Electronic Signature 101 Copyright © 2005, Idea Group Inc. Copying or distributing in print or electronic forms without written permission of Idea Group Inc. is prohibited. • Globalization: E-Business goes to the future of the Internet worldwide, and it’s clear that some of greatest impact of information-communications systems will be in developing global E-Business, marketplaces and alliances. Currently and in nearly future, the critical technologies for E-Business environment are: • Embedded computing, • Wireless technology, • Intelligent agents, • Open and transparent communications infrastructure, • Simulation and data visualization. These constraints reshaped management challenges for most of the subjects acting within the digital economy. New technologies of data visualization, simulation tech- niques and broadband telecommunications platforms will become important E-Business tools (Volti, 2001). E-mail, networked groupwork and intelligent agents will rise in use among all organizations, improving communication and logistical coordination through an e-logistic environment. Under these terms exists a new generation of employees and customers who will use information technology and the Internet as part of growing up. Their expectations about media, about service, about communications, and about transactions will be vastly different from a decade ago, and their behavior patterns will turn out to be the biggest surprise that information technology delivers to business in the next century. And, what are the defining characteristics of E-Business? This is partly defined by the nature of the business activity. Typical features would include: • A broad range of suppliers and products, with a strong representation of buyers, thus providing a critical mass of participants to establish the market, and the liquidity to buy or sell as needed; • Well-established technical specifications and requirements for participation in the market; • Quality assurance for the market, with feedback loops regarding product quality, fulfillment history, and financial transactions; • Paperless transactions with enforceable legal agreements; • Online contracts with digital signatures to associate authorized agents with specific documents; • Security of the market, with strong user authentication, high standards for docu- ment integrity, transaction security, and preservation of the privacy of data of the participants. TLFeBOOK 102 Ruzic Copyright © 2005, Idea Group Inc. Copying or distributing in print or electronic forms without written permission of Idea Group Inc. is prohibited. It is evident that the technical expectations imposed by participation in the digital economy will increase. Businesses with high levels of e-competence will have a competi- tive advantage over those who do not. What are the requirements for successful participation? The answer will change, from industry to industry, but the minimal requirements would include a strong telecommunications infrastructure, with open Internet connectivity, and routine telecommunications services, along with a commit- ment to modern technical standards, system security, and transparent legislation and regulation environment. Businesses that offer services and have taken to the Internet seriously have a respon- sibility to their customers to offer services in a secure manner (Ang, Dubelaar & Lee, 2001). With increasing networks across the globe for mission critical electronic com- merce, securing the networks would be the primary focus. Various technologies and concepts is in place such as Virtual Private Networks (VPN), Secure Sockets Layer (SSL), Secure Electronic Transactions (SET) and many more to overcome and mitigate risks of transacting over the Internet. While security of operating systems, applications, physi- cal, logical security are addressed by the respective organizations, the areas that are exposed are the networks and communication lines which leave the organization’s gates. Security is a fundamental requirement for E-Business applications such as e-mail, purchase orders, the transmission of credit card information and workflow automation using signature-based forms Secure and Trustworthy E-Business The unprecedented global growth of the Internet, the promise of E-Business, and the emergence of mobile business have a profound effect upon the way organizations operate. The digital economy, that leverages the benefits of technological convergence and new business models, offers unparalleled advantages for an immense variety of service providers and their customers in the cyber marketplace. Providers see significant economies in operating in an E-Business environment that has global reach, with the prospects of cost reductions being passed on to the customer. Similarly, for online consumers, the Internet offers infinitely expanded buyer information and a range of choices that are daunting to comprehend. However, in spite of these apparent benefits the transition to the digital economy has not been without problems. For many organi- zations there is continuing uncertainty over which operating model to adopt, and the rather intimidating lessons of some high profile failures. The global E-Business environ- ment will continue to pose difficult and far-reaching management challenges to leaders of online businesses. Some of these challenges are already evident and have a profound effect upon the ways of doing business. Among them, and of paramount importance, is the issue of how E-Business can maximize its value to consumers and simultaneously retain their trust and confidence. It is evident that the biggest barriers to E-Business today come from the notion that people don’t trust the security and authenticity of E-Business environment. Building consumer trust and confidence requires thoughtful analysis of the nature of the TLFeBOOK Electronic Signature 103 Copyright © 2005, Idea Group Inc. Copying or distributing in print or