Handwritten electronic signatures use biometric data (individual handwriting characteristics like pressure, speed, etc.) as identification feature of the signatory. Signature solutions have to fulfil the following requirements in order to be allowed as evidence at court:
- The identification feature has to be protected at every point of the process from unauthorized access and misuse.
- The identification feature has to be connected to the signed document in a way it cannot be extracted and used in another document.
- Changes to the signed document have to be detected with absolute certainty and consequentially render the signature invalid.
- The biometric signature containing the identification feature, which makes it possible to identify the signatory.
- The digital signature verifying the (encrypted) biometric data is part of the document and ensuring the document cannot be changed. The digital signature offers the option to validate the integrity of the document.
ATTENTION: A system which uses only the digital signature to ensure the connection between the signature and document has an attackable weakness. In this case, the proof that a signature belongs to a document (and only to this document), is solely based on self-made and self-managed key pairs of the user or the provider of the signature solution. Sometimes even the signature device (and its serial number) is needed to proof this connection between the signature and the document, which means the signature device has to be available as evidence at the time of court. If you have longer contract periods – e.g. insurance contracts – this is not practical, because the devices are usually recycled after approx. 5 years.
Additionally, self-made key pairs are not protected in the same way as keys stored at a notary. This means a (encrypted) signature can be retrieved from the original document and misused with another document in a way it looks like the signatory has signed this second document. StepOver does neither support nor use these potentially unsecure methods.
With the patented StepOver encryption process the secure notary key is used to deliver proof of both:
- The identification feature, which is safely encrypted with the notary public key.
- The unambiguous connection of the signature (identification feature) with the document, which is also done with the notary key.
You should not have to make any compromises with data protection and data security and thanks to the patented signature solution provided by StepOver you don’t have to. Keeping this in mind we at StepOver wish you a lot of success in your future endeavours.