In the context of document signing, digital signatures are often described as the electronic equivalent of a wet ink signature, but I'm beginning to think that description doesn't do them justice. Digitally signing a document provides a few additional security benefits that I'd like to highlight here.
Note: I want to point out that this post is about digital signatures in particular, as opposed to generic electronic signatures. A digital signature is a specific type of electronic signature that is based on public key cryptography.
Third party identity validation
In order to digitally sign a document, you need a digital certificate. You can think of a digital certificate as kind of a virtual passport - a way of proving your identity in online transactions. Just as your local government office needs to verify your identity before issuing you a passport, a third party verification entity known as a Certificate Authority (CA) needs to vet you before issuing a digital certificate.
Because your identity was verified by a trusted third party before your certificate was issued, and assuming you are the only one that can use your certificate (or more technically, the private key in your certificate), someone who received a document signed by you can be sure that it was actually you who signed it. This helps mitigate the risk of forgery or imposters.
Example certification signature in Adobe Acrobat showing the CA that issued the certificate
One of the things that goes on behind the scenes when you open a digitally signed document is a process called a hash check, which basically compares the contents of the document when the signature was applied to the contents of the document at that moment (check out this post for details of this process).
Example messaging for unmodified digitally signed document in Adobe Acrobat
Even the slightest change to the document would cause this check to fail and a warning message to appear to the reader.
Example messaging for a modified digitally signed document in Adobe Acrobat
Thanks to the hash check step, digitally signing a document is a way for document creators to add a tamper-evident seal to their content. While it doesn't strictly prohibit changes, it does make it very obvious to a future recipient if any unauthorized changes were made.
Third party timestamp
Another benefit to using a digital signature is the ability to include a third party timestamp. This means rather than relying on the local system clock (which can be manipulated) or the signer manually entering the date and time (which could be falsified), the date and time that the signature is applied is pulled in from a standardized service from a trusted third party (e.g., some CAs, like GlobalSign, offer this service).
Adding a timestamp supports audits and time-sensitive transactions by ensuring non-repudiation of the time and date the signature took place. Recipients of digitally signed documents that include a third party timestamp can easily verify when the document was signed.
Example timestamped digital signature in Adobe Acrobat
In the past I've talked about some of the operational benefits to adopting digital signatures in place of wet ink, but I encourage you to also consider some of these added security benefits as well.
Your turn. Have you adopted digital signatures? What was your reason? Let me know in the comments!