electronic forms without written permission of Idea Group Inc. is prohibited. relationship between buyers and sellers. This notion is also about privacy in the E- Business environment (E-Privacy). In the context of E-Business, E-Privacy has to be established as a core value that connects organizational culture with the best interests of the consumer. The value of E-Privacy can be viewed as an important indicator of business success. Worldwide, many high profile business failures are attributable to the lack of recognition accorded E-Privacy, and the lack of commitment to it as a consumer issue. The consequences of this oversight can lead to an erosion of consumer loyalty, negative publicity, and the loss of potential business. When examining barriers to the implementation of E-Business, numerous studies have singled out consumers’ lack of trust as a major factor. Some people reduce the trust problem to one of security, arguing that if security issues are resolved, people will be happy to transact online. However, when the trust problem is broken down into its constituents, privacy, ease-of-use or the credibility of information on the Web is revealed to be as important to consumers as security. As far as the introduction of a new e-payment system is concerned, one should not underestimate the power of the media and reputable institutions in approaching consum- ers and assuring them of the system’s security. Since the average consumer is unlikely to be able to assess the objective security of, say, an encryption algorithm, this issue remains, to a large extent, one of trust – namely trust in familiar information sources. Thus, a well-orchestrated marketing effort would help give consumers enough pre-interac- tional trust to understand, accept and use the new E-Business system. Thus, security and trust mechanisms inhibit the free flow of business information required to achieve the full potential of business benefits promised by E-Business investments. Lack of trust is a significant problem for any E-Business – the parties evolved in the E- Business processes must feel trust in the people and companies doing business on the Internet. In many traditional business relationships, trust is based on a combination of judgement or opinion based on face-to-face meetings, or recommendations of col- leagues, friends and business partners. However, the E-Business environment generally does not involve human interaction and, therefore, this new context requires a new understanding of trust. Trust must be established and managed continuously in a wide range of E-Business activities. The basis of trust is in ethics, and the topic is frequently discussed in the context of social and democratic processes (Conte & Castelfranchi, 1995). It is also a fundamental requirement of economic activity where the behavior of people and organizations takes place in conditions of uncertainty (Jones & Wilikens, 2000). When one party is dependent on the behavior of another party, the uncertainties give rise to risks. The notion of trust within an E-Business environment involves having confidence in the other parties, and hence having an expectation that the risks will not result in financial or any other loss. The specific application of trust in the E-Business environment involves several key factors: • Identity: the ability to identify party, good, service and to locate them in physical space, including identification and location services such as digital certificates; TLFeBOOK 104 Ruzic Copyright © 2005, Idea Group Inc. Copying or distributing in print or electronic forms without written permission of Idea Group Inc. is prohibited. • Reputation, and recommendations from parties who are themselves trusted or experienced; and proxies for reputation, such as brand names and seals of approval; • Security of the E-Business environment including transaction data, integrity, authentication and non-repudiability, secrecy and privacy with alternatives that reduce the risk of data disclosure. E-Business is generally considered to evidence many of the characteristics that render trust very important. The parties commonly have little or no knowledge of one another. They are also usually in different locations. They therefore cannot depend on physical proximity, handshakes, body-signals, a common legal jurisdiction, or even necessarily a definable jurisdiction. The context of use and domain of application of the E-Business system being designed should be taken into account. Context of use can be viewed as an important requirement for the design. Different applications require diverse levels of security. Buying food can be done with a credit card with basic cryptographic protection, while electronic banking needs more sophisticated authentication and security mechanisms. Several techniques help in establishing online e-trust: • Electronic authentication, • Electronic signature, • Escrow payment services (online), • Public Key Infrastructure (PKI). Trust in E-Business systems is influenced by factors such as anonymity, security, reliability, and the amount of control that parties have, as well as the reputation of the entity that introduces the system. There are a number of guidelines that address the different facets of security required for E-Business systems in the digital economy. Issues of trust and security are connected to exchange, storage and management of business and personal information. These techniques includes basic tasks to be done in order to achieve a secure and trustworthy environment: • Providing a clear and prominent policy on security with clear visibility of the security techniques employed; • Explaining security measures in management and storage of the data; • Establishing a customer support line on security-related issues; • Supplying regular information updates on changes and upgrades in security; • Taking into consideration security issues specific to the type of E-Business