These days we transact electronically every day in our interactions with banks, government departments, and other organizations. We approve such transactions using our banking credentials or other recognized credentials such as SingPass. We “sign” documents using various e-signature tools or even by copying an image of our physical signature into a document. Are these different kinds of “digital signatures” legally recognized? The answer is "yes" if they meet certain requirements and don’t even have to look like a traditional signature. The legislation that makes this possible in Singapore is the Electronic Transactions Act (ETA).
The ETA is a legislative framework that governs electronic transactions and provides legal recognition and validity to electronic records and signatures in Singapore. Enacted in 1998 and amended several times since then, the ETA aims to facilitate electronic commerce and promote the use of electronic records and signatures by establishing a clear legal framework that ensures their enforceability and reliability.
In the context of the ETA, a secure electronic signature refers to a specific kind of electronic signature that meets the statutory requirements outlined in the Act. The ETA provides legal recognition to electronic records and signatures, so that they have the same legal effect as their paper-based counterparts, under certain conditions.
The actual language of the ETA is as follows: If, through the application of a specified security procedure, or a commercially reasonable security procedure agreed to by the parties involved, it can be verified that an electronic signature was, at the time it was made:
unique to the person using it;
capable of identifying such a person;
created in a manner or using a means under the sole control of the person using it; and
linked to the electronic record to which it relates in a manner such that if the record were changed the electronic signature would be invalidated, such a signature is treated as a secure electronic signature
In practice these translate as follows:
There must be a way to authenticate that only the relevant person is using his / her electronic signature
There must be a way to identify who that person is
Only that person must have access to the specific signature
Once signed, the signature can’t be changed
Together items 1 to 3 translate into a form of authentication that identifies and verifies that this is the person, which in IT terms usually means Multi-Factor Authentication (MFA) and is readily available. Electronic signatures have become a way of life for many of us in Singapore and its benefits are clear:
Authentication and Integrity: A secure electronic signature ensures that the signatory's identity is authenticated and that the integrity of the electronic record remains intact.
Legal Recognition: Electronic signatures that meet the requirements of the ETA are legally recognized and enforceable in Singapore courts. There are, however, specific situations where electronic signatures are not recognized.
Overall, the concept of a secure electronic signature under the Singapore ETA underscores the importance of using reliable authentication methods and maintaining the integrity of electronic transactions. By adhering to these standards, parties can confidently engage in electronic commerce and transactions while enjoying legal certainty and protection under Singapore law.
In the context of businesses that require an even more robust method of managing electronic transactions, there are enterprise-grade solutions readily available for use. For instance, Trusted Services (TSV) has its Board.Vision platform that not only complies with the requirements of a highly secure electronic signature management system but also provides a secure, trusted environment for conducting business on boards of directors. To find out more, go to TSV Digital Board Solutions
Contributed by: Ian Selbie, CISO Trusted Services Pte Ltd ianselbie@trustedservices.com.sg