Digital signatures are cryptographic mechanisms used to ensure the authenticity and integrity of electronic documents. For a digital signature to be binding, the signer’s identity must be verified. Certinal offers several identity assessment options to ensure that your signed documents will stand up in court.
When you sign a document electronically, you use a technology called public key infrastructure (PKI). PKI uses a pair of mathematically related keys, one public and one private, to encrypt and decrypt information. The signer keeps the private key secret while the public key is available to anyone who needs to verify the signature.
The PKI system relies on a certificate authority (CA) to issue and manage digital certificates. The CA attests to the signer’s identity and verifies that the signer’s public key is genuine. Certinal is a CA that offers different levels of identity verification, depending on the needs of your business.
The most basic level of identity verification is called domain validation (DV). DV involves verifying that the signer controls the domain listed in the certificate. This can be done by sending an email to an address at that domain or by checking DNS records. DV is suitable for low-risk situations where the signer’s identity does not need to be verified in depth.
For higher-risk situations, Certinal offers extended validation (EV). EV requires the signer to provide more documentation, such as a copy of a government-issued ID. This verification level is necessary for businesses that need to comply with the most stringent security requirements.
Certinal also offers organization validation (OV), a middle ground between DV and EV. OV involves verifying the legal existence of the signer’s company and confirming that the contact information provided is accurate.
There are several ways to validate your identity, depending on the type of Digital Signature. Here are a few examples:
Description: Demonstrates that a user has access to a particular email account.
Use Case: In rare circumstances, when the risk threshold is extremely minimal.
Operation: a user receives an email containing a transaction link. Certinal considers the user “authenticated” if they receive the email and clicks on the link.
Description: To show the signer has access to an email account and a specific cell phone number, it sends a text message with a one-time password to the user’s mobile phone.
Use Case: Customers searching for a low-cost, easy-to-use multifactor authentication solution that puts less strain on the end-user.
Operation: The signer receives an email with a link to the transaction. Certinal gives the signer a text message with a random, one-time password after they agree to utilize e-signatures. Certinal considers the user “authenticated” if the text message code is entered successfully and the transaction continues.
Description: Leverages information that the customer has shared with the signer. Puts in a specific gating mechanism for further security.
Use Case: Typically used in conjunction with other authentication types to add further security.
Operation: The signer receives an email with a link to the transaction. After agreeing to utilize e-signatures, the signer is asked to enter the password provided via other means by the customer. Certinal considers the user “authenticated” if they enter the password correctly, and the transaction continues.
Description: Makes use of an integrated partner’s system for authentication.
Use Case: This is common in integrated models when the client or partner already has trusted authentication models in place and chooses to rely on them for the best user experience. These are for SAML based SSO providers like Okta, Ping Federate.
Operation: Depending on the integration, a user may or may not receive an email with a link to the transaction. Instead, Certinal client or partner authenticates the user using their system and best practices. Certinal will allow transaction access if the authentication is successful. In this paradigm, the client/partner is responsible for the user’s authentication.
Certinal offers several ways to prove your signers’ identities and authentication methods for each party in a transaction. This provides flexibility and security for your digital signature needs.
In a world where remote working is emerging as the imminent future, identity verification is of paramount importance. As most companies evolve through the digital revolution, security and verification will take center stage.