Citizen Digital Certificate Scams Exposed: Why SelfieSign's Video E-Signatures Are Safer (Part 2)

Table of Contents

• A Brief Recap on Security Concerns of Citizen Digital Certificates and Electronic Signatures

• Key Issues

• How the Removal of the "Exclusion Clause" Impacts User Experience in the Electronic Signature Act

• Real-World Applications of Video-Based Electronic Signatures

• SelfieSign's Answer to Digital Fraud Risks

• Key Features of SelfieSign's SVS Technology 

• A Balanced Approach: Biometrics + Digital Authentication

A Brief Recap on Security Concerns of Citizen Digital Certificates and Electronic Signatures 

In September 2024, 11 seniors over the age of 70 were deceived into providing their Citizen Digital Certificate (CDC), a government-backed digital ID in Taiwan, and password to scammers, resulting in total losses of NT$150 million. Among the victims, a 75-year-old retired civil servant suffered a staggering loss of over NT$60 million in real estate and cash. 

Key Issues

1.     Limitations of Citizen Digital Certificates

• Identity verification relies solely on a card and password, lacking multi-factor authentication.

• There are no biometric authentication mechanisms, which increases security vulnerabilities.

• The security is weaker compared to traditional physical signatures.

  
  

2.    Comparison: Physical Signatures vs. Citizen Digital Certificates

3.     Legal Implications of Electronic Signature Act Amendments

• Government-issued certificates are legally presumed to be equivalent to handwritten signatures.

• The adequacy of security standards (ISO 29115 LOA 3, NIST IAL 2, eIDAS SES) remains a subject of debate.

• Potential conflicts with the principle of technological neutrality.

How the Removal of the "Exclusion Clause" Impacts User Experience in the Electronic Signature Act

The amended Electronic Signature Act now requires administrative agencies to accept online document signing, removing their discretion to refuse its use.

Agencies have one year to comply (Article 11, Paragraph 1; Article 19; Article 1, Paragraph 2). Exceptions for judicial procedures must be publicly announced by the Judicial Yuan or the Ministry of Justice.  

  Aside from judicial procedures, many high-risk transactions and scenarios with major legal implications—such as marriage, divorce, property transfers, and notarizations—have traditionally required in-person signing to ensure security. These processes rely on physical presence, dual ID verification, and biometric signature authentication to uphold transaction integrity.

But the recent fraud cases involving Citizen Digital Certificates highlight the risks of remote, password-based digital signatures, making them unsuitable for deals with major legal and financial consequences.

To effectively promote the adoption of electronic signatures, it is important to assess the risk level of each use case and implement the most appropriate digital signing platform.

SelfieSign's video-based e-signature solution has successfully addressed concerns about non-repudiation and is now widely used in Taiwan's healthcare sector, holding a 70% market share among major medical centers.

For transactions requiring in-person verification, video-based document signing offers a legally and practically reliable alternative to Citizen Digital Certificates.

Additionally, SelfieSign is certified by the Ministry of Digital Affairs to provide comprehensive and secure electronic signature services for high-value legal transactions.

Real-World Applications of Video-Based Electronic Signatures

Let's consider a case where a lending company in Spain faced an online contract signing dispute when a customer refused to repay their loan, claiming they had never signed the agreement.

The key factor in the company's successful defense was the use of SelfieSign's video-based e-signatures.

By capturing biometric data—such as facial features and signing gestures, and securely storing it in the .SVS format, the company was able to provide clear, legally binding proof of the contract's validity and the signature's authenticity.

With this verifiable evidence, the court ruled in favor of the lender, reaffirming the legal validity of video-based e-signatures in financial agreements.

SelfieSign's Answer to Digital Fraud Risks

In today's digital landscape, paper-based signatures are outdated, whereas smart card-based digital signatures add complexity and hidden risks.

The vulnerabilities of password-only authentication make them easy targets for fraud.

However, as governments and businesses accelerate their shift to digital processes, ensuring secure and efficient signing methods is more crucial than ever.

A major limitation of Citizen Digital Certificates is their lack of biometric verification — a critical safeguard of traditional handwritten signatures. This limitation creates exploitable gaps for fraudsters.

To counter these risks, modern solutions must go beyond passwords and ensure stronger identity verification.

SelfieSign's video-based e-signature is currently the only solution offering the highest level of non-repudiation while maintaining the same legal validity as handwritten signatures.

Unlike conventional e-signature solutions, SelfieSign integrates selfie video recording into the signing process. It captures biometric features and the signer's intent, enhancing authenticity and legal defensibility.

Key Features of SelfieSign's SVS Technology: 

• Selfie Video Recording of the signing process 

• Captures facial features, signing gestures, location data, timestamps, and more! 

• Utilizes Public Key Infrastructure (PKI) to encrypt and protect document integrity 

• Produces tamper-proof, court admissible .SVS (Selfie Video Signature) files 

  
  

In settings where signers must be physically present—such as patients signing medical consent forms—requiring a digital certificate is impractical. Expecting everyone to possess a digital certificate is like demanding an official seal for a simple in-person signature.

This is where video-based e-signatures offer a secure, efficient alternative, bridging the gap between convenience and compliance.

Likewise, when it comes to remote transactions where digital identity verification is essential, international standards like ISO 29115, NIST IAL, and eIDAS can help assess transaction risk and determine the optimal combination of digital certificates and e-signature technologies.

A Balanced Approach: Biometrics + Digital Authentication

Zooko's Triangle teaches us that no single technology can perfectly fulfill every cybersecurity need.

This applies to e-signatures too, as relying solely on Citizen Digital Certificates, which serve as both identity proof and signing tools, introduces exploitable vulnerabilities.

Consider traditional banking as an example: it pairs dual-authentication methods, like a signature and a stamped seal, to lock down transaction security.

In the same way, combining biometric verification with digital authentication becomes imperative in the digital realm—not just to combat fraud, but to fortify security and build a higher wall against malicious actors.

So, take the first step toward secure, fraud-resistant e-signatures with SelfieSign. 

Sign up today!

Want to learn more? Please feel free to check out our other articles!

• Reforming Electronic Signature Law: Breaking Digital Barriers

  https://www.selfiesign.com.tw/post/lang=zh

• Electronic Signature Law Amended: SelfieSign's Digital Signature Vision

  https://www.thinkcloud.com.tw/post/taiwan-esignature-law-revised

• Cloud-Based Medical Consent: ThinkCloud's Solution for Healthcare Providers

  https://www.thinkcloud.com.tw/post/thinkcloud-brings-cloud-based-healthcare-to-all-hospitals-and-clinics