Thanks to Brexit, there’s been no shortage of news about the European Union of late. What you may not have heard, however, is that an EU regulation is taking effect July 1 that aims to expand the use and reliability of electronic signatures, particularly within the EU. One of the purposes of the eIDAS regulation is to overcome conflicting laws among EU states and the lack of interoperability of electronic signatures among different service providers in order to facilitate their use in international commerce.
With the goal of simplifying compliance with this new regulation and of eventually helping to drive worldwide adoption of digital signatures, Adobe today announced the launch of the Cloud Signature Consortium, a group of industry and academic organizations coming together to build an open standard for cloud-based digital signatures across mobile and the web, so that anyone will be able to digitally sign documents from anywhere.
Why an open standard? Although the terms “electronic signature” and “digital signature” are often used interchangeably, the latter is actually a subset of the former. Digital signatures are a more secure form of e-signatures because they use certificate-based digital IDs backed by trusted certificate authorities.
The problem with digital signatures, however, is that their use is generally tied to the desktop because they require a physical device for authentication, such as a USB token or smart card, as well as special software. While there are also cloud-based approaches to digital signatures, they are proprietary to specific vendors and therefore cannot be used across platforms and devices.
Led by Adobe — which says it processes more than 6 billion digital and electronic signature transactions a year through Adobe Sign and Adobe Document Cloud — the consortium’s goal is to build an open and interoperable technical standard for cloud-based digital signatures. Having invented the PDF standard, Adobe has some experience in this area. It is joined in the consortium by a dozen EU-based cloud digital signature providers, trust services providers, academics, and standards and security focused organizations. It expects and welcomes others to join also.
They will focus first on developing a technical specification and then on the specification’s adoption and implementation. While the initial effort will center on the EU, the consortium expects the effort to impact all countries as the use of digital signatures continues to expand. The consortium expects to complete the standard specification by the end of the year with the first cloud-based implementations to follow soon after.
For more information, see: