{
    "success": true,
    "data": {
        "id": 1696603,
        "msgid": "5-common-mistakes-when-creating-a-digital-signature-1777009946",
        "date": "2026-04-23 18:16:11",
        "title": "5 Common Mistakes When Creating a Digital Signature",
        "author": "",
        "source": "TEMPO_ID",
        "tags": "",
        "topic": "Regulation",
        "summary": "In Indonesia's digital era, electronic signatures are governed by Law No. 11 of 2008 on Electronic Information and Transactions, yet many organisations and individuals make errors that undermine their legality and security. This article outlines five frequent mistakes, including ignoring legal requirements, poor key management, signing unfinished documents, selecting unsuitable services, and lacking internal education, and provides practical ways to avoid them. Understanding these pitfalls ensures that digital signatures are not only convenient but also legally binding and secure, with certified platforms like Privy recommended for compliance.",
        "content": "<p>In the digital era, the use of electronic signatures is increasingly\nwidespread. In Indonesia, this is regulated under Law No.\u00a011 of 2008 on\nElectronic Information and Transactions (UU ITE) along with its\nderivative regulations, which recognise electronic signatures as legal\nevidence provided they meet certain requirements.<\/p>\n<p>Nevertheless, in practice, many organisations and individuals still\nmake mistakes, rendering digital signatures ineffective, invalid, or\nvulnerable to risks. Therefore, it is important to understand the\ncorrect way to create a digital signature. Here are some common mistakes\nalong with ways to avoid them:<\/p>\n<ol type=\"1\">\n<li>Ignoring Legality and Validity Requirements<\/li>\n<\/ol>\n<p>Many people still think that simply scanning a signature and pasting\nit onto a PDF document completes the signing process. However, under\nIndonesian law, not all electronic signatures are automatically deemed\nvalid.<\/p>\n<p>A common error is using uncertified digital or electronic signatures\nor those not from official providers, without ensuring key aspects such\nas the signer\u2019s identity, document integrity, and non-repudiation\nguarantees.<\/p>\n<p>To avoid this, choose certified services or use public key\ninfrastructure and electronic certificates. Also ensure that the\ndocuments and signing system meet requirements for authentication,\nintegrity, and signer identity.<\/p>\n<p>If using a digital signature platform, ensure the platform\ntransparently explains its legal status and certificates. Some platforms\navailable in Indonesia, such as Privy, provide electronic certificates\nand identity verification processes to ensure documents are legally\nvalid.<\/p>\n<ol start=\"2\" type=\"1\">\n<li>Failing to Secure Private Keys or Authentication<\/li>\n<\/ol>\n<p>The proper way to create a digital signature relies on encryption and\nauthentication mechanisms. If the private key is compromised or the\nsystem is weak, the risk of manipulation or forgery increases.<\/p>\n<p>Errors often occur due to storing private keys carelessly, using\nshared accounts, or selecting systems that do not encrypt properly. To\navoid this, store private keys securely and do not share them among\nusers without controls.<\/p>\n<p>Also use providers that implement clear encryption and security\nprotocols, and conduct strict identity verification, which is also part\nof the requirements for valid digital signatures.<\/p>\n<ol start=\"3\" type=\"1\">\n<li>Signing Documents Without Ensuring Document Condition<\/li>\n<\/ol>\n<p>Creating a digital signature is not just about \u201cpasting the\nsignature\u201d but also ensuring that the document is not altered after\nsigning and that the final signed version is the correct one.<\/p>\n<p>Errors typically happen when signing documents that are still to be\nedited, or using methods that allow changes after signing without\ntraces.<\/p>\n<p>To avoid this, ensure the document is in its final version before the\nsigning process, use systems that generate a \u201chash\u201d or document\nfingerprint, and store signing logs that record time, device, identity,\nand other details.<\/p>\n<ol start=\"4\" type=\"1\">\n<li>Using Services Not Suited to Business Needs<\/li>\n<\/ol>\n<p>Not all transactions have the same risks and requirements. For\nimportant contracts or cross-border transactions, higher-level digital\nsignature systems may be needed. Common errors occur when choosing cheap\nor fast services without considering the scale of risk or business\nrequirements.<\/p>\n<p>To avoid this, identify the type of transaction to select an\nappropriate service. For important transactions, choose those with\ncertification and strong audit trails. For example, services like Privy\nare an option because they offer legally compliant and user-friendly\nprocesses.<\/p>\n<ol start=\"5\" type=\"1\">\n<li>Lack of Education and Internal SOPs in Organisations<\/li>\n<\/ol>\n<p>Often, companies or teams simply install a digital signature service\nand expect everything to run smoothly without training or clear SOPs. As\na result, operational errors or misunderstandings occur.<\/p>\n<p>The solution is to establish internal SOPs, such as who may sign,\nunder what conditions, how to use the service, log backups, and document\nstorage. Then train the team on digital signature risks, regulations,\nhow to check signature validity, and conduct periodic audits of digital\nsignature usage in the company.<\/p>\n<p>By understanding and avoiding these five mistakes, you can ensure\nthat the use of digital signatures is not only practical but also safe\nand legally recognised. Services like Privy provide a solution that\ncombines ease of use with regulatory compliance.<\/p>",
        "url": "https:\/\/jawawa.id\/newsitem\/5-common-mistakes-when-creating-a-digital-signature-1777009946",
        "image": ""
    },
    "sponsor": "Okusi Associates",
    "sponsor_url": "https:\/\/okusiassociates.com"
}