The electronic signature is fundamental for the digitalization of an organization or company, as it facilitates and streamlines online processes without compromising security and legality. For these reasons, it is the mechanism and procedure used by many recognized platforms, such as DocuSign, HelloSign, tuRecibo, among others. Below, we provide all the details on the most important aspects of the electronic signature:
What is an electronic signature?
An electronic signature is a method used to authenticate the identity of a person or entity in the digital environment. It is used to sign electronic documents similarly to how one signs on paper, but digitally. The electronic signature can take different forms and levels of security.
What security does the electronic signature provide?
The Electronic Signature process we use at Humand consists of a hashing and encryption system that operates with a public key and, at the same time, a private key. This ensures authenticity (i.e., the signer is who they claim to be) and non-alteration (i.e., once signed, the document cannot be modified).
In this way, at Humand, we ensure that only the user accesses the personal document (e.g., pay stub) and, therefore, is the one who signs it. This process is guaranteed and carried out through a database. In this sense, the following paragraph applies only to data encryption that travels over the internet (ensuring no one modifies it in transit).
Is the electronic signature legally valid?
This type of signature has legal validity in different countries (Mexico, Argentina, the United States, Uruguay, Ecuador, Colombia, Spain).
Currently, publicly traded companies use Humand's electronic signature to sign pay stubs and other documents such as contracts or policies.
What makes an electronic signature valid?
From a legal standpoint, the electronic signature used at Humand is valid because it complies with the following guiding principles:
-
Functional Equivalence: The advanced electronic signature in an electronic document must satisfy the signature requirement in the same way as a handwritten signature on printed documents.
-
Authenticity: It must provide certainty that the data message was issued by the signer.
-
Integrity: It must provide certainty that the data message has not undergone any alteration after the moment of signing.
-
Technological Neutrality: The technology used for issuing the advanced electronic signature must not exclude, restrict, or favor a particular technology.
-
Confidentiality: It must ensure that the data message can only be encrypted by the signers.
-
Non-repudiation: It must guarantee that the signature corresponds to the signer, so that the issuer cannot deny their participation or authorship of the data message.
As electronic signature providers, we ensure compliance with applicable regulations, standards, and industry standards on digital transactions and electronic signature technology, including:
-
ISO 27001:2013
-
SOC 1 Type 2 and SOC 2 Type 2
-
PCI DSS
-
STAR