Digital signature or digital sign is a mathematical technique used to validate the authenticity and integrity of digital messages, software, or documents. It’s the digital equivalent of a handwritten signature or stamp, but offers much more inherent security. Digital signatures are meant to solve the problem of tampering and impersonation in digital communications.
Digital signatures can provide proof of origin, identity and status of electronic documents, transactions or digital messages. Signatories can also use it to acknowledge informed consent.
The question is how to make a digital sign? The following will discuss how to do it easily.
Table of Contents
What is Digital Signing?
Before discussing further how to make a digital sign, you need to know in advance what is meant by digital sign.
As a start, in many countries, including Indonesia, digital signs are considered legally binding in the same way as traditional handwritten document signatures.
Digital Sign is
What is meant by digital sign is exactly like the modern alternative to signing documents with paper and pen.
It uses advanced mathematical techniques to check the authenticity and integrity of digital messages and documents. This ensures that message content is not altered in transit and helps us to overcome impersonation issues and disruptions in digital communications.
Digital Sign Peruri
Perum Peruri is a State-Owned Enterprise (BUMN) which was established through Government Regulation Number 60 of 1971, the result of a merger between the State Company (PN) Arta Yasa and PN Pertjetakan Kebajoran. With the passage of time, modern machinery has become necessary to be able to compete with money printing companies from other countries.
One of the current innovations is to provide digital sign. Peruri is a trusted partner for authenticating all digital documents, ensuring product authenticity (anti-counterfeiting) and brand protection, through a complete digital solution from Peruri.
Benefits of Digital Sign
Security is the main benefit of digital sign. The security capabilities built into digital sign ensure documents are not altered and signatures are valid. The security features and methods used in digital sign include:
Accurate Time-stamp
By providing digital sign data and times, timestamping is useful when the timing is critical, such as for stock trading, lottery ticket issuance, and legal proceedings.
Globally Accepted And Guaranteed Legality
Public Key Infrastructure (PKI) ensures that vendor generated keys are generated and stored securely. Due to international standards, more and more countries are accepting digital sign as legally binding.
Time efficiency
Digital sign simplifies the time-consuming process of signing, storing, and exchanging physical documents, enabling businesses to quickly access and sign documents.
Reduce Cost
Organizations can go paperless and save money previously spent on physical resources and the time, personnel, and office space used to manage and transport them. Everything digital, of course, is a very interesting thing from the times.
Positive Impact on the Environment
As mentioned above, one of the benefits of digital sign that is positively affected is the environment. Reducing paper use also reduces the physical waste generated by paper and the negative environmental impact of transporting paper documents.
Traceability
Digital signatures create an audit trail that makes internal record keeping easier for businesses. With everything digitally recorded and stored, there are fewer opportunities for manual signers or record holders to make a mistake or misplace something.
How big is the level of security and legality?
Security is one that is offered from digital sign. A digital sign can provide verification of the identity of the signer and approve their signature. Email as well as username is a very common way to be able to access it.
The features of the digital sign used in its security include:
Personal Identification Number (PIN), Password and Code
User PIN is the password that must be used by digital signature customers when performing digital signatures. User PIN must be kept confidential and must not be disclosed to other people, at least you must notify the person who is related to the document.
Checksum
A digital signature is a form of checksum, which provides data integrity, but requires asymmetric encryption to also provide authenticity. No digital sign exists to attach identity to the checksum.
Cyclic Redundancy Check (CRC)
Cyclic Redundancy Check (CRC) is an error detection code commonly used in digital networks and storage devices to detect accidental changes to raw data. On retrieval, calculations are repeated and, if the check values do not match, corrective action can be taken against data corruption.
Validation Certificate authority (CA)
Certificate Authority or known as CA is an organization that is trusted to verify computerized deeds on a web. The purpose of the verification is to decide that the web is safe to use for web users.
Trust Service Provider (TSP) Validation
A Trust Service Provider (TSP) is a person or legal entity that provides and maintains digital certificates to create and validate electronic signatures and to authenticate their signers and websites in general.
How Digital Signs Work
Digital signatures are based on public key cryptography, also known as asymmetric cryptography. Using a public key algorithm, such as RSA (Rivest-Shamir-Adleman), two keys are generated, creating a pair of mathematically linked keys, one private and one public.
Digital sign works through two public key cryptographic keys that authenticate each other. The individual creating the digital signature uses the private key to encrypt the data associated with the signature, whereas the only way to decrypt the data is with the signer’s public key.
Personal identification numbers (PINs), Passwords and Codes
PIN number or PIN code, is a numeric (sometimes alphanumeric) passcode used in the authentication process of users accessing the system. So, before opening the document, you must first enter the PIN as the digital sign. And also you can use passwords and codes that you can use.
Asymmetric Cryptography/Asymmetric Cryptography
Asymmetric cryptography also allows the concept of digital signatures. If, usually instead of using the private key for encryption, that key is used for message authentication, someone can sign the message. To sign a message one hash first (hashes described next) the message and then encrypt the hash. This encrypted hash is transmitted with a message.