system; • Giving users access to their data, allowing them to change it, and timely delete outdated information (it can assist in building trust relations with customers); TLFeBOOK Electronic Signature 105 Copyright © 2005, Idea Group Inc. Copying or distributing in print or electronic forms without written permission of Idea Group Inc. is prohibited. • Minimizing the security costs (both financial and temporal) imposed on users; • Creating a security management culture (by educating employees and implement- ing strict information handling policies within the company); • Building a trust policy and trust recovery plan in the event of a security breach likely to undermine trusted relationships with customers. From the wealth of information that proliferates on the topics of the Internet, or e-commerce specifically, there is a consensus on basic risks. Any transaction or message, financial or otherwise, would be subject to the risks. In an ordinary commerce environment, plenty of avenues are available to address these risks through formal signatures and other mechanisms that would ensure secure transactions. The major risks facing E-Business environment are considering key issues: • Identity or authenticity of the person: Who sent the message? Does the sender have the authority to bind the organization he or she represents? • Data Integrity: Is the message complete or has it been altered? Is it true that the copy of the message has not been altered? • Denial of Service: Launch of an attack which would bring down the service. • Non Repudiation: Proving up the message in court, ensuring that the sender cannot falsely deny sending the message, ensuring that the sender cannot falsely deny the contents of the message. • Confidentiality: Ensuring that information is not disclosed to unauthorized parties. While E-Business flourishes through the Internet, in the digital world, laws and statutes must be drafted and enacted to resolve disputes amongst parties. Issues will arise in the courts of law whether documents with electronic signatures are valid or otherwise and the extent of reliance that can be placed on the third parties. Any secure transaction is sure to have its share of disputes and losses. These may be due to negligence by one of the third parties or the parties to the transaction, or technological failures or any other reason. If the information-communications systems are used for day-to-day business and private interests – to buy consumer goods, submit tax forms or to send confidential messages – there will ultimately be the need for a digital identity. Other existing solutions – identification using credit card numbers, etc. – are simply makeshift solutions that are being used temporarily in certain areas. Normally speaking, identity is something very complex. It does not merely refer to name, date of birth, color of eyes and all those other features contained in personal identification documents, but also means a person’s entire personality, background and integrity. Digital identity means considerably less than all these everyday meanings: first of all, that a person owns and uses a digital ID – in other words, an ID expressed in zeros and ones that can be transmitted via the Internet (or any other data network). This ID is digital or TLFeBOOK 106 Ruzic Copyright © 2005, Idea Group Inc. Copying or distributing in print or electronic forms without written permission of Idea Group Inc. is prohibited. is also termed an electronic certificate. It confirms not just name and e-mail address of a person, but may also confirm other information - the name of company where a person is working, etc. – and the validity of the digital signature. When a machine or a person issues someone with a certificate, this is confirmation of the existence of this person, including the name and one or two other details. This identity is invaluable for the entire digital economy - it forms a foundation for trust. But whether this person is honest, creditworthy or reliable, or whether the machine is operated by a reputable company – i.e., what in fact belongs to identity in a broader sense of the word – remains unknown. Nevertheless, this manner of ensuring reliability is also indispensable for the digital economy. This is carried out using other means, beyond the scope of electronic signature technologies. In the case of companies with a good Web presence – with a shop system, SSL, credentials, supplier brand, general terms and conditions, quality labels, etc. – this is a good indication of their reliability, and the legislator has provided for legal provisions (remote sales law, EU e-commerce guideline, etc.). Basic E-Business Legislation and Regulation Companies doing E-Business activities are not operating in an unregulated world. The old rules still apply in new digital environment. And new statutes and regulations aimed at digital violations are quickly emerging. When it comes to regulations, however, ignorance is not bliss. Advertising, sweepstakes, unsolicited commercial e-mail (Spam), trade regulation compliance, securities laws, tax regulatory compliance, and other regulatory issues all can pose significant challenges for E-Business. Doing E-Business activities in a borderless medium raises special challenges, given that many jurisdictions have inconsistent laws regulating E-Business, e-commerce, e-signatures, etc. At the core of all of E-Business activities is the fundamental question: “Is it legal?” And the answer to that question will depend on what law applies and how online activities are structured. Yet determining what law applies is easier said than done when transactions are being conducted in what is essentially a borderless medium. At the same time, the Internet is profoundly changing the law that applies to these business activities. The law that governed our transactions six months ago may not be the law that governs our transactions today or, even if the prior law is