At the core of The Layer’s electronic signature process is its ability to identify the signer through multiple levels of authentication.

This includes email address, IP address and a unique access code - a pair of keys which is provided with the quotation document which is required to access the document. These keys are also stored alongside the audit trail for the quotation upon successful request.

The adoption of the Regulation (EU) No 910/2014 establishes a community framework for the use of electronic signatures on electronic contracts in the EU. Thirty European countries (EU-27, Croatia, Turkey and Liechtenstein) have already implemented the Directive. Electronic signatures are actively in use in Europe, and worldwide, and The Layer’s signature capture process helps you receive signatures for your quotations directly via The Layer.

Laying the groundwork for the legality of electronic signatures, the Directive provides three important definitions:

The “electronic signature” is simply data in electronic form which are attached to or logically associated with other electronic data and which serve as a method of authentication.

The “advanced electronic signature” defines a process that does not describe a particular technology, but rather a process that creates an enforceable electronic signature if the signature:

The “qualified certificate” defines a process which must in particular include specific technology:

Using these definitions, the Directive goes on to establish the criteria that form the basis for legal recognition of electronic signatures to carry the same weight and legal effect as a traditional paper document with a pen and ink signature. It ensures that no matter what form of electronic signature is used, the electronic signature will be valid—as long as a recognised process is followed.

An electronic signature may not legally be refused simply because:

An advanced signature is generally taken to be a specific type of electronic signature that meets an additional set of criteria for signer identification. The main purpose of an advanced electronic signature is authentication, i.e. to give added assurance that the individual signing the message really is the person that he or she claims to be. Ostensibly, any electronic signature mechanism that captures the signer’s intent to adopt the signature and his affixing that signature to a record would meet this requirement if the record is at some point provisioned with a tamper-evident seal.

A qualified certificate is not an electronic signature per se; it is a technical mechanism for establishing the source of an electronic message. When affixed or associated with an advanced electronic signature, the combination of the two is given an elevated status and becomes the “functional equivalent” of a handwritten signature. This has caused much confusion, because in many jurisdictions (common law countries in particular), there is no legal distinction between different “tiers” of signatures.

Court cases illustrate that courts will accept the use of electronic communication, including electronic signatures, as evidence, so they can constitute the basis of binding contracts.

Please note that even a simple electronic signature is recognized under the Directive as valid and enforceable. This aspect of the law, which closely resembles the United States federal E-SIGN law, is the governing principle behind the vast majority of electronic contracts currently executed in Europe. The Directive simply enables parties to an agreement to enhance the transaction with additional measures of security if desired.

The Layer has elected to support the Advanced Signature model, primarily because it affords a reasonable range of identification and authentication of the parties without requiring the added expense and inconvenience of obtaining a qualified certificate. The Layer Supports Advanced Electronic Signatures by:

The Layer provides the secure and auditable process for the signer to adopt their own electronic signature. Through email authentication, IP address and additional authentication methods the The Layer can uniquely link the signer to the electronic signature.

The Layer provides multiple levels of authentication that can identify the signer. This includes email address, IP address and an access code - a pair of keys which is provided with the quotation document which is required to access the document, required to access the document prior to signature. The Layer stores this in the audit trail of the transaction. This is also known as “out of band” authentication.

The Layer Service allows the signer to create their electronic signature in a secure and auditable manner. After the signing process is completed, the signer can observe their signature when the signed document is e-mailed to them directly after the transaction completes.

After the documents have been electronically signed, the The Layer Service holds the documents in a tamper-proof state (using hashing and encryption) for the parties to retrieve at a later time. Each access to the documents is written to the audit trail. When any party to the transaction downloads the documents, the The Layer Service will apply a Global Digital Certificate, which creates a tamper-evident seal around the documents.

In the event of a dispute regarding an electronically executed contract, merely complying with the EU Directive is not enough much like their paper counterparts, electronically signed documents can become the subject of a dispute. The signature process must provide enough proof to uphold the transaction. For this reason, compliance with the EU Directive is an important step in selecting an electronic signature platform.

The Layer’s comprehensive approach includes:

Selectable user authentication methods to be commensurate with the transaction’s security requirements.

A key convention in the paper world, precise signature placement is important in establishing the signer’s intent. Similar considerations should be made when adopting an electronic signature platform.