Proof of electronic signature: what you need to know

Proof at the heart of electronic signature

Unlike paper, electronic signature carries its own proof. A set of elements is retained to prove who signed, when, from where and on what content.

This proof can be relied upon in case of dispute before a court — often more solid than a handwritten signature.

The components of proof

1. The audit trail

Time-stamped log of all actions: sending, opening (IP, user-agent), OTP entered, effective signature, possible refusal, expiration.

2. The cryptographic hash

SHA-256 hash of the document at the time of signing. Any modification produces a different hash — the signature becomes invalid.

3. The timestamp

Precise date and time, ideally issued by a qualified timestamping authority. See electronic timestamping.

4. Identification of the signatory

Proof that the signatory is indeed who they claim to be: email received, OTP entered, possible qualified certificate.

How to verify the proof

Open the PDF in Adobe Reader → Signature Properties. For in-depth analysis, export the audit trail from your platform. See how to verify a signed document.

When proof is useful

• Contract dispute (client claims not to have signed)

• Internal or external audit

• Regulatory check (URSSAF, CNIL)

• Labour court proceedings

• Court request

The audit trail is the main proof, enforceable once produced by an eIDAS-compliant platform.

Retention period

• 10 years for commercial contracts

• 5 years after termination for employment contracts

• 30 years for notarial deeds

See retention of signed documents.

Mistakes to avoid

• Keeping only the PDF, not the audit trail

• Using a platform without qualified timestamping

• Failing to regularly verify the integrity of archives

• Losing access credentials to the platform

Use case: labour court proceedings

A dismissed employee contests having signed their non-compete amendment. The employer produces: the PDF in PAdES format, the audit trail (IP consistent with their home address, OTP entered on their personal phone), the qualified timestamp. The labour court validates the proof.

How Certyneo helps you

Every envelope signed via Certyneo automatically generates a complete audit trail, integrated into the PDF and retained for 10 years. With one click you export the signed PDF, the detailed audit trail and the timestamping certificate.

Discover the Certyneo electronic signature solution

FAQ

Is the audit trail admissible in court?

Yes, recognised by French courts provided it is produced by an eIDAS-compliant platform.

Can I create my own audit trail?

Technically yes, but it will have less value than a trail produced by a trusted third party.

If the platform disappears?

PAdES PDFs remain verifiable offline. The audit trail should be exported regularly.

Can I export the proof in bulk?

Yes, most platforms offer CSV or JSON export.

Is the proof different for SES/AES/QES?

The structure is the same. QES carries stronger cryptographic elements.

Conclusion

Proof makes the difference between a signature "just like that" and a legally enforceable signature. Take care in its creation and retention.

Try Certyneo to send, sign and track your documents online simply, quickly and securely.