electronically as opposed to on a physical piece of paper. Electronic signatures can be used to confirm content within a document, however not all electronic signatures’ assurance levels are the same in the eyes of the law. If you are in an industry that is highly regulated where you are dealing with personal and/or private information and data –finance or accounting, HR, legal, or healthcare, to name a few – then you might need to consider a more secure option.
Note: Unlike Digital signatures, electronic signatures do not require any identity verification by the CA.