still relevant, it may apply in ways we never contemplated because of legal developments in the interim (Zoellick, 2001). Many countries have already enacted numerous statutes and regulations related to some aspect of E-Business activities. In some cases, these laws represent an experiment designed to anticipate and resolve issues that have not yet arisen, and in other cases these laws represent significantly conflicting approaches to a common set of issues. Some of the outmost areas of regulation and legislation in the digital economy cover several key issues: TLFeBOOK Electronic Signature 107 Copyright © 2005, Idea Group Inc. Copying or distributing in print or electronic forms without written permission of Idea Group Inc. is prohibited. • Electronic Transactions and Contracts (e-commerce): The electronic communi- cation of documents, as well as electronic advertising, contracting, and payment, are clearly the future of e-commerce. Companies have embraced e-commerce in order to decrease costs, streamline transactions, and increase sales. To really do high-value deals online, however, companies must feel confident that the transac- tions they enter into today will be legally enforceable and binding tomorrow. In the paper-based world, putting a contract on company letterhead and using ink signatures help to provide that reassurance. Concern over what that means in the digital world has produced an explosion of legislation at national, and international levels. • Electronic Finance (services, Tax and Customs): The proper characterization of a transaction for tax purposes is probably the most difficult issue in the taxation of e-commerce. Nevertheless, characterization is critical to determining how an e- commerce transaction will be treated for income tax and consumption tax (VAT) purposes. Local, national, and international tax authorities and organizations are struggling with these concepts and trying to decide whether new legislation will be needed or whether existing rules can be applied to the new concepts. • Intellectual Property Laws (trademarks, copyrights, and patents): Companies face unprecedented challenges both in protecting their intellectual property worldwide and in minimizing the likelihood that they might be infringing someone else’s intellectual property rights (Sang, 2002). • Privacy and Personal Data Protection: Thanks to information-communications systems, it has never been so easy to collect, reproduce, disseminate, and compile personally identifiable information. Organizations have never faced such daunting privacy issues regarding the increasingly indispensable information and, E- Businesses should address the attendant privacy issues in order to avoid legal liability. Given the current media and legal climate, and the fact that electronic communications and technology tracking abilities will only increase in the future, concerns about the privacy of electronic communications are recognized in many countries, and many privacy-related bills are now pending at both the national and international scene. • Information Security (Cybersecurity, Cybercrime): New information and commu- nications technologies give rise to new opportunities for their abuse, which in turn give rise to legal restrictions. This notion arises the need to legislate against a variety of new abuses and frauds – or old frauds committed in new ways. Cyber- crime may cause serious financial damage, and computer-related offences fre- quently involve more than economic loss. Damage can be a waste of time, or the loss of privacy and security. The most significant harm and danger caused by cyber-crime is the threat of lost reliability and lost trust in cyber-space. There is another aspect of harmful and dangerous activity within E-Business environment – the digital content broadcasting. There is no consensus yet, neither on what kind of content should be prohibited, nor how it can be handled. TLFeBOOK 108 Ruzic Copyright © 2005, Idea Group Inc. Copying or distributing in print or electronic forms without written permission of Idea Group Inc. is prohibited. • Consumer Protection: Considering the functionality and applicability of such issues, it is worthy to find one, generic-shaped, key category that links all of these separate issues in one regulated scene. It is obvious that as a signature means almost everything in the physical world of paper-based business, some kind of the instrument that could ensure security, trust and functionality of E-Business, should be introduced. This issue is considered the core category of any national and international regulation in digital economy – the answer lies with introducing electronic signature equivalence with a hand-written signature no matter what type of information technology is in use. Electronic Signature as the Core Category in Digital Economy Background For E-Business of any kind (private or public sector) to grow, businesses must implement the use of electronic signatures correctly, and legally. With the advent of electronic signatures, E-Business is changing the way we sign and store documents. Thus, any business that wants to succeed in the digital economy must deal with electronic signatures. It is considered an everyday activity whenever a law or other arrangement requires a signature of a person. A signature is needed as a medium for authentication in order to identify the person (the signer), to indicate the person’s approval of the information communicated and, to be legally applicable. Whether captured on paper or electronically, a signature has a specific legal definition and purpose. The Commercial Codes (the laws adopted by most countries to govern commercial transactions) defines a document that is “signed” as one that includes any name, word, mark, or symbol executed or adopted by a party with the present intention to authenticate the writing. A signature usually serves several purposes, including authentication and