Electronic signatures are a digital representation of an individual’s agreement that is intended to be the equivalent of a “wet” signature. Electronic signatures encompass a set of methods that can be applied to a digital document to capture intent to sign, and consent to sign electronically. They do this by electronically gathering metadata related to all signing events, and creating an audit trail that is cryptographically sealed to ensure document authenticity, nonrepudiation and integrity of the electronically signed document. This audit trail may also contain various supporting evidence of the individuals signing the document, such as names, email addresses, identity proofing and authentication steps. Evidence details may vary with each product, but the audit trail provides evidence to support the legal value of the document. A digital signature (as it relates to document signing) is a type of electronic signature that, in addition to the requirements of an electronic signature, also requires that each signer sign the document with a digital certificate that is explicitly issued to them.
Gartner defines user authentication as the journey-time process that provides credence in a claim to an identity established for a person for access to digital assets. User authentication is delivered by some combination of (a) an authenticator, (b) signals evaluation and (c) an authentication decision point, which may be from different vendors. User authentication is used to provide credence in an identity claim for a person already known to an organization. The credence must be sufficient to bring account takeover (ATO) risks within the organization’s risk tolerance. User authentication is foundational to and protects the value of other functions with an organization’s identity fabric, namely: runtime authorization, especially segregation of duties (SOD); audit (individual accountability); and identity analytics.