Legality of electronic signatures
Factorial offers the electronic signature solution through Signaturit, a legaltech company accredited as a Qualified Trust Service Provider (QTSP) that offers innovative solutions for electronic signatures, certified electronic delivery and electronic identification.
In the European Union, the eIDAS Regulation establishes the minimum requirements to consider an electronic signature valid and its legal effects.
By this Regulation, there are three types of electronic signatures, each of them has a different level of protection:
- Simple electronic signature: this is the simplest form of electronic signature. For example, a simple electronic signature can be a simple pin code (OTP) or a "checkbox".
Advanced electronic signature: this is an electronic signature that requires higher requirements than the simple electronic signature and therefore enjoys a higher degree of protection. These requirements are outlined in Article 26 and are as follows:
- it is uniquely linked to the signatory;
- it is capable of identifying the signatory;
- it is created using electronic signature creation data that the signatory can, with a high level of confidence, use under his sole control; and
- it is linked to the data signed therewith in such a way that any subsequent change in the data is detectable.
- Qualified electronic signature: it is the one with the highest security requirements; it is created by employing a qualified electronic signature creation device and a qualified electronic signature certificate.
The e-signature available in Factorial is the Advanced electronic signature.
⚠️ It is important to remember that the legal validity of electronic signatures varies depending on the document and is subject to the legislation of each country. It is recommended that you consult your specific use cases with your legal advisor. We remind you that Factorial does not provide labor advisory services and that it is the client’s sole responsibility to ensure the suitability of the use of the products to the applicable regulations.
What is an audit trail?
To ensure the integrity of the process, Signaturit generates an evidence document, once all the requested signatures have been collected, that an Administrator can download from the document viewer.
An audit trail is a document in which all electronic evidence (data) generated during the signing process are stored. This serves as evidence to ensure information integrity at all times, avoiding any kind of manipulation.
Through an encryption algorithm and Official Time Stamping, Signaturit ensures the integrity of the data and, therefore, its legal validity as proof of who signed the document, when and where.
Each electronic signature is "embedded" in the document, including the biometric data captured during the signing process.
The Signaturit’s audit trail contains the following information:
- Unique identifier of the transaction.
- The signer's name.
- The signer's email address.
- IP address.
- Authentication history.
- Chain of custody (ex: sent, seen, signed, etc.).
- Official time stamp.
- Complete status.