Role of Identity Assessment in Digital Signatures5 min read

Identity Assessment in Digital Signatures


Digital signatures are cryptographic mechanisms used to ensure the authenticity and integrity of electronic documents. For a digital signature to be binding, the signer’s identity must be verified. Certinal offers several identity assessment options to ensure that your signed documents will stand up in court. Digital signature identity verification ensures the authenticity and integrity of digital transactions by confirming signer identity.

When you sign a document electronically, you use a technology called public key infrastructure (PKI). PKI uses a pair of mathematically related keys, one public and one private, to encrypt and decrypt information. The signer keeps the private key secret while the public key is available to anyone who needs to verify the signature.

The PKI system relies on a certificate authority (CA) to issue and manage digital certificates. The CA attests to the signer’s identity and verifies that the signer’s public key is genuine. Certinal is a CA that offers different levels of identity verification, depending on the needs of your business.

The most basic level of identity verification is called domain validation (DV). DV involves verifying that the signer controls the domain listed in the certificate. This can be done by sending an email to an address at that domain or by checking DNS records. DV is suitable for low-risk situations where the signer’s identity does not need to be verified in depth.

For higher-risk situations, Certinal offers extended validation (EV). EV requires the signer to provide more documentation, such as a copy of a government-issued ID. This verification level is necessary for businesses that need to comply with the most stringent security requirements.

Certinal also offers organization validation (OV), a middle ground between DV and EV. OV involves verifying the legal existence of the signer’s company and confirming that the contact information provided is accurate.

How Can I Ensure My Identity Before Signing a Document?

There are several ways to validate your identity, depending on the type of Digital Signature. Here are a few examples:

You can have your identification verified in person at an approved registration agency. You must bring an original copy of your current official identity at the face-to-face registration. A registered notary may be able to help you with this in some situations. Once you’ve submitted your information, a validation agent will check it and may request additional information to confirm your identity.

You can use remote identity verification services to register online for some certificates. An ID and identity proofing software installed on your mobile device is required. An NFC-capable ID and device are required for qualified certificates.

For specific certificate kinds, an organization may verify the identity of its personnel in approved Enterprise enrollments.

Digital Signature Identity Verification

Certinal allows you to choose different authentication methods for each party in a transaction


Description: Demonstrates that a user has access to a particular email account.

Use Case: In rare circumstances, when the risk threshold is extremely minimal.

Operation: a user receives an email containing a transaction link. Certinal considers the user “authenticated” if they receive the email and clicks on the link.


Description: To show the signer has access to an email account and a specific cell phone number, it sends a text message with a one-time password to the user’s mobile phone.

Use Case: Customers searching for a low-cost, easy-to-use multifactor authentication solution that puts less strain on the end-user.

Operation: The signer receives an email with a link to the transaction. Certinal gives the signer a text message with a random, one-time password after they agree to utilize e-signatures. Certinal considers the user “authenticated” if the text message code is entered successfully and the transaction continues.


Description: Leverages information that the customer has shared with the signer. Puts in a specific gating mechanism for further security.

Use Case: Typically used in conjunction with other authentication types to add further security. Operation: The signer receives an email with a link to the transaction. After agreeing to utilize e-signatures, the signer is asked to enter the password provided via other means by the customer. Certinal considers the user “authenticated” if they enter the password correctly, and the transaction continues.


Description: Makes use of an integrated partner’s system for authentication.

Use Case: This is common in integrated models when the client or partner already has trusted authentication models in place and chooses to rely on them for the best user experience. These are for SAML based SSO providers like Okta, Ping Federate.

Operation: Depending on the integration, a user may or may not receive an email with a link to the transaction. Instead, Certinal client or partner authenticates the user using their system and best practices. Certinal will allow transaction access if the authentication is successful. In this paradigm, the client/partner is responsible for the user’s authentication.


Certinal offers several ways to prove your signers’ identities and authentication methods for each party in a transaction. This provides flexibility and security for your digital signature needs.

In a world where remote working is emerging as the imminent future, digital signature identity verification is of paramount importance. As most companies evolve through the digital revolution, security and verification will take center stage. For more information on how to get started with digital signatures and Certinal, book a demo with us.

Recommended Blogs

Recommended Resources

author avatar
Senior Executive - Marketing
Aritra is an experienced marketing professional with over five years of expertise in various industries. He specializes in brand management, campaign design, demand generation, marketing process optimization, and PR. Aritra holds a master’s degree from Bennett University, and he has actively contributed to several student initiatives during his time there.
Certinal - IDC

Slash your Enterprise eSign & Web Form Costs by 50%!

Certinal's Enterprise-Grade Security & Compliance