Role of Identity Assessment in Digital Signatures

Trust Providers in Digital Signatures
Decoding the Role of Trust Providers in Digital Signatures
March 23, 2022
Improve your procurement strategies
6 ways in which Certinal can enhance procurement ecosystem
April 5, 2022
Show all
Role of Identity Assessment in Digital Signatures

Introduction

Digital signatures are cryptographic mechanisms used to ensure the authenticity and integrity of electronic documents. For a digital signature to be binding, the signer’s identity must be verified. Certinal offers several identity assessment options to ensure that your signed documents will stand up in court.

When you sign a document electronically, you use a technology called public key infrastructure (PKI). PKI uses a pair of mathematically related keys, one public and one private, to encrypt and decrypt information. The signer keeps the private key secret while the public key is available to anyone who needs to verify the signature.

The PKI system relies on a certificate authority (CA) to issue and manage digital certificates. The CA attests to the signer’s identity and verifies that the signer’s public key is genuine. Certinal is a CA that offers different levels of identity verification, depending on the needs of your business.

The most basic level of identity verification is called domain validation (DV). DV involves verifying that the signer controls the domain listed in the certificate. This can be done by sending an email to an address at that domain or by checking DNS records. DV is suitable for low-risk situations where the signer’s identity does not need to be verified in depth.

For higher-risk situations, Certinal offers extended validation (EV). EV requires the signer to provide more documentation, such as a copy of a government-issued ID. This verification level is necessary for businesses that need to comply with the most stringent security requirements.

Certinal also offers organization validation (OV), a middle ground between DV and EV. OV involves verifying the legal existence of the signer’s company and confirming that the contact information provided is accurate.

 

How Can I Ensure My Identity Before Signing a Document?

There are several ways to validate your identity, depending on the type of Digital Signature. Here are a few examples:

  • You can have your identification verified in person at an approved registration agency. You must bring an original copy of your current official identity at the face-to-face registration. A registered notary may be able to help you with this in some situations. Once you’ve submitted your information, a validation agent will check it and may request additional information to confirm your identity.
  • You can use remote identity verification services to register online for some certificates. An ID and identity proofing software installed on your mobile device is required. An NFC-capable ID and device are required for qualified certificates.
  • For specific certificate kinds, an organization may verify the identity of its personnel in approved Enterprise enrollments.

 

different authentication methods for electronic signatures

Certinal allows you to choose different authentication methods for each party in a transaction

 

AUTHENTICATION BY EMAIL ONLY

Description: Demonstrates that a user has access to a particular email account.

Use Case: In rare circumstances, when the risk threshold is extremely minimal.

Operation: a user receives an email containing a transaction link. Certinal considers the user “authenticated” if they receive the email and clicks on the link.

 

AUTHENTICATION VIA TEXT MESSAGE OTP

Description: To show the signer has access to an email account and a specific cell phone number, it sends a text message with a one-time password to the user’s mobile phone.

Use Case: Customers searching for a low-cost, easy-to-use multifactor authentication solution that puts less strain on the end-user.

Operation: The signer receives an email with a link to the transaction. Certinal gives the signer a text message with a random, one-time password after they agree to utilize e-signatures. Certinal considers the user “authenticated” if the text message code is entered successfully and the transaction continues.

 

AUTHENTICATION VIA SECRET PHRASE/PASSWORD

Description: Leverages information that the customer has shared with the signer. Puts in a specific gating mechanism for further security.

Use Case: Typically used in conjunction with other authentication types to add further security.

Operation: The signer receives an email with a link to the transaction. After agreeing to utilize e-signatures, the signer is asked to enter the password provided via other means by the customer. Certinal considers the user “authenticated” if they enter the password correctly, and the transaction continues.

 

INTEGRATED SECURITY SYSTEMS (SSO)

Description: Makes use of an integrated partner’s system for authentication.

Use Case: This is common in integrated models when the client or partner already has trusted authentication models in place and chooses to rely on them for the best user experience. These are for SAML based SSO providers like Okta, Ping Federate.

Operation: Depending on the integration, a user may or may not receive an email with a link to the transaction. Instead, Certinal client or partner authenticates the user using their system and best practices. Certinal will allow transaction access if the authentication is successful. In this paradigm, the client/partner is responsible for the user’s authentication.

 

Conclusion

Certinal offers several ways to prove your signers’ identities and authentication methods for each party in a transaction. This provides flexibility and security for your digital signature needs.

In a world where remote working is emerging as the imminent future, identity verification is of paramount importance. As most companies evolve through the digital revolution, security and verification will take center stage.

For more information on how to get started with digital signatures and Certinal, book a demo with us or contact us at switchto@certinal.com.

 

Leave a Reply

Your email address will not be published.

Please solve this * Time limit is exhausted. Please reload the CAPTCHA.

By submitting this data, I acknowledge that I have read the Privacy Policy of Zycus and consent to the processing of my personal data in accordance with the terms of the Privacy Policy.