The electronic signature in Colombia

THE DIGITAL SIGNATURE SUITABLE FOR EVERY NEED

Sign with Viafirma

Biometric signature

Handwritten signature captured through a tablet or a signature pad

Certificate-based signatures

Digital certificate signature. These are certificates issued by a Certificate Authority which validates the signature and the signer's identity

Cloud Signature

Sign with a digital certificate stored on a secure server (HSM), with robust authentication

Server-based signature

Certificate-based signatures, without required user interaction

OTP SMS & OTP email

Signature linked to an OTP code (one-time-password) sent to the signatory's smartphone via SMS

eSignatures are legally valid and admissible in the court of law. They are booming in Latin America, especially in Colombia.
The regulatory framework in Colombia is mainly supported by Law 527 of 1999 and Decree 2364 of 2012,

If you are looking for an electronic signature solution for your company, you can visit our Colombian website for more information.

The main laws that are relevant for Viafirma in Colombia are:

Law 527 of 1999. Defines and controls access and use of data messages, e-commerce and digital signatures, as well as establishing certification authorities
Decree 1747 of 2000. By which Law 527 of 1999 is partially regulated, regarding certification entities, certificates and digital signatures.

Law 527 of 1999

Law 527, which regulates e-commerce and provides the basis for the existence and enforceability of electronic and digital signatures and electronic records, establishes that parties can use eSignatures if there is consent by both sides. 2 types are recognized:

Digital signature “with the same validity and effects as the handwritten signature” and, according to Decree 2364 of 2012, with mechanisms that guarantee authenticity and integrity.
Electronic signature with significant reduction in the burden of proof.

For an electronic signature to be reliable and enforceable, the law requires the following attributes to have the same legal validity as the handwritten signature:

the signature allows for the identification of the signer and
the mechanism used allows for the detection of any alteration made to the data message after the signature was included.

Amended by Decree 19 of 2012, which lists the rules for abolishing or reshaping existing unnecessary regulations, procedures and formalities from the Public Administration.

Law 527 of 1999 is based on The Model Law on Electronic Commerce (MLEC) from United Nations Commission on International Trade Law. Article 7 stipulates the principle of functional equivalence of electronic signatures, provided that the same functions are fulfilled as those attributed to handwritten signatures.

In Article 2 of Law 527 digital signatures are defined as ”a numerical value which is attached to a data message and which, using a known mathematical procedure, is linked both to both the key of the originator and to the message text”, referring to asymmetric encryption algorithms that use both public and private keys for signature creation and verification.

The decision of the Colombian Supreme Court on December 16, 2010, includes digital and electronic signatures as recognized legal categories in the 527 legislation.

Prohibition of client software certificates

Decree 1413, in August 2017 prohibits the use of software certificates on clients, limiting the signature to token devices or centralized-cloud signatures

Certification Authorities

Law 527 also states that the certification entities are responsible for granting digital signatures, under the control and supervision of the Superintendency of Industry and Commerce. Decreto 1747 de 2000 defines the certification authorities.

Other applicable regulations

Law 1150 of 2007 (Public Procurement),
Law 962 of 2005 (Electronic Invoicing)
Law 964 of 2005 (Electronic Securities)
Decreto 019 de 2012. Removal or amendment of existing unnecessary regulations, procedures and formalities in the Public Administration.
- Decreto 333 de 2014 (February 19), regulating Article 160 of Decree-Law 19 of 2012.

Decreto 1078 de 2015 (may 26) Decree 1078 of 2015 (May 26) Single Regulatory Decree of the Information and Communication Technologies Sector.
Decreto 1413 de 2017:
- Adds Article 17 to part 2 of book 2 from Decreto Único Reglamentario del sector de Tecnologías de la Información y las Comunicaciones, (Decreto 1078 de 2015).
- To partially regulate chapter IV of title III of Law 1437 of 2011 and article 45 of Law 1753 de 2015 establishing general guidelines for the use and operation of digital citizen services.

¿Which documents can be signed electronically?

The general rule is that any document can be both by hand and electronically if the eSignature process complies with the above-mentioned definitions.

BIG AND SMALL, PUBLIC AND PRIVATE, NATIONAL AND INTERNATIONAL