Electronic Signatures Under Saudi Law

Electronic Signatures Under Saudi Law

The rapid advancement of technology and communication systems has brought significant changes to how transactions and signatures are conducted. Traditional methods based on handwritten documents have evolved into electronic transactions and signatures, giving rise to new forms of digital documentation and authentication.

In response to the widespread use of electronic contracts and the growth of international trade—and in line with the Kingdom of Saudi Arabia’s commitment to digital transformation—the government enacted the Electronic Transactions Law under Royal Decree No. (M/18), dated 8/3/1428H. This legislation regulates electronic signatures and defines their legal validity.

In this article, Al Salamah Law Firm explores how electronic signatures are governed under Saudi law and highlights their key features and legal framework.

What is an Electronic Signature?

Article 1 of the Electronic Transactions Law defines an electronic signature as:

“Electronic data included in, added to, or logically associated with an electronic transaction used to identify the signatory and indicate their approval of the transaction, as well as to detect any alteration after the signature is applied.”

It also defines:

• The “signatory” as a person who signs an electronic transaction using an electronic signature system.
• An “electronic signature system” as a set of electronic data specifically designed to function independently or in conjunction with other electronic data systems to create an electronic signature.

How Are Electronic Signatures Created?

In Saudi Arabia, electronic signatures are validated using a digital certificate, defined as:

“An electronic document issued by a certification service provider to confirm the identity of the holder of the electronic signature system and to verify the authenticity of their signature.”

Certification service providers must be licensed by the Communications and Information Technology Commission (CITC). The National Center for Digital Certification (NCDC)—a body within the Ministry of Communications and Information Technology—oversees the issuance and management of digital certificates, as outlined in Article 16 of the Electronic Transactions Law.

The NCDC is also responsible for recognizing foreign digital certificates, granting them equivalent legal standing in Saudi Arabia, subject to the regulations set out in the implementing regulations of the law.

Types of Electronic Signatures

1. Pen-OP (Electronic Pen Signature):
   Used for signing legal documents electronically by writing on a digital screen using a special pen. The system converts the handwritten signature into a digital format.
2. Digital Signature:
   Commonly used in banking transactions. The client uses a magnetic bank card and PIN, which function together as a secure digital signature.
3. Biometric Signature:
   Relies on personal biometric data, such as fingerprints, iris or retina scans, or voice recognition. The biometric information is digitally encoded and authenticated through specialized software, ensuring secure access and signature verification.

Legal Requirements for Electronic Signatures in Saudi Arabia

According to Article 10 of the Implementing Regulations of the Electronic Transactions Law, an electronic signature is considered legally valid if the following conditions are met:

• It is linked to a valid digital certificate issued by a licensed or approved certification provider.
• The digital certificate is valid at the time of signing.
• The signatory’s identity data matches the information in the certificate.
• If used in conjunction with another electronic data system, the connection must be secure and technically sound.
• The signatory must have the necessary technical and administrative infrastructure to ensure data integrity and confidentiality.
• The signatory must comply with all technical and procedural requirements of the certification provider.

Additionally, the electronic signature must include, at minimum, the following technical components:

• Certification authority’s details and electronic signature.
• Type and scope of the signature, along with its serial number.
• Date and validity period.
• Encryption algorithm and public key used.
• Scope of use and liability limits.
• Full identity details of the signatory.

Why Use Electronic Signatures?

Electronic signatures are preferred for their security, efficiency, and legal enforceability. Documents signed electronically are generally more difficult to forge and easier to process.

Final Note:

Electronic signatures are becoming increasingly widespread in Saudi Arabia, especially with the Kingdom’s ongoing digital transformation in civil and commercial sectors.

At Al Salamah Law Firm, we provide expert legal consultation on the use of electronic signatures and digital contracts. We ensure compliance with NCDC standards, and in the event of disputes, we represent clients before civil and commercial courts to validate the authenticity of electronic signatures.

Our team combines deep legal expertise with practical experience to deliver comprehensive legal support focused on protecting your interests and sustaining your business.

Feel free to contact us for legal guidance tailored to your needs.