top of page

Electronic signature

The electronic signature is a digital method to associate authenticated persons with valid digital documents. It is used to verify the identity of the sender and guarantee the integrity and authenticity of the document. It is based on cryptography and security technologies. In the anteia ecosystem, identity verification is performed to associate the digital identity of the signer and ensure the integrity and non-repudiation of the document. Our validation methods include facial recognition and text messaging with one-time codes, however, through the use of digital identity, there is many ways to verify the signer's identity. It has certified timestamps by trusted certificate authorities making the document verifiable for a long time. The electronic signature process requires that all parties involved verify their identity and accept the conditions before generating the final document, complying with related regulations and document integrity.

Terminology

Cryptographic algorithm. A mathematical process used to encrypt and decrypt messages and to generate cryptographic keys.


Authentication. The process of verifying a user's identity.


Self-signature. An electronic signature that is made without the intervention of a certification authority.


Certification Authority (CA). It is an entity that issues and administers digital certificates.


Digital certificate. Electronic file that contains information about the identity of a user and its public key.


Root certificate. Certificate that is the root of trust in a public key infrastructure.


Public key. Cryptographic key used to encrypt messages and to verify the identity of a user.


Private key. Cryptographic key used to decrypt messages and to sign electronic documents.


Encryption. The process of encoding a message so that it can only be decrypted by the recipient.


Time-stamped signature. An electronic signature that includes a time stamp that shows the date and time the signature was made.


Digital signature. A numeric value that is attached to a data message in order to identify a person.


Electronic signature. A method that allows a person to be identified, by means of codes, passwords, biometric data or private cryptographic keys, in relation to a data message. 


Advanced electronic signature (AES). A type of electronic signature that provides a high level of security and trust.


Qualified electronic signature (QES). An electronic signature that meets the legal requirements to be recognized as equivalent to a handwritten signature.


Multiple signature. An electronic signature that is made by more than one person.


Hash. A unique representation of a message, used to verify the integrity of an electronic document.


Public Key Infrastructure (PKI). It is a set of procedures, protocols and services used to create, manage and validate digital certificates.


Integrity. The guarantee that an electronic document has not been altered since it was signed.


Non-repudiation. It is the guarantee that a user cannot deny having signed a document.


Security token. A physical or software device that stores private keys and is used to sign electronic documents.


Timestamp. A timestamp that is added to an electronic document to prove the date and time it was signed.


Certificate validation. The process of checking the validity of a digital certificate.


Verification. The process of checking the validity of an electronic signature.

Benefits

  • Allows multiple signers. 

  • Gives the possibility to sign documents faster and more efficiently compared to stroke signatures.

  • Helps protect the confidentiality and integrity of documents.

  • It is more affordable than paper signatures and can reduce the costs associated with managing paper documents and physically sending them.

  • Documents can be signed from anywhere at any time, which is more convenient than having to be in a specific location to sign on paper.

  • Reduces paper usage and postage costs, which contributes to an environmentally sustainable practice.

  • Enables people with disabilities to sign documents in a more accessible way.

  • Enables greater transparency and traceability in document management, which can be useful in audits and reviews.

  • It can be easily integrated with other systems and applications, which increases the efficiency and effectiveness of document management.

  • Allows process automation and elimination of human errors, which increases accuracy and speed in document management.

  • Reduces the risk of document loss, damage or theft, which increases security and reliability in document management.

  • It is compatible with mobile devices, allowing greater mobility and flexibility in document management.

Secure signatures for secure business.

Process

Secursign Process.png

Configuration

Service

Configuration

Verification methods

Different combinations of verification are offered according to the customer's needs and based on the safety recommendations in international standards.

Device ID

It is possible to identify information from the device on which the user performs the process, such as the version of the cell phone, the IP, the browser, and other elements to know the behavior of the signers.

Visual design

Different visual components of the application and other elements of the process can be configured to make the user feel familiar with the application. Among the elements that can be modified are.

 

  • Logos: Generally at the beginning and at the end of the signature process.

  • Colors: you can choose background colors, also the colors of the main and secondary buttons based on the background colors to improve the contrast.

​

Use cases

  • Contracts and legal agreements.

  • Employment application forms and human resources hiring process tracking.

  • Medical forms and medical records registration.

  • Student enrollment applications and tracking.

  • Travel application forms and travel management.

  • Credit applications and loan monitoring.

  • Insurance application forms and claims tracking. 

  • Loan contracts, investment agreements, credit card applications.

  • Real estate contracts.

  • Supply agreements, purchase contracts, technology license agreements.

​

Frequently Asked Questions

What is the difference between digital and electronic signature?
The electronic signature is legal in nature and contains a regulatory framework in each country that gives it legal validity, which means that documents signed by electronic signature are accepted as evidence in legal proceedings. The digital signature is also legal, but it does not have a legal nature, in the sense that its purpose is NOT to attest an act of will by the signer, but only to encrypt the data of a document to provide greater security. The main difference is that while the digital signature refers to a series of cryptographic methods, the concept of electronic signature is fundamentally legal in nature, since it confers to the signature a normative framework that gives it its legal validity.

​

What types of electronic signatures are there?

  • Simple electronic signature.  Signature in which the association of the document with the signer can be done by any method that associates the person with the document, such as e-mail, passwords, etc.

  • Advanced electronic signature (AES).  It is a type of electronic signature that provides a high level of security and trust. Due to the methods of identity verification, authenticity and integrity of the signed document.

