Digital Signatures

You have likely heard the terms electronic signature and digital signature used interchangeably. In reality, they are very different, and the fact that both terms use the word “signature” has caused no end of confusion.

An electronic signature is a legal concept for using an electronic symbol to represent a person’s volitional consent to be bound to the terms of a document. What you must achieve with any business process that requires an enforceable document is to obtain a legally valid electronic signature for that document using the proper processes. This is what PRONTOSign™ is designed to do.

A digital signature on the other hand is a technical security concept for a data integrity process using cryptographic data hashing and encryption. Simply applying a digital signature process to the data of a document will generally not result in an enforceable electronic signature. Digital signatures are a very important security tool and PRONTOSign™ uses digital signature technology in its electronic signature processes via a cryptographic key set. PRONTOSign™ uses its own private RSA signature key to digitally sign (seal) documents and that key's matching digital certificate to verify the signed documents.

A digital signature is computed for the document (the information displayed to the signer) and the signer’s private key is used to digitally seal the document as they viewed it. Normally, signers do not possess a Public Key Infrastructure (PKI) based digital signature key and digital certificate. In this case, the PRONTOSign™ uses its key and certificate to seal the document. The PRONTOSign™ transaction can optionally be configured to use the private key on the signer’s computer (software-based or smart card-based keys are supported). PRONTOSign™ currently supports client side digital signature operations on the Microsoft Windows platform using Microsoft CryptoAPI v2 operations as well as various other PKI solutions. A PKI digital signature keyset (digital certificate + private key) is supplied with each instance of the software.   A client may elect to use a keyset issued from any PKI system if prefers. PRONTOSign™ supports standard X.509v3 digital certificates with a 2,048 bit or higher RSA public key. Standard digital signing operations use the Microsoft FIPS certified cryptographic providers on the Windows Server operating system. Cryptographic digital signing operations involve hashing the data to be signed (usually the bytes of a PDF documents) using a SHA-1 has algorithm. The hash is then encrypted by means of the RSA algorithm using the private key of the public-private keyset assigned to the software instance. This signed data blob is then stored as an artifact of the transaction so that is may later be used to verify the authenticity (data integrity) of document by means of a standard digital signature verification process using the public key contained within the digital certificate associated with the public key of the public-private keyset assigned to the software instance.

AlphaTrust provides the most cost effective and highest performance electronic signature process automation solutions available. Call us at +, option 1, or click the link below and fill out the brief form with a few details and let us show you how we can help you.

Ask An Expert