The Electronic Transactions Act (ETA) was established to provide the legal foundation for electronic transactions in Singapore. The Infocomm Media Development Authority (IMDA) is the authority tasked with establishing regulatory frameworks for electronic commerce. Some key questions are raised below that can help us better understand the legality of electronic signatures in Singapore.
What is an electronic signature?
IMDA states that an electronic signature is a record of a person’s intention or consent, similar to a wet-ink signature, and can take the following forms:
-
A scanned image of a physical signature
-
A signature drawn on an electronic device
-
Clicking to agree on an online form
-
Clicking to sign on an online signature platform
Netrust’s electronic signature platform, nSignHub, allows signers to sign electronically by typing their name in text, drawing their signature with a mouse or stylus, or uploading a scanned image of their physical signature.
Are electronic signatures accepted in Singapore?
Under the ETA, electronic signatures are given the same legal effect as wet-ink signatures, provided that a method exists to identify the signer’s identity and the signer’s intention in respect of the information contained in the document.
The method used has to either be:
- as reliable as appropriate for the purpose for which the document was generated or communicated, in the light of all the circumstances, including any relevant agreement; or
- proven in fact to have identified the signer and captured the intention of the signer in the document or together with further evidence.
nSignHub identifies the signer minimally through the signer’s email address, device IP address and timestamp of when the signature is placed. These details are captured in a secure workflow evidence report which can be downloaded along with the signed document. Additional authentication methods can be used such as a one-time password (OTP) or SMS OTP.
nSignHub secures the signed document by digitally sealing the document with a digital witness certificate at the time of signing to prevent tampering of the signed document.
For high value contracts, it is recommended to obtain a higher level of assurance on the authenticity and integrity of the electronic signature. This can be achieved through a secure electronic signature.
What is a secure electronic signature?
Under the ETA Section 19 Sub 2, a secure electronic signature is given legal presumption in the court of law and shall be presumed that:
- the secure electronic signature is the signature of the person to whom it correlates; and
- the secure electronic signature was affixed by that person with the intention of signing or approving the electronic record.
What this means is that when there is a dispute, judges will presume that the secure electronic signature is authentic and has integrity until proven otherwise by the other party.
An electronic signature can only be considered “secure” if applied through a specified security procedure, and can be verified that at the time of signing the electronic signature was:
- unique to the person using it;
- capable of identifying such person;
- created in a manner or using a means under the sole control of the person using it; and
- linked to the electronic record to which it relates in a manner such that if the record was changed the electronic signature would be invalidated
The Second Schedule of the ETA specifies digital signatures as the only specified security procedure.
A digital signature uses a set of mathematical techniques (public-key cryptography and cryptographic hash function) to create an electronic signature that can be digitally validated to prove the authenticity and integrity of the electronic contract.
However, not any digital signature can be considered a secure electronic signature. A digital signature must meet the following criteria to be treated as a secure electronic signature:
- the digital signature was created during the operational period (i.e. not expired) of a valid certificate (i.e. not revoked) and is verified by reference to the public key listed in such certificate; and
- the certificate (which indicates the signer’s identity) is considered trustworthy, as —
- the certificate was issued by an accredited certification authority in Singapore;
- the certificate was issued by a recognized certification authority;
- the certificate was issued by a public agency approved by the Minister to act as a certification authority; or
- the parties have expressly agreed between themselves (sender and recipient) to use digital signatures as a security procedure, and the digital signature was properly verified by reference to the sender’s public key
Netrust is the only accredited certificate authority in Singapore since 2001. Hence, a digital signature applied using a Netrust issued digital certificate can be considered a secure electronic signature. nSignHub, an electronic signature platform, can leverage on Netrust certificates to apply secure electronic signatures.
Are there exclusions to the use of electronic signatures?
The First Schedule of the ETA specifies matters excluded from the ETA, namely:
- The creation or execution of a will
- The creation, performance or enforcement of an indenture, declaration of trust or power of attorney, with the exception of implied, constructive and resulting trusts
- Any contract for the sale or other disposition of immovable property, or any interest in such property
- The conveyance of immovable property or the transfer of any interest in immovable property
Electronic signatures will not be recognized in such documents.
These exclusions may change in the future. In fact, in March this year, the ETA was amended to remove the exclusion on transferable documents or instruments such as bill of ladings which are key documents for international trade.
Should you have any further queries regarding Netrust Digital Signing Solutions, do contact our sales team at sales@netrust.net.