Electronic Signature

The Top 5 Myths about Cloud-Based Digital Signatures

A lot of people do business on the Internet via smartphones and tablets. They often have to manage documents that are part of high-value, high-risk, or strictly regulated business processes. Cloud-based technologies for mobile devices are the best choice for a fast and seamless workflow. Therefore, entrepreneurs need simple and secure ways to protect and manage documents in the cloud. Cloud-based digital signature complies with the strictest requirements of the eIDAS, the Regulation comprising types of electronic signatures and trusted services. It also allows signing documents with the highest level of reliability.

However, for most people, cloud-based solutions do not seem to be a secure option. They still prefer to store signing keys using USB tokens. There are several myths about cloud-based digital signatures. Let's take a closer look at some of them.

Myth 01: Cloud-based digital signatures are not secure enough because there is a risk of cloud hacking

Special hardware provides a high degree of protection. The certificate keystore should be securely protected by tamper detection sensors, a trusted operating system, and secure audit mechanisms and connection control. User keys are stored encrypted. Believe it; nothing will happen to your digital signature and keys in the cloud.

Myth 02. A digital signature does not give documents any legal status

Electronic signatures are legally valid and evidence-based in industrialized countries around the world. Although the requirements may differ depending on the region, industry, and business process.

In most cases, for electronic signing, a simple verification of the identity is sufficient - by email, confirmation with a one-time password, etc.

Though, sometimes a more secure and advanced level of assurance is required. In this case, you need to use a digital signature.

Digital signatures are the most secure type of signatures. In the European Union, such signatures get the legal status of a handwritten signature. Since signing in the cloud is similar to a common signing process using a token, a cloud-based digital signature has the same level of legal significance.

Myth 03. Cloud-based signatures are unreliable because the server can crash at any time

The hardware used for remote operations with electronic signatures and for storing keys is highly fault-tolerant. If any component of the system fails, it is automatically replaced by a backup one, without interruptions in operation or the participation of maintenance personnel. For load balancing a server software is used. It evenly distributes requests across multiple servers.

Myth 4. Cloud signing is inconvenient because you need a constant Internet connection

That is partially true. However, the cloud-based digital signature has a lot of advantages over the digital signatures stored on tokens. USB tokens can be lost or broken. One needs a desktop computer to use them. Whereas you can sign remotely in the cloud using the digital signature. You can even sign a document from your phone, as long as there is the Internet.

Myth 05: Cloud storage is expensive

Not at all. A cloud-based qualified digital signature will cost less than a hardware token containing a digital signature certificate since there is no need to purchase a USB token driver. In addition, you can issue a conditionally unlimited number of keys and certificates while using cloud storage. If the company needs to organize an electronic workflow and provide each employee a USB token for the digital signature certificate, cloud-based service is the best option.