Checksum
Digital sign is a form of checksum, which provides data integrity, but requires asymmetric encryption to also provide authenticity. No digital signature exists to attach identity to the checksum. This implies a level of trust between you and the 3rd party.
If you have met with 3rd parties, or dealt with them enough to build some level of trust, then you can install 3rd party public keys into your system. Then, when they provide the data attached with a digital signature, you can verify that the data is indeed from a third party, and not from another source.
Cyclic Redundancy Check (CRC)
The need for electronic files, particularly computer programs or source code, to be traceable is widely recognized. A certain type of checksum, a form of digital signature, provides a practical and efficient method of achieving this. Cyclic Redundancy Check (CRC) and checksums will provide a practical approach to help manage source code.
Certificate Authority (CA) Validation
Whenever you visit a website with HTTPS or see a small padlock in the URL bar, you are using a site that has been verified by a CA. In addition, whenever you visit a site that claims to be “unsafe”, you know that the site has not been validated by a CA or its validation has expired.
CA in the signature sign is also like that. Make sure the document is safe.
Trust Service Orovider (TSP) Validation/Trust Service Provider Validation
The TSP is responsible for ensuring the electronic identification of signers and services by using robust mechanisms for authentication, digital certificates and electronic signatures.
Types of Levels and Levels of Digital Sign
The 3 types and levels of digital sign that you need to know include:
Basic (Ordinary)
The basic type is a type that cannot be used for legal business activities because it is only based on an email ID and username for validation.
This basic signature has a basic level of security and is used in low data compromise environments.
Intermediate (Intermediate)
The intermediate class or middle class that can be used for e-filling tax documents. Includes income tax returns and goods and services tax returns.
This intermediate digital signature is able to authenticate the user’s identity with a verified database.
For mid-level security it is suitable for environments where risks and consequences and data compromises are moderate.
Advanced (High)
For the advanced level this is the highest level digital signature. This class signature requires a person or organization to be present in front of a certification authority to prove identity before signing.
Usually the use of advanced digital signatures is used for electronic auctions, electronic tickets, court filings and environments where the threat to data or the consequences of security failures are very high.
Difference between Digital Signature and Electronic Signature (E-Signature)?
There are many people who may still be confused about the difference between a digital signature and an electronic signature even though they are completely different. The following is the difference between a digital signature and an electronic signature:
Form and function
Electronic signatures when viewed from the form and function that are attached to digital documents.
This data is electronic information from a person whose signature and unlimited form of wet hand signal (handwriting) made into electronic form.
The main function of an electronic signature is only to show the signer’s intention to agree to what is conveyed in the signed document.
Digital signature is a cryptographic mechanism that is often implemented into electronic signatures.
Information that is attached together using a digital signature is not only data/signature in electronic form, but an encrypted data and digital certificate from the owner of the digital signature.
Its main function is not only to show the intention of the signer, but also to show that the following documents are valid and come from entities whose existence is proven because they already have a certified digital identity.
Due to the mathematical mechanism in its creation, the form of a digital signature cannot be equated with a traditional signature form because basically a digital signature attached to a document does not have a physical form as simple as a wet signature.
A document that does not appear to have a signature can also have contractual and legal force unless it is signed with a digital signature.
To find out more about this, let’s take a look into the signature creation process in the next point.
Making process
Creating an electronic signature is very easy, it is made by a simple way the signer scans his signature on paper and saves it in the form of an image, and also signing is also made directly in electronic form with support which has a simple image like paint or notes on a cellphone in a picture. .
Digital signatures are used using more complex steps as well as asymmetric cryptographic mechanisms.
Asymmetric cryptography in short is an information locking system in which a key, we call the private key, which can only be accessed with its paired key, we which you can call the public key.
The process of data locking is that the document that you want to sign will be encrypted first with a special key into another form that we call cipher text.
The content of the cipher text is similar to the original document, in that the form is unreadable and interpreted literally like a random code.
Then the signing digital certificate, public key, and cipher text will be attached to the document.
So that in the information attached to the digitally signed document there are 3 electronic data.
The process of document encryption and embedding digital certificates on digital signatures is usually carried out by institutions or parties that are Electronic Certification Providers (PSrE) like PrivyID.
In the decryption system, the document sent is converted into cipher text by the public key. Where this cipher text is compared with the cipher text that was originally attached to the sent document.
If the two cipher texts are the same, the document sent and received is the same document, there is no change in its contents. This process adds a digital signature to the ability to show the validity of a document to avoid compromising on the information in it.
Identity Validity
Electronically signed documents cannot be accurately validated as to who owns it.
Electronic signatures are basically only data in electronic form which can be in the form of images, writing, or sound.
If this data is owned by many people, then many people can use it on behalf of a document.
It cannot be proven concretely who used the electronic data, when it was attached, and in which documents.
The validity of the identity of a digital signature can be easily proven by the presence of a digital certificate.
