Today, daily life occurs more than ever in the digital space - we buy clothes online and groceries, do banking transactions via smartphone, and increasingly conclude contracts on the internet. However, the decisive step here, the signature, often must be done on paper. The implementation of e-signatures in the process can prevent this media break. This guide explains which electronic signatures exist and how to sign a PDF digitally.
Documents can be signed and exchanged much faster.
The electronic signature can ensure who is signing and that everything has stayed the same in the document since then.
Today, the customer expects an entirely digital process, and with the electronic signature, this can be ensured right up to the conclusion of the contract.
The PDF document format already offers the option of electronic signatures. Therefore, due to the high design acceptance, it is suitable for digitally signing documents and contracts.
To sign PDFs electronically, it is possible to integrate the signature as part of a process in which a PDF is created and signed or to use signature platforms that allow any PDF to be uploaded and signed electronically after identification of the signatory.
This guide focuses on signature portals to provide an accessible introduction to the topic. A selection of our partners who offer portals can be found here: Partner overview.
A hash value (compressed value) is made from the document to be signed using a specific algorithm to create an electronic signature. In the next step, a key pair with two keys (one public, the other private) is generated by another algorithm, and the signature is then created. Both the hash signed with the private and public keys are "stapled" to the document, and both can be sent with it. The trust service provider ensures that a particular public key belongs to a person (so-called "certificate," located in the document). The recipient can check the signature's authenticity using the public key in the attached certificate. If, for example, the source document is changed, the hash value would also change - the public key can no longer decrypt the document.
Swisscom Trust Services offers a triangle of electronic signature, ID, and key. The ID is the digital identity that is to be uniquely identified. The key is the security tool with which the expression of will (such as the smartphone) and the signature finally trigger this expression of will.
Digital signing works on the desktop as well as on mobile devices. Since web services are used in the background, the signature can be used on all web-enabled end devices, from PCs to smartphones. A mobile phone is usually used as a second factor (2FA) to ensure that the signer is the person they claim to be. For example, the signature application runs on the desktop or in the browser and must be confirmed via mobile or app.
The electronic signature on the Qualified level is mainly equivalent to the handwritten signature. Therefore, almost anything you sign with a pen can be transferred to the digital world and signed electronically. Here is a selection of documents that are signed today:
If the user is in an electronic contract conclusion process, his identity must first be established. To do this, the participant application first checks whether he has already been identified for the required signature level. This is done via an interface to the trust service provider. If this is the case, the creation of the signature is triggered. Otherwise, the application can start various identification procedures that have been integrated by the company, for example, a video identification procedure in which one identifies oneself in front of the computer's camera.
Once the user's identity has been confirmed or recorded, they can sign documents electronically. In the case of Swisscom Trust Services, only a hash is transmitted, but not the document itself. This hash is signed electronically and ensures the signature is valid for this document, not any subsequent changes. The signature is then attached to the document. The signatory can then recheck it for correctness and finally confirm it. This can be done via an SMS code, a smartphone app, or other methods of expressing the will.