Digital signatures (re-) invented with EIDAS

Digital signature solution

Today, almost everyone has heard of the convenience of putting digital signatures on a contract or any other type of digital document and many have even experienced it. As digital signature solutions become more widely accepted, software providers  are attempting to secure market share by distinguishing themselves from their competitors. They do this by focusing on a specific aspect of the digital signature process. Some providers offer a multi-channel experience by providing smartphone and tablet applications for digitally signing. Others are more concerned with crafting a uniquely intuitive user experience for their users. Whilst still other suppliers have chosen to stand out by adhering to strict security standards for their solution.

But let´s take one step back and return to the essence of digital signatures. They were once introduced to completely replace traditional signatures and as a result to remove paper from everyday processes such as signing contracts, onboarding new customers or legally registering consent and approval. The ultimate reason for companies to integrate digital signatures is to be able to conduct any kind of business transaction anywhere, anytime on any device. By focusing on just one of these aspects and adopting a niche-approach, many eSign solution providers are starting to lose sight of the bigger picture.

Particularly organizations in sectors such as finance, banking, insurance and government struggle with these one-dimensional solutions. Traditionally these industries are composed of large and complex institutions that must adhere to strict and ever-growing regulation. Because these companies deal with high-value, complex and sensitive transactions on a daily basis, they require a comprehensive digital signature solution. Such a solution should fulfill all the diverse and extensive requirements posed whilst offering compliance to all relevant legislation. Such a digital signature solution should reduce both the administrative- and regulatory burden for these corporations. Moreover, with online and remote transactions one needs to be certain about the identity of the counter signer i.e. are the signers who they claim to be? Are they mandated to conduct such a transaction? Another crucial aspect is the document integrity i.e. are we sure that the content cannot be changed after placing a signature? Will that signature still be valid within 20 years?

 

5 needs for choosing a digital signature solution

In what follows we explain five important needs within the market with regard to electronic signatures or better put, ‘digital signatures’. After all, electronic signatures include a wide variety of signing methods whilst digital signatures imply legal value. We strongly believe that a wisely chosen digital signature solution offers significant added value in addition to the plain digital signatures itself. Not only does this greatly benefit the business but the end-user as well. Only in this way can the needs of these companies be fulfilled without compromising the end-user experience.

 

Flexible Mandate and Delegation Management

In each corporation – small, medium or large-, dealing with daily correspondence can be a full-time job on its own. To save time, almost every manager or any other person with a leading role, prefers to authorize a number of specific staff members. Their responsibilitiesinclude handling and signing documents on behalf of the manager. For digital signatures this is no different. We believe that a good digital signature solution should have an integrated and secure ´authorization´ feature that manages mandates and delegations.

Based on Connective’s experience the best and safest way to manage digital authorizations is summarized as follows:

  • So the eSign solution must be able to capture the mandates and authorized delegations and corresponding roles in an intuitive manner whether by configuration or via API integration of a specific database.
  • When receiving for example a document or a package of documents to eSignature, the person who then is empowered, is requested to eSign the document.
  • The most relevant point is to assure the identity of the mandated or delegated person: are they who they claim to be? So to validate the signer’s identity and corresponding mandate, a series of subsequent checks will be performed in background. These checks are based on the registered authorizations. Depending on the set-up, the solution can even call upon an external system to do extra validation checks or to add extra information. This can be managed via signature policies. For example in case of a notary, one can check the identity and the mandate of the notary but also whether that notary is still authorized to exercise his mandate for that specific notary office.

 

Choose the right Digital Signature solution & method for your different processes

A transaction can be very simple but also extremely complex and risky. Different transactions therefore require a different approach with regard to security, data protection and legal value. Sometimes an oral approval is sufficient whilst for other transactions every page of the contract needs to be signed under surveillance of an independent third party.

