- 19
- February
As both public and private organizations undergo digital transformation, the most frequently asked question is: "Can you really sign documents electronically? Is it legal?" The answer is yes — Thai law has recognized electronic signatures since 2001. However, what many people still find confusing is that electronic signatures come in multiple types, each with different levels of reliability and legal effect. This article explains all 3 types.
Relevant Legislation
The primary law governing electronic signatures in Thailand is:
Electronic Transactions Act B.E. 2544 (2001)
- Amended (No. 2) B.E. 2551 (2008)
- Amended (No. 3) B.E. 2562 (2019)
- Amended (No. 4) B.E. 2562 (2019)
Overseen by the Electronic Transactions Development Agency (ETDA)
The Act clearly states that the legal binding force and enforceability of electronic data shall not be denied solely on the ground that it is in electronic form (Section 7). In other words, electronic documents and electronic signatures have legal effect equivalent to paper documents and handwritten signatures.
3 Types of Electronic Signatures
ETDA classifies electronic signatures into 3 types based on their level of reliability, referencing different sections of the Electronic Transactions Act:
Type 1 — General Electronic Signature (Section 9)
This is the most commonly encountered type in daily life, with a basic level of reliability. The law requires only that the method used can identify the signatory and demonstrate the signatory's intent to accept the content of the electronic data.
| Usage Examples | Details |
|---|---|
| Clicking "Agree" or "Accept" buttons | e.g., accepting terms of service on a website |
| Entering an OTP code | A one-time password sent via SMS for identity verification |
| Entering a PIN or Username/Password | To log in and verify identity before making a transaction |
| Signing on a screen | e.g., signing for a parcel on a delivery company's tablet |
| Sending a confirmation email | Accepting proposals, contracts, or approving work via email |
Important to know: This type is legally valid, but in case of a dispute, the burden of proof lies with the party claiming it — they must prove the signature belongs to the alleged signatory.
Type 2 — Reliable Electronic Signature (Section 26)
This signature type has a high level of reliability. Section 26 specifies 4 requirements that make an electronic signature "reliable":
- The signature creation data is linked to the signatory — it belongs to no one else and can identify the individual
- Under the sole control of the signatory at the time of signing
- Any alteration is detectable — If the signature is modified after signing, it can be detected
- Any alteration to the data is detectable — If the document content is modified after signing, it can likewise be detected
In practice, this type typically uses PKI (Public Key Infrastructure) technology — an asymmetric cryptography system with a Private Key for signing and a Public Key for verification.
Advantage over Type 1: In case of a dispute, there is a presumption of reliability. The burden of proof falls on the party denying it — they must prove the signature is unreliable.
Type 3 — Reliable Electronic Signature with Certificate (Section 28)
This type has the highest level of reliability. It uses PKI technology like Type 2 but adds a Digital Certificate issued by a licensed Certificate Authority (CA).
A CA certificate functions like a "digital ID card" that verifies the public key truly belongs to that individual or legal entity.
Comparison of All 3 Types
| Type 1 | Type 2 | Type 3 | |
|---|---|---|---|
| Section | Section 9 | Section 26 | Section 28 |
| Name | General Electronic Signature | Reliable Electronic Signature | Reliable Signature + CA Certificate |
| Reliability Level | Basic | High | Highest |
| Technology | OTP, PIN, email, on-screen signing | PKI (Private Key/Public Key) | PKI + CA Certificate |
| Document tampering detection | No | Yes | Yes |
| Burden of proof (in disputes) | The claiming party must prove | Presumed reliable | Presumed reliable |
| Third-party identity verification | None | None | Yes (CA certified) |
| Usage Examples | Online shopping, membership registration | Signing internal organizational contracts | e-Tax Invoice, government contracts, securities |
Which Type Should You Use?
You do not need Type 3 for every case — it depends on the risk and value of the transaction.
| Scenario | Recommended Type |
|---|---|
| Internal document approvals, leave requests, travel authorization forms | Type 1 is sufficient |
| Procurement contracts, budget approvals, MOUs | Type 2 or higher |
| e-Tax Invoice for the Revenue Department, government contracts, securities transactions | Type 3 |
Saeree ERP and Electronic Signatures
Saeree ERP supports electronic signature functionality within its Workflow system for various document approvals — such as purchase requisitions, budget approvals, and withdrawal requests. It supports both e-Signature and Digital Signature (PKI) in compliance with Revenue Department standards for e-Tax Invoice & e-Receipt.
Electronic signatures are nothing new — Thai law has supported them for over 20 years. What is still lacking is understanding "which type is appropriate for which task." Choosing the right type helps organizations work faster, more securely, and in full legal compliance.
— Saeree ERP Team
Conclusion
- Type 1 (Section 9) — Easy to use, such as OTP, clicking accept, or on-screen signing. Suitable for general internal tasks.
- Type 2 (Section 26) — Uses PKI with tampering detection. Suitable for contracts and important documents.
- Type 3 (Section 28) — Uses PKI + CA certificate for the highest level of reliability. Suitable for e-Tax Invoice and government transactions.
All types are legally valid under the Electronic Transactions Act B.E. 2544 (2001). The key is to choose the type appropriate to the risk level of the transaction.
Want to see how Saeree ERP supports e-Signature and Digital Signature? Contact our consulting team for guidance.
