There was a lot of hype in the 1990ies about digital signatures as a replacement for paper contracts and specifically, replacing wet signatures. Many countries implemented e-signature legislation to regulate the related liability issues.
After 15 years it is fair to state that the expectations associated with the hype were consistently disappointed and the future of this application looks grim. National eID-programs failed to exceed a threshold of 1% active users (E.g. Austria, Japan, Finland). See below for a more detailed look on Estonia.
Jane Witt wrote in 2001 "There is mounting evidence that trying to use asymmetric cryptography as a signature on a contract is like trying to fit a square peg into a round hole, and the effort to get that square peg into that round hole has created a phenomenal sink hole into which countless individuals and organizations have poured vast resources with few tangible payoffs in sight."[1]
Trying the reverse engineer the business model following points can be observed:
- Relying Parties (those parties trusting in a document with a digital signature) are provided with an electronic signature that is in general the equivalent of a wet signature, excluding a few transactions, e.g. those that need a notary anyway.
- There no or only very limited approaches to multilevel security. Some eID-projects assume a single level (like the Austrian citizen card) or the signature law provides a limited selection, like advanced and electronic signature.
- To establish trust in the certificate authority there is a requirement for "sufficient financial provisions". E.g. in Austria 700,000