Proof of electronic signature: what you need to know

Proof at the heart of electronic signature

Unlike paper, electronic signature carries its own proof. A set of elements is preserved to prove who signed, when, where and what content was signed.

This proof can be used in case of litigation before a court — often more solid than a handwritten signature.

Components of the proof

1. The audit trail

Time-stamped log of all actions: sending, opening (IP, user-agent), OTP entered, actual signature, possible refusal, expiration.

2. The cryptographic hash

SHA-256 hash of the document at the time of signature. Any modification produces a different hash — the signature becomes invalid.

3. The timestamp

Precise date and time, ideally issued by a qualified timestamp authority. See electronic timestamp.

4. Identification of the signer

Proof that the signer is indeed who they claim to be: email received, OTP entered, possible qualified certificate.

How to verify the proof

Open the PDF in Adobe Reader → Signature Properties. For in-depth analysis, export the audit trail from your platform. See how to verify a signed document.

When proof is useful

• Contract dispute (client disputes having signed)

• Internal or external audit

• Regulatory inspection (tax authorities, data protection)

• Labour court proceedings

• Judicial request

The audit trail is the main proof, enforceable once it is produced by an eIDAS-compliant platform.

Retention period

• 10 years for commercial contracts

• 5 years after end for employment contracts

• 30 years for notarial deeds

See retention of signed documents.

Mistakes to avoid

• Keeping only the PDF, not the audit trail

• Using a platform without qualified timestamp

• Not regularly verifying the integrity of archives

• Losing access credentials to the platform

Use case: labour court proceedings

An employee dismissed contests having signed their non-compete amendment. The employer produces: the PDF in PAdES format, the audit trail (IP consistent with home address, OTP entered on personal phone), the qualified timestamp. The labour court validates the proof.

How Certyneo helps you

Every envelope signed via Certyneo automatically generates a complete audit trail, integrated into the PDF and retained for 10 years. With one click you export the signed PDF, detailed audit trail and timestamp certificate.

Discover Certyneo's electronic signature solution

FAQ

Is the audit trail admissible in court?

Yes, recognised by French courts provided it is produced by an eIDAS-compliant platform.

Can I create my own audit trail?

Technically yes, but it will have less value than an audit trail produced by a trusted third party.

If the platform disappears?

PAdES PDFs remain verifiable offline. The audit trail should be exported regularly.

Can I export the proof in bulk?

Yes, most platforms offer CSV or JSON export.

Is the proof different for SES/AES/QES?

The structure is the same. QES carries stronger cryptographic elements.

Conclusion

Proof makes the difference between a signature "just like that" and a legally enforceable signature. Take care of its creation and retention.

Try Certyneo to send, sign and track your documents online simply, quickly and securely.