The operation is not merely a capture / scan of the user handwritten signature and their subsequent inclusion in the document, but it captures, generates and stores enough data to guarantee the basic principles of a advanced electronic signature.
- Signer identification.
- Linking uniquely the signer and the signed data.
- Detection capability of any changes after the signing.
- Guarantees that only the signer can generate that signature.
In short, the digital signature of Viafirma platform ensures that the signer is who has made the signature, what he signed has not been modified (or if there have been changes, what they are and where they are), what time was the signature made and that this signature can not be reused in subsequent documents.
Generation of an electronic signature
Our solution takes advantage of the platform cryptographic capabilities to perform the necessary operations to meet these requirements:
- It captures a series of signature biometric data (pressure, speed of strokes, etc.) so that a handwriting expert could analyze whether the stored data are consistent with the user handwritten signature.
- These data are never in possession of the service provider (owner of the application) or software manufacturer (viafirma), since they are sensitive data that would allow subsequent falsification of signatures. To do this, Topaz devices perform local encryption (decipherable only with software delivered under injunction). In tablet type devices like iPad, Android, etc.., our application performs encryption of the biometrical data thanks to a trusted third party key, so we can not access them.
- It captures another set of data related to the document that the user is signing, the signature device, etc.
- It makes a electronic signature of all this information, with a Certification Authority timestamp.
- The encrypted and signed results, are attached to the signed document (in which the scanned signature is affixed). That is, the result is a PDF containing the scanned signature related to a validatable and decipherable file containing all information, which is included in the PDF file itself. Thus, the PDF is the only necessary file throughout the process.
- We have an application that is responsible for validating all results generated, and that, with the involvement of a trusted third party, allow to recover the signature biometric data and its delivery to an expert, within the framework of a legal action against a possible rejection of a digitalized signature. This application can even detect possible changes in the future of a signed document, and showing the changes made, thereby achieving secure the requirements associated to an advanced electronic signature.
If you have a specific need that requires the use of our electronic signature, be sure to read the rest of Viafirma Suite products: