Digital identification - understanding the need for secure and simple identification

Contracts and documents can now be signed digitally using services like Addo Sign, but how convenient is it? And how do you know that the right person is signing the document? We know with far greater certainty than we did in the paper-based world.

The solution is electronic identification.

 Nikoline Astrid Lundberg 
Process Improvement Manager

To implement electronic identification, secure authentication is also required: 

Electronic identification is a prerequisite for all electronic transactions in Addo Sign, as it plays a central role in every digital service and process. The identification process, which is part of electronic identification, allows the recipient of a document to verify their identity securely and effectively before they are given access to view submitted documents and agreements.

Authentication is the critical mechanism that confirms and verifies that the recipient's claimed identity is genuine and legitimate, which is essential to maintaining the security and integrity of electronic transactions. Electronic identification and authentication enable trusted electronic communication and allow users to engage in electronic actions and document exchanges with peace of mind. 

We live in an age where complicated processes are a crucial factor in any customer relationship. A study by PWC shows that a good customer experience is partly determined by how smooth and efficient the processes and services customers use in a business relationship.

So why maintain outdated processes and jeopardize customer relationships when there are agile and secure identification options with simple and strong identification processes?

Security with strong identification

Many important business contracts require an identity check of the counterparty. This is often unnecessarily time-consuming because both parties need to meet in person or witness statements may be required. In addition, there are general risks if documents are sent by post, even traditional email can be compromised and is not GDPR compliant.  
A strong two-step identification is a legally binding way to sign all types of documents. Strong identification is linked to a person's official identity, which is always confirmed by digital identification. In practice, this means using advanced and recognized identification solutions throughout the identification process.  
MitID and BankID are both examples of identification systems used for strong identification.  

When is it appropriate to use strong identification?  

Strong identification is recommended for signing processes where the parties do not know each other in advance. Strong identification can also be equated with e.g., presenting an identity document (passport/driver's license).

Strong authentication is supported by the banking systems in Finland, Sweden, Norway, and Denmark and can be used in Addo Sign. If the signer is in another European country, eIDAS can be used. eIDAS is a pan-European digital identification solution that uses the official digital identification systems of each country, enabling you to send a document for signature in Italy, for example, and be sure that the right person has signed the document.

Signing globally with simple identification

A lack of an identification solution is not a barrier to digital signing and may not always be necessary. Simple identification is a convenient way to collect electronic signatures from around the world. Sometimes the risk associated with the signing process or documents is so low that a simple identification and subsequent on-screen touch signature is quick and easy. This method is easy when the signing parties already know each other or when signatures are collected internally within a company.

The differences between simple and strong authentication

 Simple and strong authentication differ only at the time of signing. While strong authentication requires the recipient to log in with e.g., MitID or BankID, simple identification only requires the signer to sign their signature on the document.

In practice, this means that the signer opens the invitation link sent via email/SMS, enters a password if the sender has password-protected the transaction, and signs on the phone.

Note that both simple and strong identification are, from a legal point of view, binding signing methods on par with the physical signature in a document.

Addo Sign offers both identification methods

The Addo Sign digital signing service offers both strong and simple identification. You can use both identification methods in parallel and choose the identification method separately for each signature before the document is sent.  

Strong and simple identification for digital signatures is based on an EU regulation that defines the three elements of a digital signature. The three elements are the authenticity of the signing method, the integrity of the document, and a third-party assessment afterward.  

In other words, the integrity and origin of the digitally signed document must be proven afterward, making the document more trustworthy than a paper version.