Ascertia

Digital Signatures

SigningHub is a complete Document Approval System that can be deployed fully on-premise, or in-country with your own private cloud service provider, or our public multi-tenanted cloud service.

Prepare & Send

Select documents and recipients, define workflow order, set access rules. Prepare manually, via templates or API

Review & Sign

Review, fill-in form fields, initial and sign in a jiffy from your desktop, tablet or mobile. Sign using basic, advanced or qualified signatures

Track & Manage

Track the sign-off status of your documents, send auto-reminders, edit your workflow and signers in real-time

Basic

  • Immediate signing, no user registration or login required
  • Document protected with server e-Seal

Advanced

  • Uses unique PKI signing key per user
  • Strong user authentication, user’s identity is cryptographically bound with their signature
  • Strong non-repudiation

Qualified

  • In addition, these provide highest level of legal recognition & acceptance
  • Cross-border use under EU eIDAS Regulation
  • Relies on Gov-recognised CAs only

Security is our number one priority

Our digital signatures are not just based on squiggles drawn with a mouse or a touch device, which can be easily cut/pasted from one document to another. On top of that, without cryptographic protection, such signature solutions don’t even help to detect later edits to signed documents.

SigningHub also uses hand-drawn signatures but these are then secured with advanced digital signatures using unique PKI keys for each user. We don’t rely on a single central server key – this can only create “proxy” signatures on behalf of users.

Before signing, users are authenticated using various options such as simple username/passwords, mobile based authentication, or tamper-resistant smartcards. This ensures that the signing keys are under the sole control of the owner and makes us compliant with EU eIDAS Regulation for Qualified Signatures – the gold standard for digital signature security.

We are fully standards based, no weird proprietary stuff

The security of our solution is not based on weird server-side security logic and then having to sift through audit trail records to prove a signature was valid.

We use standard digital signatures (ISO 32000, ISO 19500, ETSI PAdES, XAdES & CAdES) where all digital signature evidence information is stored inside the document itself. There is no need to upload the document to a server to get it verified or search through logs to prove a point.

We provide long-term signatures

With important documents, it is essential that any digital signatures can be proven to be valid in the long run.

To ensure this, we create enhanced PDF signatures based on latest ETSI PAdES specifications (ETSI TS 102 778). Such signatures support Long Term Validation (LTV) by using embedded secure timestamps to independently prove time of signing and the signer’s status at time of signing.

Documents are converted to PDF/A (ISO 19005-1:2005) format as part of the signing process. This is an open standard and not dependent on any particular software vendor. All other dependencies are also contained within the document so it can be opened and viewed without any external resources, an ideal format for long-term archiving and preservation. Similar profiles for XAdES-A and CAdES-A are also supported by the SigningHub engine.

We allow reuse of existing identity management infrastructures

Our solution can utilise existing signing keys which may already have been issued to the end-user population, such as or soft tokens.

Your existing PKI (CAs, OCSP responders and Time Stamp Authorities) entities can be easily registered and trusted within our system as part of your custom Service Plan. SigningHub can be configured to re-use existing signing credentials from industry initiatives such as Adobe® AATL program, Identrust®, SAFE-Biopharama etc.

SigningHub also supports the concept of Remote Signing, where user’s keys/certificates are managed transparently on the SigningHub server. We work with a number of Adobe AATL and eIDAS Qualified CAs to issue certificates automatically as part of the SigningHub registration process.

We understand the flexibility that real-world business applications need!

Although we provide a cloud-based web service, you may prefer to run your own internally hosted service, if so you may just license the technology. User’s hand-signatures can be captured using a variety of means from drawing on mobile devices, to uploaded images and specialist signature pads.

In-person signing allows individuals to e-sign documents without requiring any account on the system. Form navigation ensures that users fill in all mandatory fields before signing a document. Pages can be initialled and legal notices shown to ensure that users are aware of the legal implications of their digital signature.

Features such as delegated signing, department/role based signing and bulk signing of multiple files ensures that the solution aligns with your business processes.

A simple API allows easy integration into any web page and a variety of languages are supported. Enterprise re-branding is also available to ensure consistent user experience.

Datasheets:

SigningHub - Using Qualified Remote Signatures SigningHub overview