European Regional Development Fund
A way to make Europe
For the new commercial and social reality usability requirements of digital signatures include adapting to environments that require mobility, flexibility, speed, device and technology independence, and security. Viafirma has developed the VI-FI product in order to meet these requirements, adding features based on the centralization of digital certificates in a secure cloud.
The VICARIUS FIDELIS proyect
The goal of the VICARIUS FIDELIS Project was to develop a secure, multi-device, delegated centralized signature platform that would offer an answer to the need for SMEs to delegate the centralized electronic signature to third parties (administrative managers), to streamline outsourced processes in a secure and usable way, including secure management and delegation of certificates to third parties; and efficient issuance of certificates through biometric recognition.
The project was co-financed by the Center for the Development of Industrial Technology (CDTI), attached to the Ministry of Science and Innovation, and by the European Union, through the European Regional Development Fund (ERDF); this has allowed the company to assume a greater risk, allocate a larger budget to implement the solution, while keeping the business strategy of strengthening the R&D activity.
The activities were developed at Viafirma’s headquarters, started on 01/04/2019 and concluded on 31/09/2020, with a budget of 390,028.00€.
The resulting VI-FI product, initially aimed at administrative managers of SMEs which handle countless digital identities and electronic signatures from their customers when dealing with administrative procedures involving a high security risk, is being used by other agents/third party companies in banking, finance, insurance, legal or consulting sectors. They also need to manage their customers’ digital certificates securely to carry out administrative or legal procedures. Also other businesses that wish to manage their own digital certificates in a simple and secure way to automate processes and daily operations while moving towards digitization.
Meeting the objectives. Features contained in the technological solution
The objectives set for the implementation of the VICARIUS FIDELIS Project are reflected through this set of innovative features integrated in the VI-FI product:
- Multidevice. Works from any device (computer, tablet or mobile device) and from any operating system.
- Centralized or cloud-based signature. The digital certificate is stored on a secure HSM server available for the user whenever he/she wants to sign a document online, after robust identity verification (two-factor authentication).
- Remote enrollment through biometric technology. Highly reliable against fraudulent attacks. Biometric enrollment allows to verify the identity of the person via video through recognition of their facial features, avoiding the need to go to a registry office.
Delegation of certificates to third parties. Allow full and secure management of delegated certificates, allowing full transparency and tracking for the owner of the certificate, using Blockchain technology and the implementation of Smart Contracts for auditing delegated signatures. - Strong identity verification. The platform certifies the user’s identity through the different existing identity providers (IdPs) (email, LDAP, OTP, password, PIN number, SMS).
Conclusions of its execution
As a result of the implementation of the VICARIUS FIDELIS Project, Viafirma has developed a secure, multi-device, delegated centralized signature platform that responds to the need of companies to delegate the centralized electronic signature to third parties, allowing to streamline outsourced processes in a secure, flexible, fast and usable way, including efficient issuance of certificates through biometric verification.
Overview of the use of biometric technologies
Passwords, which for decades have been used to protect personal data or to access online services have not been able to ensure digital security. The human body is becoming the hardest password, offering several factors for authentication: facial and fingerprint recognition, iris or physiognomy, as well as behavioral biometry.
More sectors and companies are strengthening security through biometric authentication. Here are some examples:
| INDUSTRY/APPLICATION | FEATURE |
| Banking and Investment | Contactless identification |
| Pharmaceuticals, hospitals, and the health sector | Contactless identification |
| Heavy industry and construction | Contactless identification |
| Police and military services | Surveillance controls, criminal identification |
| Labor (companies and administration) | Contactless identification, access to facilities and systems |
| Online shopping | Contactless identification |
| Travel and tourism | Access to facilities |
| Contactless identification | |
| Social media | Contactless identification |
According to an IBM study on the future of identity in 2018, users prefer security to ease of use, especially when they login to applications involving money transactions. The use of biometric techniques to authenticate users is gaining popularity, with 67% of the users surveyed being satisfied, while 87% think that they will be satisfied in the future.
To conclude, the use of biometric technologies to check the identity of users, cloud certificates and of Blockchain technology (Smart Contracts) for auditing delegated signatures ensure top security for the signature generated through the VI-FI product. This eSignature is compliant with eIDAS-EU regulatory framework in terms of security and advanced digital signature, which makes it legally valid.