Zoho Sign's adherence to 
Mexico's e-signature standards

Legal insights into e-signatures in Mexico

Sign Up for free Request Demo

A quick review of e-signatures

Electronic signatures, or e-signatures, are digital versions of your signature that indicate your consent to the contents of an online contract. They provide a hassle-free way to sign documents remotely, eliminating the need for physical paperwork and enabling faster and more streamlined transactions.

E-signatures are legally binding for a variety of purposes and can either be typed, drawn on the screen of an electronic device, or uploaded from your desktop. This modern alternative to wet signatures has been adopted across the world, as it empowers individuals and businesses to sign documents online in a legal, secure, and efficient way.

Broadening business horizons with e-signatures

Mexico's measures to modernize its legal framework in response to the increasing relevance of digital transactions have led to a massive opportunity for businesses to accelerate their document signing processes and close deals faster. The adoption of e-signatures has increased multifold for their sheer efficiency and added security.

Zoho Sign, a digital signature solution, helps businesses streamline their workflows for enhanced operational efficiency. Zoho Sign can help Mexican businesses achieve optimal performance by ticking crucial boxes, such as:

  • Speed
  • Productivity
  • Authentication
  • Security
  • Remote access
  • Improved user experience
  • Cost-effectiveness

Mexican industries with widespread e-signature use

  • HR
  • Finance
  • Legal
  • Technology
  • Healthcare and life sciences
  • Banking
  • Transport

The legality of e-signatures in Mexico

The Mexican legal system has adopted the Federal Commerce Code as the fundamental law addressing the validity of electronic signatures and ecommerce in the country.

In addition, the Advanced Electronic Signature Law regulates:

  • The use and validity of Advanced Electronic Signatures (AES)
  • The role and functions of authorized Certification Service Providers (CSPs) in the issuance of digital certificates

According to the Commerce Code, no legal effect, validity, or enforceability can be denied solely because the information is in electronic form. Furthermore, no method of creating an electronic signature can be excluded, restricted, or deprived of its legal effect.

Types of electronic signatures recognized under Mexican law

Electronic Signature

An Electronic Signature is "any data inserted electronically in a message, using any technology, which is used to identify the person signing the message, to indicate the signer's approval of the information included in the message, and holds the same legal weight as a handwritten signature." This Electronic Signature is admissible as evidence in court. Moreover, the simple scanning of a handwritten signature and its insertion as an image in a digital document can be considered an Electronic Signature.

Advanced or Reliable Electronic Signature

An Electronic Signature will be considered "advanced" or "reliable" if it meets the following requirements:

  • The signature creation data must be uniquely linked with the signatory.
  • The signatory must maintain exclusive control over the signature creation data at the time of signing.
  • Any modifications to the Electronic Signature post-signing must be detected.
  • Any alterations to the information in the data message after signing must be identifiable.

The Advanced Electronic Signature may be applied to electronic documents and data messages, producing the same legal effect as a handwritten signature. In accordance with the AES law, the utilization of an Advanced Electronic Signature necessitates the following:

  • A valid digital certificate issued by a CSP
  • A private key, generated and maintained under the exclusive control of the signatory

Digital signature certification

All data messages or other records that confirm the link between a signer and the Electronic Signature creation data is a digital signature certificate.

What makes certificates valid?

For the certificates to be considered valid, they must contain the following:

  • An indication that they are issued as such
  • The unique identification code for the certificate
  • Identification of the CSP issuing the certificate, including company name, internet domain name, email address (if applicable), and accreditation data before the Secretariat
  • The name of the certificate holder
  • The certificate validity period
  • The date and time of issuance, suspension, and renewal of the certificate
  • The scope of responsibilities assumed by the CSP
  • A reference to the technology used to create the Electronic Signature

Who is a Certification Service Provider (CSP)?

A CSP is an individual or public institution that provides services related to electronic signatures and issues digital signature certificates. The person in whose favor the certificate was issued will be the certificate holder.

Recognition of foreign certificates and electronic signatures

According to the Commerce Code, any Electronic Signature created or used outside the Mexican Republic will produce the same legal effect as one created or used within the country if it presents an equivalent degree of reliability. The determination of reliability adheres to international standards acknowledged by Mexico and other convincing factors.

Furthermore, if the parties involved in cross-border transactions mutually agree on specific types of Electronic Signatures and certificates, such agreement generally suffices for recognition, unless there is a conflict with applicable laws. In essence, if the Electronic Signature's reliability matches Mexican standards and any agreed-upon terms are valid under the law, it will be recognized and treated similarly, irrespective of its usage within or outside Mexico.

The AES law specifies that the digital certificates issued by a CSP outside Mexico are valid and legally recognized if they meet the following conditions:

  • The certifying authorities must recognize the certificates.
  • They must guarantee compliance with the requirements, the procedure, as well as the validity of the certificate.

Data message preservation service

A data message retention certificate (NOM151 Certificate) is an electronic document issued in accordance with the guidelines outlined in NOM-151. It serves to ensure that electronic information for which a certificate is requested existed at a specific time and possessed certain characteristics.

The records of conservation of data messages are designed to prove that a digital document has not been altered or modified since the issuance of the record of conservation. Its prime objective is to preserve the integrity of such documents. NOM151 Certificates can only be issued by an accredited Certification Service Provider (CSP).

Zoho Sign integrates with a NOM151 service provider, PSC World, to provide the NOM151 functionality for Mexican customers, making it the ideal solution for businesses operating in Mexico. Once a document is signed and the NOM151 certificate is generated, it cannot be altered or tampered with; this aligns with the regulatory requirement put forth by the Mexican law.

PSC World

 

How does Zoho Sign meet the requirements of standard electronic signatures?

For businesses seeking a reliable and user-friendly Electronic Signature platform, Zoho Sign can be an invaluable asset. It adheres to the following requirements of a Standard Electronic Signature.

  • Unique linkage:

    Unique login credentials or other authentication methods, such as SMS-based verification or email verification, ensure that only the authorized signatory can sign the document.

  • Exclusive control:

    Only the signatory is allowed to review the document before signing and provide choices to make changes or reject the document if necessary.

  • Detectable alterations:

    Zoho Sign ensures any alterations to the electronic signature or the document to which the signature is affixed are detectable through an elaborate audit trail of occurrence of all activities during the signing process. This audit trail comprises critical information such as the identity of the signatory, the timestamp of the signature, and changes made to the document.

  • Integration with CSPs:

    Zoho Sign integrates with CSPs that are part of the Adobe Approved Trust List (AATL) to provide Electronic Signature.

Digital timestamping

A digital timestamp is a record that proves that the data existed before the date and time of issuance of the aforementioned stamp in accordance with the terms established in the official Mexican standard on digitization and conservation of data messages.

Zoho Sign partners with GlobalSign to issue digital timestamps for commercial transactions. This aligns with the legal requirements for document authenticity in Mexico.

GlobalSign

Mexican citizens and businesses can streamline their digital signing processes by employing Zoho Sign; they can also be assured of a seamless signing experience, high reliability, improved security, and verification.

Exemptions of Electronic Signature usage

While Mexican law does not explicitly prohibit the use of Electronic Signatures in legal or business documents, it is advisable to conduct a thorough risk assessment before employing Electronic Signatures in specific documents, such as, including:

  • Promissory notes
  • Mortgages
  • Wills
  • Tax returns, and others.

Key takeaway

E-signatures have led to a transformative impact on various industries in Mexico. Zoho Sign's unwavering commitment to the country's e-signature regulations prepares the ground for a future of secure legal processes. With Zoho Sign's array of robust features and enhanced security, businesses can be assured of a seamless signing process and admissibility of electronically signed documents in the court of law.

Resources

Disclaimer

The information provided in this document is for general informational purposes only and shall not be construed as legal, regulatory, or any other form of professional advice. Zoho Sign disclaims any liability for any error in the information provided herein. We recommend that you consult your legal counsel for any questions that you may have in this regard.