attribution of a document to its signer, a reminder of the significance of the document, evidence that the signer intended the signed document to have legal effect, and an indication that the signed document was intended to be the final version. In today’s digital economy environment, establishing a framework for the authentication of computer-based information requires a familiarity with concepts and professional skills from both the legal and computer security fields. Combining these two disciplines is not an easy task. Concepts from the information security field often correspond only loosely to concepts from the legal field, even in situations where the terminology is similar. The historical legal concept of signature is broader. It recognizes any mark made with the intention of authenticating the marked document. In a digital setting, today’s broad legal concept of signature may well include markings as diverse as digitized images of paper signatures, typed notations, or even addressing notations, such as electronic mail TLFeBOOK Electronic Signature 109 Copyright © 2005, Idea Group Inc. Copying or distributing in print or electronic forms without written permission of Idea Group Inc. is prohibited. origination headers. A signature is not part of the substance of a transaction, but rather of its representation or form. Signing writings serve the following general purposes: • Evidence: A signature authenticates a writing by identifying the signer with the signed document. When the signer makes a mark in a distinctive manner, the writing becomes attributable to the signer. • Ceremony: The act of signing a document calls to the signer’s attention the legal significance of the signer’s act, and thereby helps prevent “inconsiderate engage- ments.” • Approval: A signature expresses the signer’s approval or authorization of the writing, or the signer’s intention that it has legal effect. • Efficiency: A signature on a written document often imparts a sense of clarity and finality to the transaction and may lessen the subsequent need to inquire beyond the face of a document. To achieve the basic purposes of signatures outlined above, a signature must have the following attributes: • Signer authentication: A signature should indicate who signed a document, message or record, and should be difficult for another person to produce without authorization. • Document authentication: A signature should identify what is signed, making it impracticable to falsify or alter either the signed matter or the signature without detection. Signer authentication and document authentication are tools used to exclude imperson- ators and forgers and are essential ingredients of what is often called a non-repudiation service. A non-repudiation service provides assurance of the origin or delivery of data in order to protect the sender against false denial by the recipient that the data has been received, or to protect the recipient against false denial by the sender that the data has been sent. Thus, a non-repudiation service provides evidence to prevent a person from unilaterally modifying or terminating legal obligations arising out of a transaction effected by computer-based means. Traditional methods, however, are undergoing fundamental changes that are coming with the digital economy. Although digital media is in use, documents continue to be written on paper, but sometimes merely to satisfy the need for a legally recognized form. In many instances, the information exchanged to effect a transaction never takes paper form. Computer-based information can also be utilized differently than its paper coun- terpart. For example, computers can read digital information and transform the informa- tion or take programmable actions based on the information. Information stored in digital media rather than on paper can travel near the speed of light, may be duplicated without limit and with insignificant cost. Although the basic nature of transactions has not changed, the law has only begun to adapt to advances in technology. The legal and business communities must develop rules and practices, which use new information TLFeBOOK 110 Ruzic Copyright © 2005, Idea Group Inc. Copying or distributing in print or electronic forms without written permission of Idea Group Inc. is prohibited. technology to achieve and surpass the effects historically expected from paper forms. Electronic signature technology generally surpasses paper technology in all these attributes. Electronic Signature: Scope and Definition The term electronic signature could be defined as a sound, symbol or process attached to or logically associated with an electronic record by a person (a signer) with the present intent to authenticate that record. Every downloading software activity from the Internet includes reading the licensing agreement and clicking “I accept,” where a person is using some kind of an electronic signature (the click combined with a person self identification create the signature). If a person places a trade over the phone and verbally confirms that wants to buy or sell stock, the recording of a person’s voice could be considered as an electronic signature. Digital signatures and images of handwritten signatures also constitute electronic signatures. A handwritten signature signals intent to agree with the terms of a document, and it authenticates – at least in theory – the identity of the signer. Handwritten signatures don’t have an exact parallel online. In the electronic world, a person may end up doing the same things in a different way. The authentication may be done up front and the signal of intent may be done later. Authentication, the act of making sure that signers are who they say they are, can be handled online in several ways. A signer can use a digital certificate or smart card, take a fingerprint or retina scan, answer additional questions regarding personal identification. A signal of intent may