Comfort signature
Both the convenience signature and the batch signature are special cases of the digital signature (or qualified electronic signature), implemented for example with the aid of a smart card .
In this scenario, a document to be signed is basically hashed in a (certified) signature application component and this hash value is presented to a smart card (= Secure Signature Creation Unit (SSE)) for signature with a private key on the card. After entering a PIN, for example, the card (SSE) signs the hash presented to it and thus the document presented to the signature application component. The card's private key does not leave the card.
Depending on the operating system, there is a counter in the smart card that determines how much data (here: hashes) may be signed after entering a PIN, or that enables the signature function to be unlimited; As a rule, this counter will be set to a low number (1) so that the cardholder has a guarantee that only the data he wants is signed. Each signature process must be confirmed by entering a PIN. The security achieved in this way is offset by a loss of user-friendliness - and general applicability - if a large number of signatures has to be carried out in a short time. For example, the issue of prescriptions for practicing doctors is not feasible because of the time required.
This can be remedied by the batch signature (n: 1 = collecting several documents and quasi-simultaneous processing of the "batch" after entering the PIN once) or the convenience signature (1: n = entering the PIN once, then the signature unit is automatically signed for a larger number of processes ). The system environment can stipulate that each individual signature in this case is triggered by a short PIN or a fingerprint (e.g. VERSA concept from pharmacies).
The problem here is that the above-mentioned counter on the smart card has to be set to a higher value for this application. If the card were used in a foreign environment, however, it would also potentially sign a larger number of data than the cardholder would like. The individual signature cannot be seen in retrospect in which environment it was created, so that the use of such a smart card (for convenience or batch signature) in an unfamiliar environment can result in data being unintentionally signed and thus legally signed.
In November 2007 a technical guideline was published by the Federal Office for Information Security , which defines an environment for the healthcare system that makes the convenience signature certifiable and thus legally secure in the sense of a qualified electronic signature according to the Signature Act .