Over the past several years, digital signatures have replaced “wet” paper in different educational institutions. A, for example, reveals that of K-12 schools are converting some of their paper forms to electronic equivalents, citing “” as the prime driver behind this change. Although electronic signatures can provide several advantages over paper ones, such as tighter document signing security and enhanced identity verification, it’s important to know that not all e-signatures are equal.
Different types of electronic signatures each provide their own balance between affordability and risk mitigation.
There are three different types of electronic signatures: simple e-signatures (SESs), advanced e-signatures (AdESs), and qualified e-signatures (QESs).
They have different usage and each is best suited for different scenarios and requirements, so their various use cases must be explained.
Simple e-signatures (SESs), as their name suggests, are the easiest to implement. But due to the fact that they don’t include any identity verification, they’re best limited to use cases like attendance sheets and other basic forms.
However, advanced e-signatures (AdESs) provide a somewhat higher level of verification — while even more secure qualified e-signatures (QESs) include built-in third-party identity assurance that makes them legally binding, but which may not be necessary for everyday document signing.
When to use each type of electronic signing? It depends on your institution’s decision framework for document workflows — and the ideal balance of cost versus risk tolerance in various signing scenarios.
Let’s take a closer look at these three digital signature types and see examples of when and where educators are finding each one most helpful.
Simple e-signatures provide little or no authentication at minimal or no cost
Simple e-signature (SES) is mostly used these days. It can be applied to a document by anyone who opens it — often with a single click or a few strokes of a mouse or fingertip.
Like the “wet” paper signatures of earlier decades, an SES doesn’t include any verification that the signer is who they say they are, or even that they intended to sign the document in question.
That electronic signatures are extremely cheap and easy to implement is the key reason for being widespread.
Most apps that can open a PDF now come with built-in SE functionality, while numerous websites enable users to apply SESs to digital documents for free. The wide availability and affordability of SESs can make them useful for low-stakes use cases like signing classroom and field trip attendance forms.
Still, SESs’ simplicity means they suffer from many of the same vulnerabilities as traditional paper-and-ink signatures. Just as some students of yesteryear learned to fake their parents’ signatures on absence slips and grade cards, anyone who can open a document and imitate another person’s signature can easily forge an SES.
Even if users are required to sign in to apply an SES, anyone with access to that user account can simply sign in and apply someone else’s SES to any document they open.
For all these reasons, SESs are not legally binding. They provide little or no protection against fraud — or even against simple misunderstandings, such as a student accidentally applying another student’s SES to a document while signed into the wrong user account on a shared device.
However, they’re so easy and affordable to implement that many educational institutions use them across a variety of low-security signing scenarios.
Advanced e-signatures are linked to specific signers, but can still be vulnerable to fraud.
The next step up from an SES is an advanced e-signature (AdES), which is clearly and uniquely linked to a specific signer in a way that’s under that signer’s sole control and enables the signer to be formally identified.
Most AdES providers aim to ensure this higher level of authentication by means of a digital certificate, which (ideally, at least) is linked to a piece of personal info like a phone number or student ID, or to a particular device.
Though advanced electronic signatures tend to be more expensive and complex to implement than SESs are, many institutions yet consider this a fair tradeoff for the tighter security they provide.
In case some degree of identity verification is desirable AdESs are ideally suited, but where full-fledged legally binding identity assurance isn’t necessary.
For example, they may come in handy for administrative documents like class add/drop forms, and for signatures on non-binding agreements like volunteer sheets.
However, it’s essential to remember that an AdES is only as secure as the verification method(s) it uses. For example, many AdES providers allow users to sign with their own self- created certificates — which means you’re still effectively taking the signer’s word that they are who they say they are.
While being protected against many simple forms of fraud, AdES is not secure enough for legal contracts and other formal agreements.
Qualified e-signatures include third-party authentication, making them legally binding
Qualified e-signature (QES) is the most secure type of digital signature, but it requires the signer’s identity in order to be verified by multiple third-party trust service providers (TSPs).
In AdobeAcrobat Sign, for example, users can use cloud signatures backed by the Cloud Signature Consortium (CSC) standard, in which TSP experts authenticate each signer’s identity via a mobile app, a username/password combo, and/or a video call where the signer must present a driver’s license or other government ID.
This multi-factor authentication process creates a unique audit trail attached to every qualified electronic signature. (Adobe Acrobat even enables you to view the audit trail for a QES by clicking on that signature’s properties in a digital document.)
Each QES’s audit trail makes it legally equivalent to a handwritten signature, which means most jurisdictions consider a QES to be legally binding on most types of written agreements.
The ironclad identity assurance built into QESs makes them ideally suited for vendor contracts, tuition agreements, and other formal documents that might need to hold up in a court of law.
In use cases like these, the TSP verification process provides effective risk mitigation by authenticating each signer’s identity, verifying their intent to sign, establishing their consent to do business electronically, and proving that they did in fact sign the document in question.
As your institution weighs the risks and affordability of these three e-signature types, it’s worth remembering that this isn’t an all-or-nothing decision.
QESs are used by many institutions for high-stakes documents, AdESs are used for administrative forms and SESs are reserved for everyday attendance sheets.
You’ll derive the most benefit from each type of e-signature by considering what type of security is necessary for each use case — and which document workflow will make the signing process as seamless as possible within those requirements.
To discover how easy it is for your school to create legally binding electronic documents with Adobe Acrobat Sign, check out this free webinar, Demystifying E-signatures.
And to explore how Adobe technology can power your school’s digital transformation journey, visit Education Resource Hub for handy step-by-step guides.