In the modern office, electronic signatures are now a normal part of day-to-day business. This is a good thing: electronic signatures (sometimes called “digital signatures”) reduce paper usage and simplify your secure document workflow.
DocuWare Signature Service ensures that your documents are digitally signed by a verified Trust Service Provider.
How a digital signature works
In simple terms, every type of electronic signature consists of data that is added to a document or file. With a Qualified Electronic Signature, the data added is generated in 1. A particularly secure technical environment. 2. A specially authorised and qualified authority/organization has issued the signatory’s authenticated proof of identity – a Digital Certificate.
Signing then takes place in a public-key infrastructure in which an encryption procedure with two keys is used. One is a private key, which only the encrypting authority knows; and one is the public key. This key is added to the document in the signature certificate.
This is a little technical but worth knowing. There are three steps involved:
- Hash value calculated
From the data of the document or file, a mathematical formula is used to calculate a checksum, which is called a hash value. It works like a fingerprint for a document.
- Hash value encrypted
This hash value is encrypted with the signer’s private software key (Private Key).
- Document connected with encrypted hash value + certificate
The encrypted hash value and certificate are then attached to the document. The certificate contains the Public Key for decrypting the hash value, the information that this key is associated with the identity of the signer, and the validity of the certificate.
To sign documents in a DocuWare workflow, DocuWare offers the possibility of integration with any Secure Signature providor.
The signature procedures with our solutions offer the following options:
- Remote. When a document is sent to in a workflow, the responsible employee receives a message and releases the signature from the smartphone, for example, using an SMS code.
- Biometric. A customer signs on a tablet. Biometric data such as writing pressure and speed are recorded and embedded with the signature in the document (list of supported devices).
- Centralized. The user deposits a certificate with ValidatedID once, which confirms his or her identity. This allows the user to authenticate and sign documents at ValidatedID from anywhere, anytime.
Signatures differ in their security level. The typed name under an email or a DocuWare stamp are examples of a simple signature. An advanced digital signature must be encrypted, with part of the key accessible only to the signer. In the case of a qualified signature, the identity of the signer is additionally verified with a certificate deposited with a trust service provider, as previously discussed.
Just to summarise, digital signatures are now part of our daily lives be it in B2B or B2c environments. The laws are now catching up, as they should with our current environments. LawTech is fast becoming a big area of growth and disruption in the tech space.
Please feel free to reach out to discuss with one of our workflow experts about your needs. Contracts, Forms, Delivery notes? Applications are endless.