Signing and validation
Do you want to simplify the process of signing contracts, applications and other legally binding documents by using cryptographic techniques, eliminating any change to a document bearing the signature and is detectable?
You sign documents with an electronic digital identity (eID), being as binding as a signature on paper. The purpose of validating digital signatures is to check that the signature submitted by a signatory is valid at the time of signing, which is contrary to a paper-based signature. Using the Signing and validation component there cannot be made any change to a document bearing signature and due to timestamp the signature is detectable.
Our offering is based on the principles “federated signing”. Authentication happens in the IdP and use short-term keys and certificates. The service contains a small signing client that does not expose the sign text to backend. The input formats are: HTML, text, PDF, XML, and output formats: XAdES or PAdES. With authentication conducted by associated Identity Providers, a one-time signing key pair and certificate is used to generate standard advanced signature formats in XAdES and PAdES.
With the unique design, a browser-based signature client stores the document ready for signing and ensures it will not be exposed to the backend.
The signatures created by the signature service are qualified, which means they created by a trustworthy system offered by a trusted service provider, that has been assessed by an independent competent and accredited body.
The solution is conformant to CEN EN 419 241-1, CEN EN 419 241-2, EN 319 411-1, EN 319 411-2, EN 319 412-1/2/3/4/5, EN 319 421, EN 319 132-1 and EN 319 142-2.
Signing and validation component generates standard advanced signature formats in XAdES and PAdES and follows TS 119 441 and support the validation algorithm specified in English 319 102-1.