Signing from a cell phone is a reality that has been around for several years, but not all of them are the same. Therefore, today we are going to explain what are the most common types of mobile electronic signature and the main differences between them.
One of the main advantages offered by mobile electronic signatures is their contribution to mobility. Thanks to this technological advance, it is no longer necessary to be present to finalize an agreement. This results in significant savings, both financially and in terms of time.
As a result, the way of doing business has changed and the efficiency of those companies that have embraced this digital transformation has improved considerably. Therefore, it is no longer a question of whether it is convenient to carry out this change, but when to do it so that it is implemented as soon as possible.
On the other hand, there are several types of mobile electronic signature with different characteristics and considerations to take into account in order to be able to use them correctly from these devices.
Electronic signature types
Within the territory of the European Union, Regulation (EU) No. 910/2014 of the European Parliament and of the Council (eIDAS) is the legislation that is responsible for regulating electronic signatures within its member countries and establishes the following classification:
- Simple: This refers only to the electronic data used by the signatory to carry out the signature. Although it is perfectly legal and can be presented in court, it may require additional evidence because it is the least secure option possible.
- Advanced: This refers to a rubric that meets the conditions set forth in Article 26 of eIDAS, which are as follows: the rubric must be uniquely linked to the signatory, it must allow the signatory to be identified, the data used for its creation must be under the signatory’s control and it must be possible to detect whether there has been any subsequent modification.
- Qualified: This is an advanced electronic signature that has been created by means of a qualified device and with a qualified certificate. Its legal value is exactly identical to that of the traditional handwritten signature.
It should be noted that all of them are perfectly legal. The requirements of the process or document in question will determine the one to be used in each case.
Types of mobile electronic signature
Next, we will describe the different types of mobile electronic signature and their peculiarities:
-
Electronic signature without certificate
One type of mobile electronic signature is the electronic signature without a certificate. To make a signature, in principle, you must have a digital certificate.
However, in case we do not have a digital certificate, we need additional evidence to get the signer’s identification and thus achieve all the necessary requirements to have an advanced digital signature.
There are many types of evidence. One of the most common is the SMS OTP, i.e. a temporary password sent to the signatory’s phone. In this way, we can authenticate him/her as the cell phone is personal and belongs exclusively to that person. In addition, both the access to the signature request (sent to your email) and the SMS code (sent to your phone) are under your full control.
Therefore, all the conditions are fulfilled to have an advanced mobile signature without the need to use a certificate. In any case, there are secure solutions that do not require the certificate to be carried at all times, such as cloud-based or centralized signatures.
-
Electronic signature with non-qualified certificate
When we talk about mobile electronic signature, we also talk about electronic signature with an unqualified certificate. Signing digitally with a certificate makes the process easier, since the certificate itself includes all the data necessary for the identification of the person and is exclusively linked to that person.
Once again, the condition that access to the request and the certificate are under your control is fulfilled, and the document allows, together with other evidence, to know if any modification has been made a posteriori. Following this method, we again have an advanced electronic signature.
The difference with a qualified certificate (in the European Union) is that it has not followed the certification process required by the state regulatory body to be considered as such, although technically it does not have to differ in any way in terms of safety.
-
Electronic signature with qualified certificate
The last type of mobile electronic signature is the electronic signature with a qualified certificate. In this type of signature, the same context is repeated as in the previous case, with the only difference that it is inside a cryptographic card without the possibility of downloading (for example, the electronic ID) or generated on a secure server (HSM).
Following this last method, we get the qualified electronic signature, with the highest possible trust rank nowadays according to the European Union regulation. In addition, since the entry into force of the eIDAS Regulation, cloud systems or systems of centralization of digital certificates in external servers that can be connected to the HSM directly to avoid exporting the certificate are supported.
IMPORTANT:Our centralized signature solution Viafirma Fortress allows users to use their certificate on any device when required, as it is stored in an ultra-secure cloud that can be accessed from anywhere.
In short, any type of electronic signature included in the European regulation can be made from a mobile device. Each of them is adapted to a different situation, in which greater or lesser security is required for the agreement in question.
The mobility and versatility of this tool are two of the many benefits it offers.