Digital Signature and E-Signature

Digital Signature and Electronic signature (E-Sign) may be used interchangeably, to refer a signing tool for signer to sign on a softcopy. Signing is an action to infer that the signer has indeed, read, understand and agreed/approved to the content of a document. Traditionally, signing is done on a physical document or an object when the signer performs stokes on it, this includes fingerprint signing.

With the advancement of technology, signing today, can be performed digitally by affixing, name, mark and even drawing to the softcopy which we refer to Electronic Signature or Digital Signature. Although the purpose of both terms meant the same, however, they refer to very different mechanism in terms of framework, security and admissibility.

In Malaysia, Electronic Signature is governed by Electronic Commerce Act (ECA)[1] to refer any letter, character, number, sound or any other symbol or any combination thereof created in an electronic form adopted by a person as a signature. In another word, as long as an individual affixed his “name” on a PDF, that “name” would be regarded as an Electronic Signature. The main purpose of ECA is to recognize electronic messages in commercial transactions.

For an Electronic Signature to be admissible, the law requires that where a signature is required, and if the document is in the form of electronic message, an electronic signature must fulfill the following requirements:

  • Electronic signature is attached to or is logically associated with the electronic message;
  • Electronic signature adequately identifies the person and adequately indicates that the person’s approval of the information to which the signature relates; and
  • Electronic signature is as reliable as is appropriate given the purpose for which, and the circumstances in which the signature is required.

Subsection 2 also provides that an electronic signature is as reliable as is appropriate if

  • The means of creating the electronic signature is linked to and under the control of that person only;
  • Any alternation made to the electronic signature after the time of signing is detectable; and
  • Any alternation made to that document after the time of signing is detectable.

So long as the requirements laid down in Section 9 of the ECA is satisfied, then the requirements of the law on electronic signature is fulfilled. However, Section 10 of the ECA specifically provides that for documents which requires a seal to be affixed, such as Power of Attorney, Wills, Trust documents and Negotiable instrument (Bank Cheques), these documents were specifically mentioned under the Schedule of the Act, must not be admissible by Electronic Signature unless it is affixed by a digital signature as provided under the Digital Signature Act 1997.

Here, it clearly shows that our legislature distinguished electronic signature from digital signature.

On a technical standpoint, Digital Signature, an enhanced version of Electronic Signature, provides a higher threshold of security measures compared to an electronic signature. Unlike an Electronic Signature, where the true identity of the signer can easily be faked, for instance person A signed the signature of person B through impersonation, Digital Signature provides a higher level of profiling towards the identity of a signer.

The Malaysian legislation has also provided the definition of Digital Signature in Digital Signature Act 1997[2], which stated as the transformation (created using the private key that corresponds to the signer’s public key) of a message using an asymmetric cryptosystem such that a person having the initial message and the signer’s public key can be accurately determine whether the message has been altered since the transformation was made. The legislation has provided a much more technical definition to Digital Signature compared to Electronic Signature. In a simpler term Digital Signature is a mathematical scheme for verifying the authenticity of digital messages or documents, which includes the signer and sender.

However, Section 62 of the DSA provides a set of requirements for a document to be legally binding:

  • Digital Signature is verified by reference to the public key listed in a valid certificate issued by a licensed certification authority;
  • Digital signature was affixed by the signer with the intention of signing the message; and
  • Recipient has no knowledge or notice that the signer has
    • Breached a duty as a subscriber; or
    • Does not rightfully hold the private key used to affix the digital signature.

In Malaysia, there is only a few recognized Digital Signature options available which is certified and validatied by licensed certification authorities. They are:

  • Pos Digicert
  • MSC Trustgate
  • Telekom Applied Business
  • Rafcomm Tech

This would mean, documents signed by other foreign Digital Signing platform do not have the same legally binging effect since they do not have the appropriate license as the Certification Authority.

In summary, when Malaysian law mandates the use of a seal on a document, Section 10 of the ECA stipulates that a digital signature is the minimum requirement.

Before opting for either an electronic signature or a digital signature, parties should, especially when dealing with documents that traditionally require a seal, carefully consider the balance between:

(i) the convenience of electronically signing documents using e-signature tools, and

(ii) the legal risks associated with the potential challenges to the validity or compliance with statutory requirements of such e-signatures. If employing digital signatures in such cases proves to be overly complex or logistically challenging, opting for physical signatures on the document may still be a prudent choice.

[1] https://lom.agc.gov.my/ilims/upload/portal/akta/LOM/EN/Act%20658.pdf

[2] https://lom.agc.gov.my/ilims/upload/portal/akta/LOM/EN/Act%20562.pdf

Let LPP Law be Your Legal Advisors

Contact Us illustration
Drop us a message and let us better understand your needs. Get your first consultation within 24-hours, absolutely free of charge.

Leave a Comment

Your email address will not be published. Required fields are marked *

Share this article:

Want more content like this?

Drop us your email and be the first to know when we have more informative contents on the latest legal updates, just like this one.

A boutique corporate & commercial law firm in Kuala Lumpur.

FREE Legal Updates

Sign up for our newsletter to get the latest updates, happenings and goodies!
We don't spam, promise.

 © Copyright 2020, Lee & Poh Partnership

Responsibilities of Executor:

  • Apply for and extract the grant of probate.
  • Make arrangements for the funeral of the deceased.
  • Collect and make an accurate inventory of the deceased’s assets.
  • Settling the debts and obligations of the deceased.
  • Distributing the assets.

Note for Digital Executor:
If you wish to leave your digital assets to certain people in your Will, there are important steps that need to be taken to ensure that your wishes can be carried out:

  • Keep a note of specific instructions on how to access your username and password of your digital asset.
  • You are advised to store these private and confidential information in a USB stick, password management tool or write them down.
  • Please inform your executor or a trusted person of the whereabouts of the tools so that they will have access to your digital asset.