Digital Signing under the spotlight: what it takes to build digital signing services
Digital transformation has long been a priority for businesses and institutions. The global pandemic accelerated these efforts – with businesses rapidly adopting solutions to enable productive remote work and complete transactions online.
Electronic documents and digital signatures are an essential component of this transformation. As face-to-face interaction became impossible, these technologies became essential for completing transactions, official agreements, and approvals.
The challenge is to ensure that these all-digital processes carry the same level of trust as their physical versions – and are not forged or tampered with. To go digital with confidence, many organizations are tempted to build their own infrastructures of trust, including high-assurance electronic signature services, also called digital signing services. Many countries and regions have legal frameworks favoring digital signatures over more simple forms of electronic signatures, making them even more attractive.
Yet, such high-assurance signing services require more than just PDF documents and scans of handwritten signatures. A digital signature (or digital seals when representing an organization) is a specific type of electronic signature based on public key infrastructures (PKI), combining strong identity verification processes with document authentication, anti-tampering, and timestamping technologies to assure trusted and legally admissible documents.
The ability to let users request and apply digital signatures and seals is just the tip of the iceberg. It’s crucial to understand that an efficient, transparent, trusted, and scalable digital signature service will require several foundational components:
- Digital signing software
- Certification authority (CA) services, including registration services and identity verification services
- Online Certificate Status Protocol (OCSP) services
- Timestamping services
- Identity and access management (IAM) services, including at least one identity provider and strong authentication services
- Hardware security modules (HSM) to generate and protect signing keys
The document signing workflow sits on top of this infrastructure, ensuring smooth and simplified operations between the user and the signing service, with functionalities that can be customized for a wide range of use cases. Some workflows will focus on compliance with specific regulations, while others will focus on complex user management scenarios, or specific integrations with services such as document archiving, storage, ticketing systems, CRMs, and more.
At Entrust, our objective is to provide digital signing solutions for businesses and institutions across all regions and industries, while providing as many integration paths with signing workflows as possible. We have all of the building blocks to build a strong backend for signing services, and we want to ensure that our customers have the options they need to establish their preferred signing workflows on top of it.
Entrust has partnered with Sysmosoft, a document signing workflow provider with strong expertise in the banking and financial industry, as well as the government and higher education sectors, to help our customers easily deploy the digital signing workflows that best meet their unique needs – built on a trusted, proven technology foundation from Entrust. And in this way our customers can build trust with their customers and partners in this new era of digital-first business.
For more information on Entrust’s digital signing solutions, visit entrust.com/digital-security/certificate-solutions/products/digital-signing
For more information about the Entrust and Sysmosoft partnership, visit entrust.com/partner-directory/sysmosoft
The post Digital Signing under the spotlight: what it takes to build digital signing services appeared first on Entrust Blog.
*** This is a Security Bloggers Network syndicated blog from Entrust Blog authored by Adam Gothmann. Read the original post at: https://blog.entrust.com/2021/02/digital-signing-under-the-spotlight-what-it-takes-to-build-digital-signing-services/