What is A Digital Signature?

Posted on by

Most people think a digital signature is the application of an electronic representation of a signature to a document. In fact, a digital signature involves a formal process of utilizing a digital certificate issued by a Certificate Authority (e.g. VeriSign, GoDaddy, Comodo) that uses public key cryptography to create a unique representation of a message or document.  SmartSign incorporates both electronic signatures and digital signatures to simplify the capture across multiple channels such as web, mobile, point of sale, and others.

While capturing and applying a digital signature to a document is an important aspect of approvals, authorizations, and originations, it is just the start of your electronic document’s life cycle.  The entire business workflow for the signature process, including prepping your documents for signature, sending them out to your signer(s), and capturing the required signatures and data is the crux of eOriginal SmartSign®. SmartSign ensures your organization can easily and rapidly conform to the UETA and ESIGN legislation to make all of your electronic signing processes legal and secure.

Using SmartSign your documents are encrypted and tamper sealed within the trusted repository to maintain, legal admissibility and enforceability throughout the documents lifecycle.

Signing Using Adobe® Signature Format

Documents signed with SmartSign – whether using the web interface or submitted via our web services – are guaranteed to conform to the signature format supported by Adobe Acrobat®. Signatures are inserted into the exact location within the PDF document and bound to the content using a digital signature. The digital signature is generated using a certificate unique to your organization. The documents are automatically encrypted and deposited in the trusted repository.

Signing Using Multimedia Signatures

eOriginal SmartSign® extends the Adobe Signature Format to include the use of multimedia signatures.  Now you can extend the signature capture experience beyond the web, to capture a users’ approval or consent using a fingerprint device or voice recording. SmartSign securely binds the multimedia signature to the content of any agreement, and can automatically detect any change to the source document or multimedia file.

Multimedia signature support is actually an extension of our current visual signature representations and can be used together with any other signature appearance supported by SmartSign.  The multimedia signature information is also securely stored and encrypted within the integrated trusted repository.

Retrieving And Verifying Signature Information

eOriginal allows your authorized users to obtain detailed information about each signature applied to a document without retrieving the document itself, from any location at any time. Signature information can be retrieved through the published web services, using the eCore Command Center web application, or attached to an automated email notification.

The available digital signature information includes: the name of the exact signature location, the time the signature was applied, the signer’s reason for signing, location/IP address of the signer, the Certificate Authority that issued the signature’s certificate, along with any raw multimedia data stored with the signature.

Business System Digitial Signature Checking

All documents signed using the SmartSign signature process are passed through a rigorous verification process prior to deposit in the trusted repository. When a document is presented to the repository it must pass through our multi-step signature verification and validation process. This process includes the following steps:

  • There must be at least one digital signature present within the document.
  • The digital signature is verified against the content of the document, to ensure none of the content has been altered since the signature was applied.
  • If there are multiple signatures applied to the document, the most recent signature much match the content of the previously stored document revision.
  • The digital certificate used to sign the document must be within the certificate’s validity period at the time of acceptance within the trusted repository.
  • The certificate will be verified as valid against the issuing Certificate Authority’s revocation list.
  • Only after passing this verification process, will the document be tamper sealed and deposited into the trusted repository.

The steps and processes outlined above make eOriginal’s end-to-end electronic signature solution the most robust and secure solution on the market, customizable to fit almost any business need and workflow process. Please feel free to contact us with any questions or leave a few comments.