With the wake of the communications revolution of our age, eTransactions have developed, particularly in forms of electronic exchange of records between individuals and government entities and other forms of sales and purchases via the internet –which is termed as eCommerce. As the number of electronic transactions has dramatically increased worldwide all through the previous years, the need to verify the identity of transacted parties has become an essential element because modification of emails’ details is easy and denial by some parties involved in such transactions is probable too.
Gone are the days of paper transactions, routines or waiting in queues. This is the result of the development and growth of new communities within the swelling trend of globalization and orientation towards the “Information Society” that is characterized by swift flow of information amongst individuals while trespassing all territories across regions in a matter of seconds. Additionally, this is attributed to advances in technology both regionally and globally, as reflected in our daily life, international transactions, correspondences, trade exchange, and emerging eCommerce.
Time has developed and changed; new technologies, new social concepts, and new advanced tools have emerged to be part of our life. This requires the creation of new ways for authentication that are flexible, accessible and concrete enough to verify the identities of signatories and to prevent denial. Many encryption algorithms are available to assist in such authentication process and provide sound means to verify eSignatures and preventdenial.
These new algorithms have helped in accelerating and attesting transactions in an accurate manner; nevertheless, they still lack supporting legal framework. Thus, most countries have issued their own eSignature legislations and promulgated laws to legalize eSignatures and use computerized evidence to prove the validity of electronic signatures and then use a number of tools to verify signers’ IDs. For example, biometrics methods are used including fingerprint thumb stamp, IRIS Systems, hand geometry, face and odor / scent recognition and other properties of human characteristics. Now DNA testing is successfully used as a means to identify people. Character identification through biometrics measures is formulated within a probabilistic framework where there is a rate of “false acceptance” and “true refusal”; whereas digital signatures or passwords are deterministic. In other words, there is no room for false acceptance or true refusal but to the contrary authentication is either accepted or rejected.
This article is intended to provide a brief summary on electronic signatures and discuss their applications in eGovernment setting.
The advancement in communications and computers has revolutionized the way of doing business and opened unprecedented horizons such as eCommerce, ePayment and eGovernment. Moreover, other novel concepts related to this advancement have emerged such cryptography algorithms, which facilitate the exchange of security keys or writing electronic digital signatures. These algorithms have developed to secure the reliability and accuracy of documents and protect the message during transmission through the web. The digital signature, which is the result of using the public-key encryption, is easy to generate and difficult to forge because it is concealed from intruders. The latest development occurs in users’ identity verification through using biometrics properties such as fingerprint thumb stamp, palm geometry, IRIS Systems, face recognition, face geometry, IRIS Systems, face recognition, face geometry, voice and skin recognition and many other human physical characteristics that can be linked to digital signatures that play a major role in the authenticity of users’ IDs.
2. Electronic Signature
Signing is a mandatory measure for executing local and international transactions on the internet. This entails swift performance to finalize transactions in a short time between the involved parties. Attempts to ensure the credibility and high security of information being transmitted through the internet have led to many endeavors to use handwritten signature within computer applications and later on to overcome the shortcomings of handwritten signature and replace it by e-signature.
There is a lot of confusion and clash of terminology surrounding the concept of electronic and digital signatures. However, we should bear in mind that the use of e-signature may primarily be seen as a technical issue although it is a legal issue, too. In this regard there are some concerns such as: what is the purpose of using it? Is there an agreement between the parties on how to formulate and use such e-signatures? Is there any guidance or approval from the concerned authority such donors for federal funds? Consequently, what is considered acceptable in courts as evidence to prove the desire of both parties to sign the document?
3. Digitized Signature
A digitized signature is a handwritten signature reproduced in computer software in the form of digital data as follows:
• A scanner is needed to scan the signature from a paper, save it in a digital image format, and then the picture can be acquired and inserted on the document to replace the rubber-stamp signature.
• Use encoding device when signing on UPS set or any normal carrier.
• Encoding device to be used when using credit card for shopping from department stores. These devices can be as simple as scanners or sophisticated such as devices for measuring the pressure and counting the number of pulses during signing.
E-signature is a new concept for our region, so we need to define it. E-signature is a procedure taken by any party who wants to sign electronically generated documents such as contracts, agreements, sales/purchase orders or private correspondences. The process of e-signing incorporates linking the signer’s identity with the signed document and essential part of the process is that the receiver can, absolutely and in real time, verify the authenticity of the e-signature. The e-signing process does not require handwritten signature exactly as we do on papers, but the user needs only to press a button on the keyboard or just a mouse-click on the screen and then insert secret code to sign on a document or a message. There are many types of e-signatures; some are simple and do not provide any guarantees but they are still seemingly within the context of e-signatures and others are sophisticated and have guarantees as legally binding and valid to authenticate the content of the message and has all legal privileges.
Replacing handwritten signature with electronic signature takes many forms:
a. Image of a handwritten-signature: it a very simple type and is done through scanning normal handwritten-signature from a paper and save it as an image and added to the relevant file or document intended to be signed.
b. PenOP digitized Signature: The sender writes its signature on a screen using a special electronic pen or software. The software program picks and verifies the signature.
4. Handwritten Digital Signature
This is one of the biometric applications in information security which include, among others, voice fingerprint, fingerprint thumb stamp, IRIS Systems and Handwritten Recognition.
5. Digital Signature
This type is purely a mathematical process and not a digitized handwritten signature or fingerprint, but it is an easy to use digital code - though geometrically complicated - and fully secured to guarantee high level of document authentication, and that the sender of the message is really the one who he or she claims to be.
e-Signatures have a major role in the eGovernment applications where it is so crucial to identify users’ IDs and authenticate the soundness of the transaction text and the claimed sender. Biometrics stamps can be used for authenticity reasons and can be incorporated with passwords in some critical applications. The e-signature remains the most preferable tool to identify identities as it is easy to generate and accurately reliable.
* Say yes to e-Government e-Magazine, No.19, 10/12/2010.