How to Securely Sign Digital Documents

Stephen Davidson

As digital transformation and remote work have increased the need for digital communications and transactions, individuals, teams and organizations have increasingly relied on digital document signing. Digital document signing provides a validated identity of signers building trust between parties, adds security to digital and online document communications and transactions, and creates an audit trail, eliminating the need for handwritten signatures. But it’s a rapidly advancing technology, and the laws and regulations in many countries are still evolving to provide the legal equivalence for digital document signing versus old paper methods. When it comes to how to electronically sign documents, we’ve prepared a guide so you can take advantage of this technology while retaining the legal validity of your electronic transactions.

How to create an electronic signature

Depending on your country, an electronic signature can include anything from a photocopy of a handwritten signature, to a typed or drawn signature, to clicking the “I accept” button. These types of signatures can be easily added to most electronic documents, including Word documents and PDFs. But they can also be easily copied or spoofed, leading to legal uncertainty in the event of a dispute. However, there is an option for even more security: digital signatures. Digital signatures are electronic signatures that use Public Key Infrastructure (PKI) technology to ensure that a document cannot be changed without invalidating the signature. By choosing digital signatures, companies benefit from a document signing solution that provides authentication of the signer, data integrity surrounding the document, and auditability.

Take a look at the different types of electronic signatures and when to use them in another post.

How to legally sign a document electronically

Legal requirements for document signing vary by region and country. Some countries have minimalist laws that allow e-signatures to be enforceable in virtually every case, with very few exceptions. Other countries have prescriptive laws in which there are specific rules about how you can create and sign agreements online. Finally, some countries have a combination of both minimalist and prescriptive laws. In the United States, requirements for a legally signed electronic document are found in the federal E-Sign Act or state implementations of the Uniform Electronic Transactions Act (UETA), and in Europe it’s the eIDAS Regulation.

Check out a previous blog for more details about legal requirements for e-signatures by country. However, to ensure a signature is legally binding, digital signatures are more secure and in some cases are required.

How to digitally sign a document

An electronic signature (or e-signature) could include typing your name, clicking a checkbox or adding an image of your signature. In some countries, these basic signatures are legally valid, depending on the agreement of the parties to the signature. In the event of a dispute, however, it is often up to the signer to prove that the signature is valid.

The security of the digital signature makes this proof easier to establish. A digital signature is an encrypted hash of a message that can be decrypted by anyone who has a copy of your public key, so your signature cannot be copied onto other documents. It also includes the verified identity of the signer. Thus, the best way to electronically sign a document will depend on what level of security and legal requirements you need to meet.

Digital signatures are created using a digital certificate that includes the verified identity information of the signer. Certificate Authorities (CAs), like DigiCert, validate the identity of the signer before they issue the digital certificate to the signer. After the digital signature is applied to a document, if any aspect of that document is tampered with, the signature will be broken or invalidated. The signature reassures the receiver that the integrity of the document is still intact, while embedding information about the signer and the time of signature.

The most secure way to sign a document is through a trustworthy cloud-based solution that safeguards the signer’s private keys and safely performs encryption and decryption of documents.

Simplify with document signing software

Document signing services can support remote identity proofing to easily register large signing groups and have the workflows to automate diverse signing needs and large volumes of signatures or documents, without additional hardware investment by an enterprise. Organizations can deploy secure, legally binding digital document signing anywhere, any time and on any device with document signing service.

As the global leader in PKI, DigiCert has developed Document Trust Manager, an easy all-in-one solution for secure digital document signing. By using Document Trust Manager, you can rollout faster using a trusted digital signature solution that offers a signing solution for your use case, no matter where you are in the world.

Document Trust Manager enables digital signatures that are compliant with stringent global standards, including EU eIDAS (Qualified and Advanced), Swiss ZertES (Qualified and Regulated), and the technical requirements of the Adobe Approved Trust List (AATL). Plus, as a cloud solution, there is no need to invest in hardware.

We also make it easy to manage, automate and monitor digital signatures with Document Trust Manager. Document Trust Manager can create and automate signing for either natural persons (electronic signatures) and legal persons (electronic seals). In addition to our own workflows, we can integrate with other signing platforms (such as Adobe Acrobat Sign) using the Cloud Signature Consortium specification.

Find out more at Document Trust Manager, or email docsigning@digicert.com to get started today.


3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min

Featured Stories


Pioneering the next wave of secure digital solutions 


4 best practices for bulk email senders



Driving digital trust with SOC 2-compliant DNS