What Is a Digital Signature? How PKI-Based Signatures Work in the Philippines

A digital signature is a specific type of electronic signature that uses Public Key Infrastructure (PKI) and cryptographic algorithms to verify the signer’s identity and ensure that a document has not been tampered with after signing. It provides the highest level of security, authentication, and non-repudiation among signature types.

How Digital Signatures Work

Digital signatures rely on asymmetric cryptography – a mathematical process using two related keys:

The Signing Process

1. Hash creation – A cryptographic hash function creates a unique “fingerprint” (hash value) of the document
2. Encryption – The signer’s private key encrypts the hash, creating the digital signature
3. Attachment – The encrypted hash is attached to the document along with the signer’s digital certificate

The Verification Process

1. Decryption – The recipient uses the signer’s public key to decrypt the signature
2. Hash comparison – The decrypted hash is compared to a fresh hash of the received document
3. Validation – If the hashes match, the document is authentic and unaltered; if they don’t match, the document has been tampered with

This process ensures three things:

• Authentication – The document came from the claimed signer
• Integrity – The document has not been altered since signing
• Non-repudiation – The signer cannot deny having signed the document

For a deeper technical explanation, see our article on how advanced cryptographic technology prevents document fraud.

Digital Signature vs. Electronic Signature

Key takeaway: All digital signatures are electronic signatures, but not all electronic signatures are digital signatures. For a complete comparison, see the difference between digital and electronic signatures.

Legal Basis in the Philippines

Digital signatures are recognized under RA 8792 (the Electronic Commerce Act). Under the law and its implementing rules:

• Digital signatures using PKI receive a stronger presumption of validity than simple electronic signatures
• The signer is presumed to have intended to authenticate the document
• Any alteration to the document after signing is detectable, which strengthens evidentiary weight under the Rules on Electronic Evidence

In the context of e-notarization, A.M. No. 24-10-14-SC requires that electronic notarial acts use secure electronic signatures – making digital signatures the preferred method for notarized documents.

Use Cases

Digital signatures are recommended for documents that require the highest level of security and legal enforceability:

• Notarized documents – E-notarization uses digital signatures for both the principal and the ENP
• Court filings – Making digital signatures court-ready requires PKI-level security
• Financial transactions – Bank and investment documents, budget sign-offs
• Corporate governance – Board resolutions, secretary’s certificates, and SEC filings
• Government submissions – Regulatory filings and compliance documents
• High-value contracts – Agreements where dispute mitigation is critical

Digital Certificates

A digital signature requires a digital certificate – an electronic credential issued by a Certificate Authority (CA) that binds a person’s identity to their public key. The certificate contains:

• The signer’s name and identifying information
• The signer’s public key
• The issuing Certificate Authority’s name
• The certificate’s validity period
• The CA’s digital signature (proving the certificate is authentic)

In the Philippines, digital certificates for use in legal and government contexts should come from accredited or recognized certificate authorities.

Related Terms

• Electronic Signature
• Public Key Infrastructure (PKI)
• Document Audit Trail
• E-Notarization
• Electronic Notarial Seal

NotarialOS uses PKI-based digital signatures to ensure that every document signed and notarized on the platform is cryptographically secure, legally valid, and tamper-proof.