Doing business in Vietnam:
E-signature laws and compliance essentials

A quick look at e-signature legality and business use in Vietnam

Sign Up for freeRequest Demo

Electronic signatures: How they operate

Electronic signatures are digital versions of your signature that indicate your agreement to the contents of an online contract. They provide a hassle-free way to sign documents remotely, eliminating the need for physical paperwork and enabling faster and more streamlined transactions.

They are legally binding for a variety of purposes and can either be typed, drawn on the screen of an electronic device, or uploaded from your desktop. This modern alternative to wet signatures has been adopted across the world because it empowers individuals and businesses to sign documents online in a legal, secure, and efficient way.

Vietnam goes digital with Zoho Sign

In Vietnam's fast-growing economy, where agility and efficiency define success, e-signatures are transforming how businesses operate. Tasks that once took days, like closing contracts, approving transactions, or onboarding new clients, can now be completed in just minutes. E-signatures are also helping companies simplify compliance in cross-border partnerships and enabling seamless collaboration among remote teams. As Vietnam continues its digital transformation, adopting e-signatures offers businesses a competitive advantage, facilitating faster operations, cost reductions, and access to new opportunities across ASEAN and beyond.

Zoho Sign provides enterprise-grade digital signatures through an easy-to-use platform. Designed for business efficiency, our solution delivers:

  • Faster signing processes
  • Enhanced productivity
  • Robust signer authentication
  • Top-tier security
  • Remote accessibility
  • Better user experience
  • Cost savings

E-signatures take center stage in Vietnam's digital transformation

Key sectors in Vietnam turning to e-signatures to boost efficiency and security:

How the Electronic Transactions Law, 2023 (ETL) defines and recognizes Electronic Signatures

1. Electronic Signature

An Electronic Signature refers to digital data that is either linked to or associated with other electronic data. Its primary purpose is to verify the identity of the signer and demonstrate their intention to approve or sign the related information.

2. Digital Signature

A Digital Signature is a specific form of electronic signature that utilizes an asymmetric key algorithm, involving a pair of keys: a private key for signing and a public key for verification. This mechanism ensures the authenticity, integrity, and non-repudiation of a message, but it does not guarantee the confidentiality of the message's content.

Classification of Electronic Signatures

Electronic Signatures are categorized based on their intended use into the following types:

1. Specialized Electronic Signature

This type of signature is exclusively generated and utilized by a specific agency or organization for its designated functions and responsibilities.

2. Public Digital Signature

This signature is employed in public transactions and is supported by a public digital signature certificate. These are commonly used by individuals and businesses for electronic transactions such as e-commerce, online banking, and contract signings—activities necessitating a verified digital identity. For instance, a private company may employ a Public Digital Signature to electronically execute agreements with clients or partners.

3. Digital Signature for Public Service

Designed solely for activities related to public services, this signature is validated by a digital signature certificate specifically issued for public service purposes. Government agencies and public officials primarily use this form of Digital Signature to perform official functions such as document authentication, issuing public notices, or inter-agency communications. For example, a government department might utilize this signature to securely approve and transmit regulatory documents.

Requirements for Specialized Electronic Signatures

A Specialized Electronic Signature must:

  • Identify the signer and confirm their approval of the data message
  • Be uniquely linked to the content of the approved message.
  • Remain under the exclusive control of the signer during the signing process.
  • Be verifiable under agreed-upon conditions.

Requirements for Digital Signatures

For Digital Signatures, the requirements include all of the above, with additional stipulations:

  • Detect any alterations made to the message after signing.
  • Be secured through a Digital Signature certificate.
  • Be created using secure methods that:
    a) Prevent exposure or misuse of signature data.
    b) Ensure the signature data is used only once.
    c) Prevent unauthorized modifications to the signed data.

Specialized digital signature certificates for public services are issued and managed by authorized organizations providing digital signature certification services for public sector use, in compliance with electronic transaction and cryptography laws.

Security parameters for Digital Signatures

A Digital Signature is deemed a Secure Electronic Signature if it meets the following criteria:

Validity and verification:

The signature must be created during the digital certificate's validity period and be verifiable using the public key specified in that certificate.

Issuance by a recognized authority:

The signature must be generated using a private key corresponding to a public key issued by one of the following authorities:
a) The National Digital Signature Certification Authority(NEAC)
b) The Government's Specialized Digital Signature Certification Authority
c) A Public Digital Signature Certification Authority
d) A Specialized Digital Signature Certification Authority of an agency or organisation that holds a certificate of eligibility, in accordance with Article 40 of this Decree

Control over private keys:

The private key must be under the sole control of the signer at the time of signing.

Validity of Electronic Signatures under the law

An Electronic Certification Service Provider is a legal entity responsible for issuing and validating electronic certificates. These providers act as trusted third parties to ensure the authenticity of electronic signatures.

An individual has the right to use Electronic Certification Service Providers to create Electronic Signatures. These providers are responsible for verifying the authenticity of the Electronic Signature and ensuring it belongs to the rightful signer.

There are two types of certification providers:

  • An Electronic Signature is not considered legally invalid simply because it is in electronic form.
  • A secure Specialized Electronic Signature or a Digital Signature holds the same legal value as an individual's handwritten signature on paper documents.
  • If the law requires a document to be certified by an agency or organisation, this requirement is fulfilled when the document is signed using a secure Specialized Electronic Signature or a Digital Signature issued by the relevant agency or organisation.

