First introduced more than 20 years ago, digital signatures have experienced a rocky road to acceptance. There are many examples of cases over the years in which they were not allowed as a replacement for a so-called ‘wet’ signature. In some instances, electronically signed documents were only legal when a copy of the document with a wet signature was also available. Within the European Union, digital signatures are only allowed if they comply with eIDAS.
eIDAS (short for electronic IDentification, Authentication and trust Services) is an EU Regulation on a set of standards for electronic identification and trust services for electronic transactions in the European Single market. Since September 2018, all organizations delivering public digital services in an EU member state must recognize electronic identification from all EU member states. As a company offering digital signature solutions, Indorse took some necessary steps to ensure organizations using our solution comply with eIDAS:
One important difference between the current state of affairs and the pre-eIDAS age is that nowadays, every signer is required to have a Qualified Digital Certificate in order to carry out electronic transactions that are legally certain and highly secured. Intesi Group, an eIDAS compliant Trust Service Provider, organizes and carries out the issuance of Qualified Digital Certificate for Indorse users.
However, how an organization protects itself from misuse of digital signatures after they have been issued to employees, is out of the scope of eIDAS. Indorse has some must-have features to support businesses:
If a user wants to make digital signature transactions, Indorse patented process requires him or her to have an enrollment file containing a signature, seal or stamp image. The organization administrator needs to endorse it before a user can make digital signature transactions. For non-repudiation proofing purposes, a link to the file is stored inside every signed, sealed or endorsed document. This means that users cannot sign documents without an administrator’s endorsement and allows recipients to verify whether signatures, seals or endorsements are approved by an administrator.
2) The four-eyes principle
Only users with endorsement rights can endorse signed documents for their department or organizations. However, they cannot authorize themselves to sign a specific document: Indorse patented process uses the four-eyes principle as a controlling mechanism.
This means that an additional digital signature authorization from an eligible person is required to authorize a signed document before it can be processed and sent to a recipient, which helps to prevent unauthorized transactions even further. This feature is called Document Endorsement and it’s patented to Indorse Services.
3) Lock and Unlock
For added security, Indorse offers users a lock and unlock feature. It allows them to encrypt and decrypt documents using two-factor authentication, offered via the Indorse mobile authentication app. Moreover, users can configure a timeslot within a document can be opened. This protects against data leakage and helps with the implementation of GDPR.