Thanks to digital signatures, these complex and time-consuming signing processes can become a lot more manageable. A sophisticated digital signatures solution can namely enable automated flows where the type of signature(s) is automatically chosen, depending on the risk associated with the transaction. Simple and harmless transactions can be secured with just an approval button. High-value and complex transactions require a more stringent process: an advanced digital signature (e.g. sign with SMS or email OTP, bank card authentication,…) or even a qualified digital signature (e.g. sign with eID, qualified PKI certificates, …).

To better understand the difference between an advanced and a qualified digital signature we recommend to read our FAQ.

 

The future is data, not documents

The PDF format is by far the most widely used document format for digital signatures because PDF is both a very secure, portable format and the most user-friendly document-format in terms of usage and signature validation. Thanks to the widespread availability of free PDF readers, any end-user can easily check whether a PDF document has been correctly signed or not.

However we are seeing a gradual shift in the digital signature needs, particularly in the business world. These days, companies do not only use PDF documents but also XML files, webforms, .zip files, video material, pictures, HTML, CSV and other formats to exchange information internally or with their clients.

Information only has value if it is correct and authentic and if we know where it came from. So just like PDF documents, there is a growing need to protect the integrity of any kind of other data source. As locking and ensuring the confidentiality of data is part of the DNA of a digital signature it is a perfect solution. Combined with proof of ownership of that signed data, an unlimited number of new possibilities arises to digitize business processes.  For this reason, a futureproof digital signature solution should also be able to sign more than just PDF documents.

 

Accelerate user adoption! Re-use what your customer is accustomed to

New eSign solutions keep popping up and they all provide a range of interesting signing methods. Nevertheless, these signing methods often don´t align with the existing authentication methods companies use (e.g. to log into a user-portal). This eventually leads to longer end-to-end flows where a client is confronted with different procedures, hardware tools and passwords to register, login and sign. Digital transaction flows that are long, cumbersome and complex decrease user adoption which defeats their purpose.

Customers expect online transactions to be smooth and easy with low barriers. Building end-to-end flows that are as short as possible and whereby the amount of clicks the user must go through is minimized is simply the best approach one can take. So when integrating different digital solutions, harmonizing these solutions to a seamless and automated process is the key message.

As an example we would like to highlight one of our financial clients, a 100% online bank, that has the mission to be an online ‘one-stop’ financial shop enabling customers to manage their finances by themselves. To offer a complete end-to-end online customer experience from client onboarding to the digital signing of a contract for their new mortgage product, they appealed to Connective for the eSignatures solution. With the Connective eSignatures solution, our client has the unique advantage to automatically onboard new customers within the same step as signing a contract. Merging three steps – where the customer has to sign up first, login afterwards and then sign a contract into one is not only a time and money saver for the bank´s customers but also for the bank itself. As they have lower abandonment rates due to a swift and seamless onboarding process.

 

Deal with geographic complexity

In today’s world, businesses, public authorities and individuals have the intention to or already carry out a substantial part of their cross-border transactions through digital means. As a result, e-identity, trust services and legal certainty are becoming essential in order to transform these transactions that were once considered incredibly difficult, strenuous and expensive.

For the same reason eIDAS Regulation came into effect. This regulations is established to remove previous barriers and hurdles in recognizing cross-border eID, digital signatures and authentication methods. The goal of eIDAS is to increasingly facilitate secure and seamless electronic transactions between every participating EU Member state.

Thanks to eIDAS, digital signatures are now gaining acceptance even more rapidly. But as a consequence, the range of signing methods is also growing significantly. This means that companies that trade internationally, increasingly need a flexible digital signing solution that supports multiple (international) signing methods including signing with the national eID´s, banking cards,…
But also other national initiatives that ensure a strong authentication/identification like iDIN (The Netherlands) or France Connect (France) and many more are worth considering to integrate.

Want to know more? Contact us now!

Connective eSignatures is now Nitro Sign Premium

Connective has joined the Nitro family! This domain will be deactivated shorty. Visit gonitro.com to stay informed about the latest updates and features of Nitro Sign Premium (formerly Connective eSignatures).