Cryptography related word cloud on encryption and algorithms.

How Digital Signatures Enhance Document Security in California

ByCalNotaryClass.com Posted on Updated on

A digital signature is not the same as an electronic signature. An electronic signature can be as simple as typing your name or clicking “I agree.” A digital signature uses cryptography to verify who signed a document and confirm that the document has not been changed since. California recognizes digital signatures under the Uniform Electronic Transactions Act (Civil Code 1633 et seq.) and the federal ESIGN Act. Here is how the technology works and what it means for notaries.

How Digital Signatures Work

Public Key Infrastructure (PKI)

Digital signatures rely on a system called Public Key Infrastructure. PKI uses two keys: a private key and a public key.

  • Private key: Held only by the signer. Used to create the digital signature. If someone else gets your private key, they can forge your signature, so keeping it secure matters.
  • Public key: Available to anyone. Used to verify that a signature was created with the matching private key and that the document has not been altered.

These keys are mathematically linked. You cannot derive the private key from the public key. This is what makes the system secure. The math behind this involves factoring large prime numbers (RSA) or elliptic curve cryptography (ECC). Either way, the principle is the same: easy to verify, computationally infeasible to forge.

When you get a digital certificate, the CA verifies your identity and binds your public key to your name or organization. Anyone who receives your signed document can look up your public key through the CA and verify the signature without contacting you directly.

Creating a signature

  1. The signing software runs the document through a cryptographic algorithm using the private key.
  2. This produces a unique coded string, the digital signature.
  3. The signature is attached to the document.

Any change to the document after signing breaks the cryptographic link. This is how tampering is detected. Even changing a single character in a 200-page contract will cause verification to fail. The algorithm produces a hash (a fixed-length string) that is unique to the exact content of the document. Change one word and the hash is completely different.

Verifying a signature

When someone receives a digitally signed document, their software uses the signer’s public key to verify the signature. If the signature matches and the document has not changed, the verification passes. If anything was altered, it fails.

Digital Signatures vs. Electronic Signatures

  • Electronic signature: Any electronic method of indicating agreement. Typing your name, clicking a checkbox, or using a stylus on a screen all count.
  • Digital signature: A specific type of electronic signature that uses PKI cryptography to verify identity and document integrity.

All digital signatures are electronic signatures, but not all electronic signatures are digital signatures. Digital signatures provide a higher level of security and are the only type that can independently verify both the signer’s identity and the document’s integrity without relying on a platform’s logs.

Digital Signatures and California Notaries

California does not currently allow remote online notarization. Notaries perform all acts in person using physical seals and handwritten signatures. Digital signatures are used in California business transactions but are not part of the standard notarization process.

If California implements RON in the future, digital signatures and approved certification authorities will play a role. For now, notaries should understand the technology but do not need it for their daily work. Over 40 states currently allow RON; California is one of the holdouts. When it does adopt RON, notaries who already understand PKI and digital certificates will have a head start.

Benefits for Document Security

  • Forgery prevention: Only the holder of the private key can create a valid signature.
  • Tamper detection: Any change to the document after signing invalidates the signature.
  • Identity verification: The signature is linked to a certificate issued by a trusted Certificate Authority.
  • Legal recognition: Digital signatures that use approved CAs are recognized under California and federal law.

For more on how notaries help prevent fraud, see our related guide.

Common Algorithms Used

The most common algorithms for digital signatures are RSA (2048-bit or higher) and ECDSA (elliptic curve). RSA has been around longer and is widely supported. ECDSA produces smaller signatures with equivalent security, which matters for mobile and embedded systems. Both are considered secure when properly implemented.

Older algorithms like SHA-1 have been deprecated due to known vulnerabilities. Current best practice uses SHA-256 or SHA-384 for hashing. When you see a digital signature system advertised as “256-bit encrypted,” this usually refers to the hash algorithm or key length.

Practical Uses in California

Digital signatures show up in real estate transactions, court filings, corporate document execution, and government submissions. Title companies use them for deed transfers. Law firms use them for court filings accepted electronically. The California courts system accepts digitally signed documents in eFiling, provided the signatures meet technical requirements.

For businesses that sign high volumes of contracts (real estate brokerages, property management companies, financial institutions), digital signatures reduce turnaround time from days to minutes. A loan closing package that used to require physical delivery can now be signed and verified in a single session.

Frequently Asked Questions

Is a digital signature the same as an electronic signature?

No. An electronic signature is any electronic method of signing. A digital signature uses cryptography to verify identity and document integrity. Digital signatures are a more secure type of electronic signature.

Can California notaries use digital signatures?

Not for notarizations. California requires in-person notarization with physical seals. Digital signatures may become relevant if the state implements remote online notarization in the future.

How do I know if a digital signature is valid?

Your software checks the signature against the signer’s public key and the Certificate Authority that issued the certificate. If both match and the document has not been altered, the signature is valid.

What happens if someone steals my private key?

They can forge signatures in your name. Report the compromise to your Certificate Authority immediately so they can revoke the certificate.

Are digital signatures legally binding in California?

Yes, when used with an approved Certificate Authority. Both California law and the federal ESIGN Act recognize properly executed digital signatures as legally binding.

Similar Posts