What is PKI (Public Key Infrastructure)? Public Key Infrastructure (PKI) technology proven as the only technology available today that ensures non-forgeable signatures.In a PKI system, each user has two keys: a public key and a private key. These keys can be used for encrypting and decrypting information, for digitally signing electronic information and for verifying the authenticity of their owner. While the public key is distributed widely, the corresponding private key is held by its owner in a secure place. While both keys are mathematically related, the public key cannot reveal the private key. This makes PKI a great technology for Digital Signatures.The EU Directive 1999/93/EC for Digital Signatures recognised and defined a stronger type of electronic signature, the Advanced Electronic Signature. Only Public Key Infrastructure (PKI) digital signatures meet the requirements for such signatures. Advanced digital signatures provide not only stronger user authentication, but also protect the integrity of the data signed, thus ensuring non-repudiation of the transaction by the signer.
What is the Difference between Digital Signatures and Electronic Signatures? Digital signatures and electronic signatures are both used to authenticate documents and ensure their integrity, but they differ in terms of the underlying technology and level of security they provide.Digital Signature is the highest form of signature and content integrity as well as universal acceptance. Digital signatures are based on Public Key Infrastructure (PKI) and are a result of a cryptographic operation that guarantees signer authenticity, data integrity and non-repudiation of signed documents.A digital signature cannot be copied, tampered or altered. In addition, because they are based on standard PKI technology, signatures made within one application (e.g. Microsoft Word, Adobe PDF) can be validated by others using the same applications.On the other hand, an electronic signature is a proprietary format (there is no standard for electronic signatures) that is an electronic data, such as a digitised image of a handwritten signature, a symbol, voiceprint, etc. that identifies the author of an electronic message. Electronic signatures are vulnerable to copying and tampering, making forgery easy. In many cases, will require proprietary software to validate the signature.
What is a Digital Signature? Digital signatures (standard electronic signatures) take the concept of traditional paper-based signing and turn it into an electronic “fingerprint.” This “fingerprint,” or coded message, is unique to both the document and the signer and binds both of them together.Digital signature ensures the authenticity of the signer. Any changes made to the document after it is signed – invalidates the signature, thereby protecting against signature forgery and information tampering.Digital signatures sustain signer authenticity, accountability, data integrity and non-repudiation of documents and transactions.
What is an Electronic Signature? Electronic signatures are defined as an electronic sound (e.g., audio files of a person’s voice), symbol (e.g., a graphic representation of a person in JPEG file), or process (e.g., a procedure that conveys assent), attached to or logically associated with a record, and executed or adopted by a person with the intent to sign the record.An electronic signature is easy to implement, since something as simple as a typed name can serve as one. Consequently, electronic signatures are very problematic with regards to maintaining integrity and security, as there is nothing to prevent one individual from typing another individual’s name. Due to this reality, electronic signatures that do not incorporate additional measures of security are considered an insecure way of signing documentation.
What kinds of documents should I sign? Documents sent regularly using Secured Signing service include contracts, non-disclosure agreements (NDA), proposal acceptances, change orders, Ad proofs, expense reports, purchase orders, rental/ lease agreements, independent contractor agreements, time sheets, and many more. You should be aware that certain countries statutes dictate how documents should be signed for which digital signing may not be valid. For example, but without limitation, the following types of documents SHOULD NOT be signed in Australia and New Zealand using our digital signing services: Wills, Documents transferring an interest in land, Powers of attorney, and Deeds. WE MAKE NO REPRESENTATION WHATSOEVER THAT ANY DOCUMENT WHICH YOU ARE PROPOSING TO SIGN USING OUR DIGITAL SIGNING SERVICES MAY BE VALIDLY SIGNED IN THAT MANNER. YOU NEED TO SATISFY YOURSELF THAT THE DOCUMENT YOU ARE PROPOSING TO SIGN USING OUR DIGITAL SIGNING SERVICES IS CAPABLE OF BEING SIGNED IN THAT MANNER.
Are Electronic Signatures Legally Binding? Electronic signatures are legally binding in many countries worldwide. Secured signing service complies with ESIGN, UETA, Electronic Transactions Acts, and many more. Some Legislation worldwide: Australian Capital Territory – ELECTRONIC TRANSACTIONS ACT 2001 Australia, New South Wales (NSW) – ELECTRONIC TRANSACTIONS ACT 2000 Australia, Northern Territory (NT) – ELECTRONIC TRANSACTIONS ACT 2000 Australia, QLD – ELECTRONIC TRANSACTIONS (QUEENSLAND) ACT 2001 Australia, VIC – ELECTRONIC TRANSACTIONS (VICTORIA) ACT 2000 Australia, SA – ELECTRONIC TRANSACTIONS ACT 2000 Australia, WA – ELECTRONIC TRANSACTIONS ACT 2003 Australia Tasmania – ELECTRONIC TRANSACTIONS ACT 2000 Canada – Uniform Electronic Commerce Act (UECA) China – Electronic Signature Law of the People’s Republic of China Europe – EU Directive for Electronic Signatures (1999/93/EC) Europe – EU VAT Directive New Zealand – Contract and Commercial Law Act 2017 South Africa – Electronic Communications and Transactions Act, 2002 UK – Electronic Communications Act 2000 (chapter 7) U.S. – Electronic Signature in Global and National Commerce Act (ESIGN) U.S. – Uniform Electronic Transactions Act (UETA)- adopted by 48 states
Is it safe to sign documents online using Secured Signing web service? Yes! While documents sent by fax and mail are exposed throughout intra-office distribution, electronic documents are kept completely confidential and are viewed only by designated recipients.By using Personalized X509 PKI Digital Signature technology, documents signed with Secured Signing online service, cannot be misplaced, lost, or destroyed, and can’t be change within secured signing service.
What does Secured Signing do? Secured Signing is a web application Software as a Service that allows you to fill-in and sign legally binding documents online using the secured Personalized X509 PKI Digital Signature technology.The service enables a registered user to receive a unique private key for signing, add a document to the system, sign it digitally, invite a third party if required and send it to parties involved to sign.Anyone who took part in the signing process or has received the signed document is able to verify signature(s) on their desktop or by using our Online Verification service.The signing process is secured, simple, and accomplished in minutes.
Secured Signing “Certificate Authority” Certificate For more information, see our Digital Signatures Verification Service Download Secured Signing CA Root Certificate To verify signed documents with Secured Signing on your desktop (OFFLINE) you’ll need to download and install the Secured Signing CA Root Certificate.Download the certificate here! What is a Secured Signing CA Root Certificate? All Certificates on Secured Signing are signed by the private key of the Secured Signing Certificate Authority. You can download the Secured Signing Root CA to check whether your signed documents are signed by trusted and valid Secured Signing Certificate. Download our CA CertificateInstall on: Windows XP, Windows XP, Windows 7Verify with: Adobe Reader 7, Adobe Reader 8, Adobe Reader 9, Adobe Reader XI
Configuring Single Sign On for Secured Signing using Active Directory Federation Services (ADFS) Setting up active directory federation services for use with Secured Signing will allow the nominated users within your domain to use the Secured Signing service using their network credentials. When the single sign on option is enabled in Secured Signing, logged in users will not need to enter their username and password in Secured Signing.The configuration process requires: Activation and configuration of federations services within Active Directory;Add Secured Signing as a relying party trust in ADFS; andConfiguration of your Secured Signing membership to accept authentication against Active Directory using federation services. Tab #1 Tab #2 Tab #1 Prepare a valid ssl certificate (.pfx file, with private key). This certificate will be used by the ADFS federation service website, so it should be valid with your ADFS website domain name.Add Active Directory Federation Service Role to the serverOn Windows 2016, Open Server Manager, click “Add roles and features”, select “Active Directory Federation Service” on the popup, and press next to install new role.For more details: visit hereRun ADFS Management tool from Service Manger.Click “Certificates”, import your certificate to ADFS service. Tab #2 If not already installed, download & install ADFS 2.0. The software is available from: https://msdn.microsoft.com/en-us/library/azure/dn151310.aspxNOTE: Don’t install the ADFS role from server managementIf you are using Windows Server 2008 R2, you will need to apply the ADFS 2.0 hot fix. Download it from: https://support.microsoft.com/en-us/help/2790338/description-of-update-rollup-3-for-active-directory-federation-services-ad-fs-2.0 Prepare a valid ssl certificate (.pfx file, with private key). This certificate will be used by the ADFS federation service website, so it should be valid with your ADFS website domain name.Import this certificate to IISOpen IIS, click server node, double click “Server Certificates”, then click “Import” at the right action panel. Configure the ADFS 2.0 Federation serviceRun ADFS 2.0 Management Console as domain administrator. Run “Create new federation service” wizard. Use the certificate imported above to finish the configuration.In IIS manager, go to the “Default Web Site/adfs/ls” application,. Double click “Authentication”, enable “Windows Authentication”. In the advanced settings window, select “Extended Protection” to “Off”.On IIS manager, add https bindings with above certificate to Default Web Site.Don’t change other default settings in IISIn ADFS 2.0 Management Console, find metadata xml path from right panel of “ADFS 2.0/Service/Endpoints”. It should be in the format https://your.domain.com/FederationMetadata/2007-06/FederationMetadata.xmlVerify the ADFS service is running by accessing the server: https://your.domain.com /adfs/ls/IdpInitiatedSignon.aspxEnable CROS for ADFS websiteAdd below lines to the web.config under “Default Web Site/adfs/ls” application directory:<system.webServer> <httpProtocol> <customHeaders> <add name=”Access-Control-Allow-Origin” value=”*” /> </customHeaders></httpProtocol></system.webServer> Step 1 Receive an email invitation to sign If you received an email invitation to sign follow the link to sign and invite a witness to sign online. Step 2 Sign and Invitee a Witness Click to Sign sticker and add witness details in the pop-up. Once signed an email invitation will send out for a witness.