How do you prove you're you when signing a document?


Last time we left off with a cliff-hanger of a question:

How do you prove you're you when signing a document?

There are several ways I've seen that the 3rd party providers prove that it's you who's signed the document:

  1. You clicked a link from an email.
  2. You paid for the service with a credit card.
  3. You provided some government issued photo ID.
  4. Someone, such as a notorized public or your HR department, has verified it's you in person.

Obviously these are very different levels of assurance. Then there's the level of control you have over the signature - can anyone with access to an email just sign? Or do you have to log in to the service with a password? Or perhaps you need some kind of card or device to use the signature?

As you might expect, there are standards that dictate the identity and security requirements behind different levels of electronic signatures - most prominently the Advanced Electronic Signatures (AdES) and Qualified electronic Signatures (QES) that have been adopted in the European Union.

AdES guarantees that there's been identity verification, whereas QES add stringent requirements for, among other things, a qualified certificate and a device, such as a USB token, that you use to sign documents.

Until next time, thanks for reading!

– Brendan

p.s. Enjoy this message? Read more at the Hyland Quality Systems website.

The Daily HaiQu

I'm Brendan Hyland. I help regulated facilities transform their software, spreadsheets, workflows and documents from time-consuming, deviation-invoking, regulatory burdens, to the competitive advantage they were meant to be. Join me every week as we take a few minutes to explore, design, test and improve the critical systems we use in our facilities.

Read more from The Daily HaiQu
A reporter interviews a smiling man holding a book.

I’ve seen several quality leaders complain this week about their disappointment with generative AI - they’re not getting the results they expected. And I understand why - context is king! If you just ask AI to write a procedure or generate a quality document, you’ll get generic, mediocre output. Without enough context, AI can only produce something generic based on its training data. But how do you give it that context? By the time you’ve gone back and forth trying to “engineer the prompt” to...

I'm presenting!

I'm excited to be presenting at the 2025 SQA Annual Meeting next week - "Is it the Right Tool for the Job? How QA and Regulatory Professionals can Guide Software Decisions in Regulated Environments" As our familiar software tools become more feature-laden and generalized, it's critical to ensure that software meets clear use cases and basic user requirements. And with generative AI being shoehorned into every platform, defining if and how software is appropriate for the intended use has never...

There are several levels of 'signatures' that you can apply to an electronic document. The first and most basic is just an image of your written signature. One common option for this is to print the document, sign and scan it back in again. A more convenient version is to have an image of your signature saved that you can paste into documents. This is what many free versions of pdf software and word processors offer as a basic document signing option - a 'stamp' of your saved signature image....