A digital certificate attached to a digital signature is one of the main requirements for creating a digital signature.
Making this Digital Certificate is not arbitrary, an individual must first register his or her personal data such as an ID card, name, email address, and telephone number to an Electronic Certification Operator (PSRE) such as PrivyID.
Then PrivyID must match the registered data with the data registered at the population and civil registration office (Dukcapil) first. This process is carried out to validate the existence of the individual as recorded in the country data.
In addition, validation is also carried out with liveness detection tests to prove whether the individual is genuine or not. If it passes the validation process, PrivyID will issue a digital certificate for the individual.
Meanwhile, to ensure the validity of digital certificates, they have an expiration time. A person whose digital certificate has expired must renew it again at PrivyID.
Legal force
Electronic signatures according to Law no. 11 of 2008 article 12 on electronic information that is attached to, or related to other electronic information used as a means of verification or authentication.
The legal force of an uncertified electronic signature is the same as a wet signature as long as the electronic signature has met the requirements and is in accordance with regulations.
Use
Electronic signatures can be used to identify documents or data on your behalf that do not necessarily require legal force, for example verification of receipt of goods delivered by logistics services.
As for documents, activities, or agreements that require the validity of personal data such as opening credit cards, signing contracts, etc., digital signatures are used to make it safer and minimize losses because it has legal force.
Advantages of Digital Sign
Some of the advantages of using digital sign include:
Timestamping
Information on when the digital signature was created which is used for time-sensitive documents such as stock trading and legal proceedings.
Globally Accepted and Legally
The legal validity of digital signatures is that the standards owned by the public key infrastructure (PKI) will always ensure that each key made by a digital signature service provider is made with safe deposits.
So that the use of digital signatures can be accepted globally where many countries accept digital signatures because they are legally binding.
More efficient
Digital signature which makes all the processes of signing, storing, and exchanging physical documents simplified is often time consuming.
So that it can allow users to be able to access and sign documents quickly.
More Environmentally Friendly
Using a digital signature can reduce the use of paper and physical waste which can have a negative impact on the environment.
Easy to Search
Digital signature audit trails and makes internal record keeping that much easier. By recording data that is stored digitally, there is less chance of the signature making a mistake or misplacing something.
How to Get a Digital Sign
For those of you who are confused about finding out how to get a digital signature that is used to sign digital documents for both individuals and organizations, then you can look at the following ways:
Using Microsoft Word
The first way to get a digital signature is to use a word document, here’s how:
- Open the Word document and hover over the area you want to sign.
- Select the insert tab.
- Select Text and select Signature Line.
- Click Microsoft Office Signature Line so that the Signature dialog box appears.
- Enter the data, with the signer’s name, email address, job title, and further instructions, then check the required boxes > OK.
- Right-click on the signature section then type a name or upload a signature image.
The following are steps on how to create an electronic signature using Microsoft Word:
- You can make a signature on a white paper.
- Then scan and save in .bmp, .gif, .png, or .jpg format.
- Open the image file in MS Word by clicking the insert tab and selecting Picture.
- Select the image and edit it using the Picture Tools Format tab.
- Right-click the image then Save As Picture.
- If you want to include an electronic signature you can easily add it by clicking Insert and Picture and then dragging the image into the Word document.
How to Make a Digital Sign Online
In addition to using MS Word, you can use how to create a digital signature online on several websites as below:
How to Get a Digital Sign
CreateMySignature
The first way to get a digital sign is to use the website, namely CreateMySignature, here’s how:
- Open createmysignature.com in a browser.
- Click Draw Signature.
- Create the signature you want to create.
- When finished, click Save and select Download.
- Then the results of the signature will be saved automatically in the PNG file format.
You can also add a digital signature to a PDF file directly as follows:
- Go to createmysignature.com.
- Select Sign PDF Document.
- Select the PDF document you want to sign with a maximum file size of 10 MB.
- PDF will appear on the screen then select the Sign menu.
- Create the desired signature, then press Save.
- Drag the signature to the part of the PDF you want.
- If so then click Save and Download
Signaturely
Then there are other digital signature websites like Signaturely. Here’s how to get a digital sign through Signaturely:
- Go to signaturely.com.
- Then select Draw Your Signature.
- Enter the signature in the column provided.
- You can set the color, thickness, and slope of the signature.
- Press Download eSignature to save your digital signature.
Docsketch
Docsketch is a digital sign website that you can access for free. Here’s how to get a digital sign with Docsketch:
- Go to docsketch.com.
- Select the Draw Signature menu.
- Create a signature as desired.
- If so then click the Save button.
- If you want to make the background transparent then you can choose transparent background.
- When finished press Download to download the PNG file.
Conclusion
That’s our discussion about digital sign which is very important in its use in today’s digital world from NetData. Moreover, during a pandemic like this, it requires us to always work remotely which can be supported by this digital sign to keep doing business operations with ease.
If you are looking for an easy digital sign for the progress of your company, then you can ask for help with digital sign creation services at NetData. Click here!