Where Electronic Signatures are used

  • Commercial and civil transactions
  • Government and public administration
  • Financial and banking transactions
  • Employment and human resources
  • Healthcare and medical transactions
  • Corporate governance and compliance

Limitations on the use of Electronic Signatures

As per Vietnam's Law on Notarization No. 53/2014/QH13, Electronic Signatures are not permitted in the following instances:

  • Wills
  • Real estate transactions
  • Matrimonial property regimes
  • Auction documents
  • Authorization for legal appeals
  • Testimonies of notaries

Digital Signature Certificate

An Electronic Signature Certificate is a data message that verifies the identity of the certified agency, organization, or individual as the signer of the Electronic Signature. When utilised for Digital Signatures, it is called a Digital Signature Certificate.

Legal validity of Electronic Certificates

An electronic certificate holds legal validity when it satisfies the following criteria:

  • It is signed using the Digital Signature of the issuing agency or organization, in accordance with legal provisions.
  • The information contained within the certificate is accessible and usable in its complete form.
  • If a timestamp is legally required, the certificate must include such an indication.
  • Electronic certificates issued by foreign competent authorities are recognized and valid for use in Vietnam only if they undergo consular legalization, unless exempted by Vietnamese law.

Certifying Authority

A Digital Signature Certification Service is provided by a digital signature certification service provider to authenticate the digital signer of a data message, ensure the signer's non-repudiation of the data message, and maintain the integrity of the signed data message.

Recognition of foreign digital certificates

Vietnam recognizes foreign electronic signatures and the service providers that issue them, provided certain conditions are met as outlined in Articles 26 and 27 of the ETL.

A foreign provider of digital signature certification must:

  • Be lawfully registered and active in its home country.
  • Submit a technical evaluation report from a recognized auditing organization.
  • Adhere to Vietnamese regulations, international standards, or relevant treaties on Electronic Signatures.
  • Grant certifications only after thorough verification of foreign entities or individuals.
  • Regularly update certificate statuses within Vietnam's trusted service certification system.
  • Establish a local branch or representative office in Vietnam.
  • Issue certificates only upon confirmed identity validation of the holder.

Use of foreign electronic signatures in international transactions

  • Foreign electronic signatures and certificates issued outside Vietnam are valid for transactions involving Vietnamese individuals or entities.
  • Organizations and individuals are responsible for accepting foreign electronic signatures in cross-border transactions.

Once foreign digital signatures and certificates are recognized under Chapter V of Decree 130, they hold the same legal validity as those issued by Vietnamese public digital signature authorities.

Recognition procedure

Detailed procedures for recognition are provided in Circular 06, which includes:

  • Application requirements
  • Evaluation and approval by Vietnam's Ministry of Information and Communications
  • Ongoing compliance obligations

Timestamping service

  • A timestamping service adds a time mark to a data message to confirm it existed at a specific point in time.
  • The timestamp is created as a Digital Signature.
  • The recorded time indicates when the service provider accepted and verified the data message.

Zoho Sign partners with recognized timestamping authorities, GlobalSign and Seiko, to provide trusted digital timestamps for electronic transactions. These timestamps validate the authenticity of e-signatures and verify that the signed document existed in the given form at the time of signing and remains unaltered. This adds a robust layer of security to the signing process. By making signatures tamper-proof, digital timestamps enhance the reliability of signed documents for both legal and commercial purposes.

GlobalSign for businesses in VietnamSeiko for businesses in Vietnam

Why Zoho Sign is the right fit for Vietnamese businesses

Here are six key reasons why Zoho Sign is perfectly suited to support Vietnam's digital signing needs.

  • Identification and reliability:

    Zoho Sign employs strong authentication techniques, such as OTP authentication and PKI-based digital signatures using digital certificates, to ensure that the e-signature is uniquely identifiable.

  • Sole control over the data being signed:

    Only the signatory is allowed to review the document before signing and may reject the document if necessary.

  • Detectable alterations:

    Zoho Sign ensures any alterations to the electronic signature or the document to which the signature is affixed are detectable through an elaborate audit trail of all activities during the signing process. This audit trail comprises critical information, such as the identity of the signatory, the timestamp of the signature, and changes made to the document.

  • Enhanced security:

    Zoho Sign employs robust encryption protocols, such as the military grade AES-256 encryption at rest and the TLS/SSL protocol in transit, to ensure that the data transmission between the signing platform and the data being signed is secure. This prevents exposure of documents and data from data breaches.

  • Audit trails:

    Audit trails provide a comprehensive itemized record of every action taken on a document, ensuring full transparency and accountability throughout the signing process. This detailed log enhances security and serves as legal evidence in case of disputes, making it a vital tool for businesses to maintain compliance and trust in their digital transactions.

Key takeaway

E-signatures are legally recognized in Vietnam, making it easier for businesses to move toward fully digital document processes. As remote work and cross-border collaboration become more common, more organizations are choosing secure, easy-to-use tools like Zoho Sign to simplify their workflows. By going digital, businesses can save time, cut down on paperwork, and work more efficiently. E-signatures also play a key role in supporting Vietnam’s ongoing digital transformation. Start your free trial with Zoho Sign today and experience a faster, safer way to manage your agreements.

Sign Up for free

Resources

Disclaimer

The information provided in this document is for general informational purposes only and shall not be construed as legal, regulatory, or any other form of professional advice. Zoho Sign disclaims any liability for any error in the information provided herein. We recommend that you consult your legal counsel for any questions that you may have in this regard.