Non-Repudiation

What is Non-Repudiation?

Non-repudiation is a security concept that prevents a party from denying an action they have performed. In electronic signing, it means that once a person has signed a document, they cannot later credibly claim that they did not sign it or that the document has been altered since signing. Non-repudiation is one of the fundamental properties that gives electronic signatures their legal strength.

Technical non-repudiation is typically achieved through digital signature cryptography. When a signer uses their private key to create a digital signature, only they could have created that specific signature (assuming their private key has not been compromised). The mathematical relationship between the private and public key provides the proof. Combined with a digital certificate from a trusted certificate authority, this creates strong evidence of who signed and when.

Procedural non-repudiation is achieved through comprehensive audit trails, identity verification, and secure signing processes. Even without PKI-level cryptography, a well-designed signing platform can provide strong non-repudiation by recording detailed evidence of the signing process — including IP addresses, device information, authentication steps, and precise timestamps.

Non-repudiation is particularly important for high-value contracts, regulated transactions, and documents that might be disputed. Advanced and qualified electronic signatures under eIDAS are specifically designed to provide non-repudiation, and courts give them stronger presumptions of validity as a result.