Digital Signatures

“a digital Signature is a code that is generated with public key encryption. This uses the certificate identifying the signee in conjunction with a summary of the document. These are then cryptographically computed as a code (the signature) and assembled back into the document. Authentication is via the same public key encryption, and is typically automated when the document is digitally viewed”

How it works

Flaws with eSignature Type Legacy Systems

Identity

of signee cannot be easily and independently identified

Integrity

of the document cannot be validated (unchanged) from the time after it was signed by the signee

Accounts / Credentials

are required for access to sign (complexity and inconvenience)

Uncertainty or Low Confidence

of correctness of document (limited access when signing)

Storage of Signatures and Documents

(cyber security breach risks)

Trust

Tamper proof and Fraud resistant

Any modification on the document will render the signature invalid.
Any signature on a modified document will seal the proof of the modification.

Validation is self-contained in the document

Identity Authentication (the person who signed)
Document Integrity (the document has not changed)

National Digital Identities are already provisioned

Your certificate of Identity is in your singpass app
Signing of any document is done within your singpass app.

Digital Signatures differ from eSign type signatures in that they don’t use email or phones numbers or images as a forms of identification. No passwords or accounts are required either. The issuance of a National Digital Identity from the government, along with the mechanisms and infastructure to support this security, is all that is required.

FAQs

What are Digital Signatures?

For PDF files, the Digital Signatures are embedded in the document (PDF) and usually have a visual representation as an annotation on the document. When opening a PDF, these are automatically authenticated to validate the Identity of the signee (who signed), and the Integrity of the document (not altered). This can also be manually authenticated when the PDF is opened.

These types of signatures are not identified by email or phone numbers or third parties, rather by issued National Digital Identities from the government. The validation mechanism does not require a third party, and is already built into the national digital identity framework provisioned and managed by the government.

Where can I get Digital Signatures?

If you have the singpass app, your National Digital Identity is already there, and this will allow you to sign documents.

How is the Digital Signature applied?

It is created uniquely for each document you choose to sign. The signature is generated on your device after you scan the QRCode, and this is then securely enciphered and placed back inside the document.

Why does the Digital Signature not look like my signature?

The signature annotation you see placed on the document is just an image representing the details of the embedded digital signature. This image is just a view provisioned by singpass to indicate the document is digitally signed using singpass.

How do I know the Digital Signature is valid?

Just open the document in Adobe Acrobat Reader, and it will automatically validate any and all signatures on the document. You can click on each signature image, and validate individually if needed.