In the modern office, electronic signatures are now a normal part of day-to-day business. This is a good thing: electronic signatures (sometimes called “digital signatures”) reduce paper usage and simplify your secure document workflow.
DocuWare Signature Service ensures that your documents are digitally signed by a verified Trust Service Provider.
How a digital signature works
In simple terms, every type of electronic signature consists of data that is added to a document or file. With a Qualified Electronic Signature, the data added is generated in a particularly secure technical environment. In addition, a specially authorized and qualified authority/organization has issued the signatory’s authenticated proof of identity – a digital certificate.
Signing then takes place in a public-key infrastructure in which an encryption procedure with two keys is used. One is a private key, which only the encrypting authority knows; and one is the public key. This key is added to the document in the signature certificate.
There are three steps involved:
- Hash value calculated
From the data of the document or file, a mathematical formula is used to calculate a checksum, which is called a hash value. It works like a fingerprint for a document.
- Hash value encrypted
This hash value is encrypted with the signer’s private software key (Private Key).
- Document connected with encrypted hash value + certificate
The encrypted hash value and certificate are then attached to the document. The certificate contains the Public Key for decrypting the hash value, the information that this key is associated with the identity of the signer, and the validity of the certificate.
To sign documents in a DocuWare workflow, DocuWare offers the possibility to embed the signature provider ValidatedID, more trust service providers will follow shortly.
The signature procedures with VIDsigner offer the following options:
- Remote. When a document is sent to ValidatedID in a workflow, the responsible employee receives a message and releases the signature from the smartphone, for example, using an SMS code.
- Biometric. A customer signs on a tablet. Biometric data such as writing pressure and speed are recorded and embedded with the signature in the document (list of supported devices).
- Centralized. The user deposits a certificate with ValidatedID once, which confirms his or her identity. This allows the user to authenticate and sign documents at ValidatedID from anywhere, anytime.
Three security levels are available
Signatures differ in their security level. The typed name under an email or a DocuWare stamp are examples of a simple signature. An advanced signature must be encrypted, with part of the key accessible only to the signer. In the case of a qualified signature, the identity of the signer is additionally verified with a certificate deposited with a trust service provider.