In this digital era, security of information and personal data is critical in both our personal and working lives. According to a report by kompas.com, the Financial Services Authority (OJK) predicts that digital signatures will become a growing trend over the next few years. This is in light of the decision by many financial platforms to require digital verification for every digital agreement or transaction and digitally signing documents.
A digital signature differs from a regular digital signature in that it is legally binding. Read more in the following article.
Legally Legal and Certified Digital Signature
The use of digital signatures is governed by Law no. 11 of 2008 concerning Information and Electronic Transactions (ITE), which stipulates the following legal requirements.
Digital Signature Legal Terms
The digital-signature creation data must be known only to the signature owner.
The digital-signature data created during the digital signing process must be solely in the power of the signatory.
Any changes that occur after the creation of a digital signature can be detected.
Any changes to digital information related to the digital signature can also be detected.
There are certain methods used to identify who the signatory is.
There are certain ways of showing that the signatory has given consent to the relevant digital information.
Legal Basis for Digital Signatures
There are several other regulations relating to the legality and validity of digital signatures in the eyes of the law and courts, namely:
1. Government Regulation (PP) No. 82 of 2012 concerning the Implementation of Electronic Systems and Transactions
This government regulation, now over ten years old, is the regulation that recognizes the legality of digital signatures, even more than 10 years ago.
2. Law Number 19 of 2016 concerning Information and Electronic Transactions Article 1
This law contains amendments to the 2008 law that regulates electronic transactions, electronic certificates and electronic-certificate providers in more detail. This law is the legal basis for the application of digital signatures in Indonesia today, and also mentions the definition of digital signatures as proof of verification and authentication.
Legal Digital Signature
In practice, digital signatures must be able to meet consumer-protection principles consisting of interrelated parties, namely the Certification Authority (CA) and the Subscriber.
The Certification Authority (CA) is the agency that issues the official digital certificate. This could be a certificate consisting of agencies, companies or individuals. The CA is responsible for storing information and is provided with a Certification Practice Statement (CPS).
Subscriber is a term for users who use digital-signature services. Subscribers have the right to get protection in the realm of their identity and privacy.
Authorization Authentication: The Principle of Non-Repudiation
The legal power of digital signatures lies in the principle of non-repudiation so that they have legal validity, and the digital signature complies with applicable Indonesian law.
What is the principle of non-repudiation?
The principle of non-repudiation is a principle that is binding on the signatory such that in the event of a dispute, the digital signature cannot be denied for reasons such as the signature not being recognized or the signatory not recognizing the signature.
The principle of non-repudiation is applied to certified digital signatures carried out by the Electronic Certificate Operator (PSrE) as follows:
The signatory parties must have a clear identity included within the digital signature to avoid any future misunderstanding.
The genuineness and validity of signatory parties must be authenticated.
Authentication and authorization are carried out by identifying the identity of the user. User identity is verified by comparison with previously stored records or information.
There must be tangible evidence from the signatory parties. For digital signatures, evidence is in the form of an encryption code owned by the signatory party with certain access permissions. The result is an electronic certificate that can be proven in court.
Entrust Your Digital Signature to VIDA
To support the validity of digital signatures, trust vendors who provide digital signature services that have been certified. VIDA is the main Electronic Certificate Operator (PSrE) which issues digital signatures officially and is registered with the Ministry of Communication and Information of the Republic of Indonesia. As a PSrE, VIDA offers an easy and secure digital-signature solution through its VIDA Sign solution.
VIDA Sign is a digital signature application issued by VIDA, to make it easier for customers to digitally sign safely and comfortably. Signatures created using VIDA Sign are secured by user biometric verification. Vida Sign uses pre-signing activity detection to minimize the potential for identity fraud so that customers' digital identities are protected.
VIDA is available in the form of an application to enable easy digital signing anywhere and anytime. Please contact our team for more information. We are ready to help you find the right solution for your needs.