be created online by clicking an “I accept” button, by signing one’s name on an electronic signature pad or by appending a signature image to a document. Hence, the foregoing definition of electronic signature within most national legislation is a generic, technology-neutral definition, which recognizes that there are many different methods by which a person can sign an electronic record. In all cases, electronic signatures are represented digitally, but they can take many forms, and can be created by many different technologies. Examples of electronic signatures include: • A name typed at the end of an e-mail message by the sender; • A digitized image of a handwritten signature that is attached to an electronic document (sometimes created via a biometrics-based technology called signature dynamics); • A secret code, password, or PIN to identify the sender to the recipient (such as that used with phone cards and credit cards); • A unique biometrics-based identifier, such as a fingerprint, voice print, or a retinal scan; • A mouse click (such as on an “I accept” button); • A sound (or voice) attempting to issue a meaning to agree); • A digital signature (created through the use of public key cryptography). TLFeBOOK [...]... access and use of digital information, it has also led to fears that consumer protection, intellectual property rights, privacy and related issues could be eroded by the illegal copying and redistribution of digital media Mechanisms to protect digital content are seen as a necessary step towards the creation of global business and commercial information infrastructure While equipment capable of copying digital. .. (message) since it was digitally signed The next step is to encrypt the check and signature The sender’s digital signature software transforms the hash result into a digital signature using the sender’s private key The resulting digital signature is thus unique to both the message and the private key used to create it Typically, a digital signature is appended to its message and stored or transmitted... Society (2nd ed.) Oxford: Blackwell Conte, R and Castelfranchi, C (1995) Cognitive and Social Action London: UCL Press Forno, R and Feinbloom, W (2001) PKI: A question of trust and value Communications of the ACM, 44 (6) Jones, S and Wilikens, M (2000) Trust requirements in E-business Communications of the ACM, 43 (12) Kozlov, A and Reyzin, L (2003) Forward-Secure Signatures with Fast Key Update (2002) In... receiver can recover the symmetric key, and thus decrypt the check A digital version of the envelope has been created • Deliver: At this point, the digital envelope is electronically sent to the receiver and the verification process begins Digital Signature Verification • • Accept: The encrypted digital envelope arrives at the destination • Verify: Verification of a digital signature is accomplished by... prohibited TLFeBOOK Electronic Signature 129 graphics and images stored in standard data compress formats such as “bitmaps” and “jpegs” used to transmit data-intensive images and other digital media For e-commerce to grow, businesses must implement the use of electronic signatures correctly and legally Electronic commerce has changed the way we buy books, sell, and pay bills Now, with the advent of electronic... a digital object and its owner, and acts as a deterrent to illegal redistribution by enabling the owner of digital object to identify the original user of the redistributed copy E-Business users are not confident enough in the security of online systems to believe that a hacker can’t break in and steal credentials there Password lists and credit card lists are stolen regularly from online servers and. .. prohibited TLFeBOOK 136 Mowatt Chapter VII Impacts of the Digital Economy: The Shift to Consumer-Driven Competition and Life-Span Products Simon Mowatt Auckland University of Technology, New Zealand Abstract This chapter examines changes in innovation and competition made possible in two traditional industries by the adoption of integrated information and communication technologies Using empirical interview-based... Then, using the sender’s public key and the new hash result, the verifier checks: 1) whether the digital signature was created using the corresponding private key; and 2) whether the newly computed hash result matches the original hash result The software will confirm the digital signature as verified – the sender’s private key was used to digitally sign the message and the Open: The receiver of the... visible portion of the digital signature is the signer’s name, title and firm name, along with the certificate serial number and the Certification Authority name Digital signatures still face some cultural hurdles, such as convincing users to accept a line of hash code instead of a penned name Several software solutions cover both ideologies by combining a PKI-based digital signature and a pictorial representation... payment systems, health care applications, ticketing applications, loyalty and other areas They may also be used to store digital certificates and passwords and can encrypt sensitive data Perhaps one of the most visible applications is that of SIM cards used for mobile phones SIM stands for Subscriber Identification Module and the SIM cards store subscriber information which allows phones to be instantly . identify party, good, service and to locate them in physical space, including identification and location services such as digital certificates; TLFeBOOK 1 04 Ruzic Copyright © 2005, Idea Group Inc. Copying. to a digital object and provides an indication of ownership of object signed by watermark • Fingerprinting: A technique that identifies the recipient of a digital object and its owner, and acts. verification of the digital signature is performed by the receiver of the digital signature. The writing and sending a check example, illustrates how digital signature technology works. Digital Signature