  • Qualified electronic signature (QES).  Electronic signature that meets the legal requirements to be recognized as equivalent to a handwritten signature.

  • Multiple signature.  It is made by more than one person.

  • Signature with time stamp. Electronic signature that includes a time stamp that shows the date and time when the signature was made, which allows long term validation or LTV, for documents with a longer than normal life cycle.

 

What documents can be electronically signed?
Any document that can be stored in digital format can be signed electronically. This includes contracts, invoices, legal documents, work documents, among others. The electronic signature allows authenticating and verifying the integrity of these documents, which gives them legal validity and provides them with a higher level of security.


How is the authenticity of an electronic signature verified?
It is verified using the information of the electronic signature stamp on the document, because it has embedded information that associates the document with the digital identity of a person, which allows us to verify whether the document was signed by a particular person, in addition to its signature date and other characteristics that allow us to reliably conclude that the document was signed correctly.

 

What requirements must be met in order to create an electronic signature?
Comply with the following principles: (1) integrity, (2) authenticity, (3) accessibility of the signed document and (4) non-repudiation of the document.

 

In which countries does it cover?
Ecuador, Colombia, Costa Rica, Panama and Peru, but we follow the international standards made by the eIDAS and the EU, allowing us to expand to Europe and North America.

​

How do you guarantee the security of electronic signatures?
Based on the requirements of the advanced electronic signature, integrity, authenticity and non-repudiation are guaranteed. This is done in multiple ways, mainly by verifying the identity of the signer, who creates his/her identity to sign a document, associating it with the document by means of a stamp, which at the same time protects the integrity of the document, using a certificate with long-lasting validation and a verification hash.


How can your electronic signature be integrated into business processes?
It can be integrated into business processes through the digitization of services that require document signatures. This can include forms for information gathering, contracts and promissory notes. Signing them, implementing approval workflows that allow documents to be signed online, and integrating electronic signatures with document management and business process management systems. 


What happens if the device used for the electronic signature is lost or damaged?
The advanced electronic signature does not depend on a specific device or certificate, since security and non-repudiation depend on the verification and authentication of the signer, so that the user can sign from any device that allows them to authenticate their digital identity.


How is the integrity of electronically signed documents ensured?
The integrity of electronically signed documents is demonstrated by the certificate issued by anteia, which shows information about the document and its corresponding HASH code, since it shows the date and time of each alteration, with the certificate, and any copy of the PDF document, it is possible to demonstrate that the document was not altered.

 

What systems or technologies are used for electronic signatures?
The advanced electronic signature can use multiple methods and mechanisms to generate an electronic signature, so the implementation of technologies differ from each other. In anteia, different identity verification technologies are used, such as biometric verification, identity document validity, GPS, OTP, email verification, among others. In cases where authentication is required, biometric comparisons are performed using visual recognition and comparison algorithms, which allow us, with high reliability, to validate that the authenticated person is who he/she claims to be.

​

How is the authentication of users who make electronic signatures performed?
The verification method is dynamic, that is, depending on the case it can be done with different methods, one of the safest because of its relationship with the digital identity is the facial biometric signature, which allows to check that the person signing at the time is who he says he is, however, there are alternatives such as the OTP to mobile devices or email, which allows to verify that the user has access to their devices or email.

​

How can electronic signatures be stored and managed?
The result of an electronic signature is the signed document and the signature certificate, due to the need to keep the document available, it can be kept and viewed at any time, so it is stored in a way that it cannot be modified, but it can be consulted. Document management makes it possible to review the signers, the document and the verification methods.

​

What are the legal implications of electronic signatures?
By the principle of functional equivalence, the electronic signature that is associated with the signatory is integral, reliable, valid for judicial execution purposes; as long as, it is complied with that the signature creation data, in the context in which they are used, correspond exclusively to the signatory; it is possible to detect any alteration of the electronic signature made after the moment of the signature or later, and when security is given to the whole process from the reception of the data message, to the association of the signatory with the document object of the electronic signature.

​

What are the mechanisms for signing?
Biometric or OTP fingerprint or one with multi-factor verification or combinations of these.

​

Can several documents be signed simultaneously?
Yes, it is possible, and the user must be able to review what he/she is signing, so signature rejection is an important component of this functionality.

​

How many signatures can I sign in a document?
As many as necessary, depending on the case, however, we recommend that there are no more than 8 signers per document, for simplicity of handling these documents.

Analytics

User behavior. Number of documents signed, number of users per document.

​

Type of verification. Analysis of user preference with respect to authentication.

​

Time. Average time to perform an electronic signature.

​

Number of signature attempts. Review of attempts and failures according to the user.

​

Types of devices. Analysis of the type of user who signs based on the information collected from the devices on which he/she signs.

​

Device types. Trends in user satisfaction, trends in adoption of new features.

​

Signature trace. Validation of the entire history of the document and the actions performed on it, such as signature acceptance, verification, and document receipt.

API

In addition to the creation of promissory notes from flows, or direct creation through our backoffice, we offer a REST API, from which the following functionalities can be performed:

​

  • Signature creation.

  • Extend signature expiration times.

  • Signature status validation.

  • Consultation of signatures and signers.

  • Webhook configuration.

​

Each of the above based on configurations that prioritize security and allow customization of the user experience.

​

Authentication is done through secure methods, allowing the revocation of permissions if necessary, permissions are configurable and associable to each of the projects or products.

​

bottom of page