BLOG | VIDA DIGITAL IDENTITY

Digital Signatures, Guaranteed Authentication Current and Future

Written by VIDA | Jul 27, 2022 5:00:00 PM

During a training session entitled “Understanding Cyber ​​Law, Cyber ​​Crime, and Digital Forensic in the Indonesian Legal System” held by Hukumonline, Chairman of the Indonesia Cyber ​​Law Community (ICLC) Riki Arif Gunawan stated that the demand for digital signatures in electronic transactions is not a recent phenomenon in Indonesia.

 

The use of digital signatures is legally recognized under Law no. 11 of 2008 concerning Information and Electronic Transactions, as amended by Law no. 19 of 2016 (UU ITE).

 

Digital Signature Application

With the emergence of various digital services in Indonesia, people have naturally begun to seek new ways to simplify things across all sectors from banking administration to health. The rising popularity of digital signatures is one manifestation of this.

 

Digital signatures are proven to tick a number of boxes: they are practical, they save storage space, and they are more environmentally friendly, while retaining the guarantee of legality and document authenticity. Under Law no. 11 paragraph 1 of 2008, digital signatures have the same legal force as conventional signatures and are valid for use as long as they meet the specified requirements.

 
 

The Legal Power of Digital Signatures

 Article 11 paragraph (1) of Law Number 11 of 2008 concerning Information and Electronic Transactions (UU ITE) confirms that electronic hands have legal force and legal consequences as long as they meet six requirements, namely:
 
  • Digital-signature creation data relates only to the signatory;

  • The digital-signature creation data at the time of the digital-signing process is only in the hands of the signatory;

  • Any changes to the digital signature that occur after the time of signing are known;

  • Any changes to the electronic information related to the digital signature after the time of signing can be detected;

  • There are certain methods used to identify who the signatory is; and

  • There are certain ways to show that the signatory has given his/her consent to the associated electronic information.

 

Proof of Digital Signature Originality

Teguh Arifiyadi, Head of the Sub-Directorate for Investigation and Enforcement of the Ministry of Communications and Information Technology (Kominfo), explained how the originality of digital signatures could be proven in court.
 
There are two categories of digital signatures: certified and uncertified. A certified digital signature has the same status as an authentic deed. In this type of digital signature, judges,
 

plaintiffs, and defendants obtain information from the digital certificate-issuing institution regarding the validity of the digital signature. This information can be used as the basis for proving that the digital signature is authentic.

 
An uncertified digital signature must be proven through forensic digital tests. The test results will be stated in the form of a digital forensic test report on a system or file, or document being tested. A digital forensic expert can also be present at the trial to explain the digital forensic process if needed.
 

Digital Signature Security

 Referring to the risk of misuse of personal data for fraudulent online trading that is difficult to track, Arif said that digital signatures are a way to guarantee the authenticity of the parties identities. Unlike a handwritten signature, a digital signature also contains information that can be used as a means of verifying and authenticating digital identities.
 
Digital-signature service providers offer various options for verifying identities such as email verification, phone number, identity card, and biometric verification.
 

Digital signatures also have a multi-layered encryption key and password that only the user can access, so security and authenticity are guaranteed.

 

With multi-layered security and digital certificates in digital signatures, the authenticity of the signed documents cannot be repudiated, meaning their integrity can no longer be denied.

 

According to Chairman and Founder of the Indonesia Cyber ​​Security Forum (ICSF) Ardi Sutedja, a certified digital signature service can be a solution to identity fraud that results in material losses and reduces public confidence in digital financial services. 

 

Increase Work Productivity

Research conducted by Adobe found that a third of work time is spent doing repetitive work, such as managing documents, forms, contracts, invoices and so on.

 

In the midst of higher expectations by employees that technology can help improve efficiency and effectiveness, as many as 91% of respondents expressed an interest in using tools such as digital signatures, which can make tasks or work processes more efficient.

 

VIDA Supports the Transition Towards a Future Work Culture

 VIDA Founder and Group CEO, Niki Luhur stated that, “As a recognized Trust Service Provider (TSP) under the Adobe Approved Trust List (AATL), VIDA enables individuals and businesses to provide legally binding digital signatures quickly and securely. We stand ready to support the public's transition to the work culture of the future"
 

Internationally Licensed VIDA PSrE 

VIDA is a licensed Electronic Certificate Operator (PSrE), under the supervision of Kominfo, and is recognized in more than 40 countries. VIDA implements several world-class data protection standards, including Public Key Infrastructure, facial recognition, and endpoint security, to provide a comprehensive cybersecurity solution.

 
The selection of VIDA as the first PSrE in Indonesia on the Adobe Approved Trust List (AATL) demonstrates VIDA's ability to meet established security and technical standards and is widely accepted worldwide.
 

In addition, VIDA is the first PSrE in Indonesia to receive WebTrust global accreditation for the implementation of internet security standards by applying facial biometrics to verify and authenticate; VIDA also provides a strategic role as a trusted lawyer.

 

VIDA not only provides a sense of security when transacting digitally, but also helps users behave safely in the digital world. VIDA is a registered provider of Digital Financial Innovation (IKD), the e-KYC cluster within the Financial Services Authority (OJK), and is a provider of supporting technology in the Bank Indonesia Regulatory Sandbox.

 

How VIDA Digital Signatures Work

VIDA as the electronic certificate provider, issues a key pair (private key and public key) that is uniquely related to the legal subject.

 

The public key is known to anyone, while the private key is known only by the owner of the signature. The public key is listed in the electronic certificate, which is general in nature as proof of the signatory's identity.

 

The public key is attached to the electronic document that has been encrypted with the signer's private key. The electronic document reader system will automatically detect any change made to the electronic document and provide a notification.

 

VIDA digital signatures enable documents to be signed securely and easily when using commonly used software such as Adobe Sign, DocuSign and emSigner. This process is further streamlined with a cloud-based collaboration product between Adobe Sign and Microsoft, in Microsoft Teams.

 

Digital signatures use asymmetric cryptographic methods with public key infrastructure. Previously, both had unique characteristics, where information or an electronic document was encrypted by one key and could only be decrypted by the key partner.

 

Contact VIDA for more information about VIDA's digital-signature service.