Global eSignature Compliance Guide Select A Country
Saudi Arabia

eSignature Legality in Saudi Arabia

eSignatures are legally valid and admissible in the court of law. Saudi Arabia follows a hierarchical root of trust model where eSignatures or digital signatures issued by a Certifying Authority are considered legally valid. Specific use cases for eSignatures are indicated in the ET Law.

Country Flag

The Electronic Transactions Law, (established in 2007) highlights that a handwritten signature isn’t always needed for a contract to be considered credible, and that contracts can’t be refused for simply being electronic. They’ll usually be seen as such as long as legally able individuals have reached an agreement (this can be by agreeing verbally, electronically or by physically signing something). Under Article 5 of the Electronic Transactions Law, contracts cannot be denied enforceability merely because they are concluded electronically. To prove a valid contract, parties sometimes have to present evidence in court. It may be difficult to prove verbal contracts or electronic contracts formed by email or simple click-through arrangements.

*The information on this site is "AS IS" and for general information purposes only.

Use Cases for eSignatures

Use cases where an SES is typically appropriate include:

  • Emails: Simple electronic signatures can be used to sign emails and their attachments.
  • Letters: Simple electronic signatures can be used to sign letters, memos, and other written correspondence.
  • Forms: Simple electronic signatures can be used to sign various types of low-risk forms, of general nature
  • Invoice Signing: Invoice signing in Saudi Arabia can leverage non QTSP certificates to power invoice signing and is subject to the policies of the respective Tax Authority.

Use Cases for Qualified Signatures

Use cases where an AES is typically appropriate include:

  • Financial transactions: Qualified electronic signatures can be used to sign financial transactions such as bank transfers, loan agreements, and insurance policies.
  • Government documents: Qualified electronic signatures can be used to sign government documents such as customs declarations, export licenses, and import permits.
  • Legal documents: Qualified electronic signatures can be used to sign legal documents such as powers of attorney, court documents, and arbitration agreements.
  • Healthcare documents: Qualified electronic signatures can be used to sign healthcare documents such as medical prescriptions, patient consent forms, and medical reports.
  • Intellectual property documents: Qualified electronic signatures can be used to sign intellectual property documents such as patent applications, trademark registrations, and copyright assignments.
  • Binding Contracts: Contracts require the use of QES generally provided by trusted QTSP’s in the Kingdom of Saudi Arabia.

Use Cases that are not appropriate for Electronic Signatures

Use cases that are specifically barred from digital or electronic processes or that include explicit requirements, such as handwritten (eg. wet ink) signatures or formal notarial process that are not usually compatible with electronic signatures or digital transaction management.

  • Notarization – real property title deed transfer
  • Notarization – granting a power of attorney
  • Notarization – signing the Articles of Association of a company with limited liability and any amendments thereof

List of Local Trust Service Providers

Company Category Website
Communications and Information Technology Commission Regulator https://www.cst.gov.sa/en/Pages/default.aspx
emdha CA DSC https://www.emdha.sa/en/
Saudi Telecom Company DSC https://www.stc.com.sa/content/stc/sa/en/personalhome.html

Local Technology Standard

emdha Trust Service Provider is owned and managed by Baud Telecom Company (BTC) under the Saudi National Root CA, offering trust services ranging from Online Digital Signature, Validation and Digital Certificates enabling business to seamlessly integrate and avail trust services in real-time. Delivering superior user experience by incorporating a secure, international compliant digital signature methodology fully integrated with any third party trusted registered KYC (Know Your Customer) approved by local governmental regulators.

General Definitions

Simple Electronic Signature (SES)

A Simple Electronic Signature (SES) refers to any electronic data that is logically associated with other electronic data and used by a person to sign. This can include:

  • Typing a name at the end of an email,
  • Clicking an “I accept” button,
  • Pasting a scanned image of a signature, or
  • Using a stylus or finger to draw a signature on a touchscreen.

While SES can indicate intent to sign, it lacks advanced identity verification, integrity protection, or security features, making it the least secure type of electronic signature. It is legally valid in many jurisdictions but may not carry strong evidentiary weight without additional context or proof.

Advanced Electronic Signature (AES)

An Advanced Electronic Signature (AES) is a more secure form of electronic signature that must meet the following criteria:

  • it is uniquely linked to the signatory
  • it is capable of identifying the signatory
  • it is created using means that are under the sole control of the signatory, and
  • it is linked to the signed data in such a way that any subsequent change in the data is detectable.

AES provides enhanced legal reliability compared to SES and is often supported by multi-factor authentication, encryption, and audit trails.

Qualified Electronic Signature (QES)

A Qualified Electronic Signature (QES) is a type of Advanced Electronic Signature that additionally:

  • is created using a qualified signature creation device (such as a secure token or smart card); and
  • is backed by a qualified digital certificate issued by a recognized or accredited trust service provider.

QES provides the highest level of trust and legal assurance, and in many jurisdictions (like the EU under eIDAS, India IT Act, etc), it holds the same legal status as a handwritten signature.

Digital Signature

A Digital Signature is a specific technological implementation of an electronic signature that uses asymmetric cryptography. It allows a verifier to:

  • confirm that the signature was created using the private key corresponding to the signer’s public key; and
  • ensure that the signed message or document has not been altered after signing.

Digital signatures are the underlying cryptographic mechanism used in both AES and QES. They offer strong security guarantees such as authenticity, integrity, and non-repudiation and are often implemented through Public Key Infrastructure (PKI) systems.

External Resources

http://www.wipo.int/wipolex/en/text.jsp?file_id=197970 https://www.cst.gov.sa/en/RulesandSystems/RegulatoryDocuments/Licenses/IssuedLicenses/Pages/default.aspx
DISCLAIMER

This information is intended to help you understand the legal framework of electronic signatures. However, eMudhra cannot provide legal advice. The law of electronic signatures is constantly evolving. This guide is not intended as a legal advice and should not serve as a substitute for professional legal advice. You should consult an attorney regarding any specific legal concerns. eMudhra, and all associates including agents, officers, employees or affiliates, are not liable for any direct, indirect, incidental, special, exemplary or consequential damages.