Avoid re-identifying signers if you have an robust internal identification mechanism
Some companies and organizations have a strong internal identification process to identify their signers.
In this case, identify again these signers deteriorates the user experience.
We allow these companies to identify the signers by their own internal mechanism.
This delegation is conditioned to Agreements between IgniSign and the Organization.
Based on a bi-lateral contract between your company and IgniSign.
No additional cost will be charged.
The Whole Qualified Digital Signature process must be audited.
So, we need to includes you in our certification process.
Your process process will be subject to an audit.
Some additional cost can be charged.
At IgniSign, we take signature mechanisms very seriously.
We have a strong infrastructure to ensure security and have analyzed for a long time the best way to implement signatures that match the needs of companies.
We especially take care of the Legally Binding aspect of the signatures we provide.
But we also take care of the User Experience for our customers and their customers.
In the Signature market, we primarily encounter two types of platforms:
- The platforms that are very strict on authentication and identification but are very complex to use and integrate.
- The platforms that are very easy to use but provide a signature without a real legal value
(Simple Electronic Signature according to the EU's Eidas regulation or "Electronic Signature" according to the US's eSign regulation).
Additionally to Signature Profiles,
a principle that helps you define the signature mechanism you want to use, we have also created a principle of Delegation of Authentication and Identification.
The principle stems from the fact that applications sometimes have strong mechanisms to authenticate users and employees.
When an organization wants to integrate a signature mechanism within its application, generally,most of the time, it has already authenticated its users by the time it launches the signature session.
Similarly, the application might have already identified its users in a robust manner and may want to use this identification to sign a document.
Many signature platforms don't permit the reuse of these elements, which can significantly diminish the user experience or the legal validity of the signature.
So, Delegation of Authentication and Identification is introduced to address these issues.
Most of the digital signature platforms restrict the reuse of these credentials, which can adversely impact both the user experience.
To tackle these challenges and protect the legal authenticity of the signature, the concept of Delegation of Authentication and Identification has been introduced.
By delegating a factor of authentication or a full identification, IgniSign builds on your processes and partners with your company to deliver a user-friendly and legally binding signature.
Those delegations are independent and depend on where your company is comfortable taking responsibility.
To activate the delegation mechanism in your organization's production, due diligence must be done, and a Legal representative of your organization must sign a contract with IgniSign.
All procedures to activate delegation mechanisms are available through the IgniSign Console,
under the Organization > Organization Settings > Delegation section.
3 Delegations are available:
- Delegation of Authentication:
Only available in embedded integration mode.
It allows IgniSign to delegate 1 of the 2 factors of authentication to the application.
The application must have already authenticated the user before launching the signature session.
IgniSign will only ask the user to provide the second factor of authentication during a signature session (Regarding legal requirements, it's mandatory that IgniSign keeps on its sole control at least one of the authentication factor).
This mechanism works based on a signerSecret that is generated when a signer is created in IgniSign.
This signerSecret is provided to the application as a result of signature creation, both by the webhook mechanism and in the response to the API Call.
This secret must be provided by the application to IgniSign when the signature session is launched.
More information regarding this integration is available in the IgniSign JS SDK, Signers, and Webhooks event documentation.
- Delegation of Identification for Advanced Electronic Signature:
This delegation mechanism allows IgniSign to delegate the identification of the signer to the organization.
The organization becomes accountable for these identifications, and proof of identification might be requested in case of litigation.
Regarding the integration, no further identification mechanism will be asked of the signer during the signature session.
- Delegation of Identification for Qualified Electronic Signature: (Available soon)
This delegation mechanism allows IgniSign to delegate the identification of the signer to the organization.
This is a more complex mechanism that requires adherence to a strict process provided by IgniSign.
The process of identification within your organization becomes auditable by IgniSign according to the EiDAS regulation.
A preliminary analysis of your organization will be done by IgniSign to ensure that your organization is capable of following the process.