This section provides an overview of the transaction processing on AlphaTrust's second generation electronic signature process automation platform, PRONTOSign™.
PRONTOSign™ is offered to enterprises for operation in their computing environments on-premise, or as a private cloud solution, PRONTOSign™ ONLINE. PRONTOSign™ is also licensed to third party software and services companies as OEM software for inclusion in their end user software products.
AlphaTrust pioneered esignature solutions in 1998, and since then our products have processed hundreds of millions of critical business transactions each year for satisfied customers around the globe in banking, insurance, financial services, and other industries. We are trusted by some of the largest enterprise and technology service provider companies worldwide.
Our solutions easily integrate with existing applications enabling high volume, digital transaction management to reduce costs and dramatically improve the overall customer experience while adhering to strict regulatory and compliance requirements. This flexible approach allows you to create the optimal customer experience across hundreds of use cases and has made AlphaTrust the vendor of choice for some of the largest, global businesses across diverse industries worldwide.
AlphaTrust’s PRONTOSign™, launched in 2011, is a second-generation electronic signature workflow orchestration platform that automates the creation of legally enforceable, permanent business records that are the commercial and legal equivalent of paper records, including support for electronic signatures that comply with a variety of laws and regulations around the world. To download our product brief entitled PRONTOSign™ Standards Compliance, please click here. AlphaTrust’s legacy platform, PRONTO™ ERSS, was launched in 2001 and is still in production use today.
Creating enforceable electronic transactions is a major long-term initiative for most enterprise and governmental organizations. Except for a few specialized markets, most business transactions are still documented on paper today. The credit / debit card industry has created a method for enforceable electronic transactions using electronic networks over the last 30 years. It is effective for small value purchases. Other methods, such as Electronic Data Interchange (EDI), exist only in certain vertical markets among large enterprises.
Until the Electronic Signatures in Global and National Commerce Act (E-SIGN), enacted in 2000 as a United States federal, there was not a method to effectively create the electronic equivalent of a binding commercial or governmental transaction that could replace paper documentation, and in many cases, the requirement for ink signatures on that documentation. Even within organizations, there are many internal processes that require documented approval, acknowledgement, or acceptance.
This documentation, as well, must meet standards for accountability, enforceability, permanence, auditability, and document retention. Business documents and records that evidence transactions have a life cycle divided into three phases:
Phase 1: Creation, Collaboration, and Review
Phase 2: Approval, Acknowledgement, or Acceptance
Phase 3: Distribution, Audit Creation, and Secure Storage
In today’s business environment, most of Phase 1 of the transaction record life cycle has been automated. Many transaction records are generated by automated systems such as desktop software (i.e. word processing and spreadsheet software), web-based forms, and workflow as well as large-scale computer systems. Some records, mostly forms, are created on paper. The move to automated systems for Phase 1 records has saved organizations considerable time and money.
Phase 2, the transaction execution phase, could not be automated in the business environment until the legal framework supporting electronic document and record enforceability was in place. The only alternative method was to use private, contractual systems to gain enforceability (as credit card and EDI systems have used). Over the past several years the legal framework for enforceable electronic records has fallen into place. Both statutory legislation and administrative regulations have been put in place in most developed countries (including the USA, Canada, Mexico, Japan, Singapore, Australia, New Zealand, India, Russia and the European Union, among others) that provide for the use, acceptance, and enforceability of electronic records and electronic signatures.
PRONTOSign™ provides organizations with enterprise wide capability for Phase 2 and certain Phase 3 functions. These functions include:
PRONTOSign™ easily integrates with existing systems to enable fully automated digital transaction management as highlighted in the graphic below.
PRONTOSign™ can be deployed in an enterprise's existing computing environments on-premise, or as a private cloud solution, PRONTOSign™ ONLINE. PRONTOSign™ is also licensed to third party software and services companies as OEM software for inclusion in their end user software products.
Transaction Processing Introduction
All PRONTOSign™ workflow orchestration centers around the unit of work called the “Transaction”. Each transaction in PRONTOSign™ may have one or many documents associated with it. Each document may have one or many tasks to be performed by one or many participants associated with that document. Participants can have one or many tasks such as entering form data, uploading a file, acknowledging a disclosure, reviewing, initialing or signing a document, among others.
Transaction processing consists of three logical “primary steps”:
Step 1: Transaction Creation
Step 2: Transaction Execution
Step 3: Transaction Disposition
The following diagram illustrates a typical PRONTOSign™ workflow orchestration of the transaction. Please review the additional per step descriptions following the diagram. In addition to transaction processing, PRONTOSign™ also supports administrative functions for user management, monitoring, reporting, logging, and accounting. Each “primary step” has mandatory and optional “processing steps”.
Transaction Processing Steps
1. Software applications communicate with PRONTOSign™ via the Web Services (WS-I, WS-*, WCF) Application Programming Interface (API). The Web Service message used to create a PRONTOSign™ transaction specifies all the parameters required for transaction completion including document information, signer information and communication methods.
1a. Documents processed using PRONTOSign™ are formatted as either HTML documents (HTML 3.2, HTML 4.0, HTML 4.01, XHTML 1.0, HTML 5) or Adobe Acrobat® PDF documents. HTML is used to avoid the need for client side software, to meet governmental requirements for the use of open standard data formats as well as accessibility requirements for users (imposed by certain laws and regulations). Due to advances in HTML rendering over the last several years (CSS1 / CSS2 / CSS3) it is quite easy to provide precise document layout in HTML that will meet specific formatting requirements. PRONTOSign™ validates the formatting of the document by parsing the documents submitted in the transaction and making sure they conform to processing requirements (see below). Viewing signed Adobe® PDF documents requires that users have the free Adobe® Reader (version 7 or higher is required) or Adobe Acrobat®. Adobe® Reader (and any other client side technology other than a Web browser) is not required to participate in any signing or other PRONTOSign™ process.
1b. Signature and / or initial placeholders are inserted into each document at the location specified by the calling application. If no locations are specified, the signatures are added at the bottom of the document. These signatures or placeholders can be inserted using the following options:
If no locations are specified, the printed name(s) and signature(s) are included in a signature block that is appended at the end of the document. A signature block header for the appended page is fully definable by user.
1c. Documents are securely stored within the PRONTOSign™ document database and retained for a definable length of time or permanently. The documents can be optionally offloaded to another database or Document Management System (DMS) as defined by the user.
2a. PRONTOSign™ contacts each user (signers and reviewers) and requests that they sign or review their document. In the case of online users (i.e. users who have just completed a form or document and will sign immediately), the user will be entering the signing process immediately. In the case of other business processes, PRONTOSign™ will contact each user via email or via placement of a notification at a file share location. PRONTOSign™ can be configured to retry at set intervals and / or to expire the transaction after a set time.
2b. PRONTOSign™ supports several methods of access control (identification and authentication of signers). PRONTOSign™ defines two types of users: registered and unregistered. Registered users have a signature profile stored on the PRONTOSign™. Registered users have more options available to them, such as additional access control options, and stored signature bitmaps. Registered users are typically organizational employees or members of a community of interest who use the server regularly.
Unregistered users are typically casual Internet users. Unregistered users have the following authentication options:
Registered users have the following access control options:
2c. Signer Notice, Identification and Information Collection – some applications (such as consumer applications) require that users are informed and agree to participate in electronic transactions. Also, certain transactions may request that the user supply their name and identification information to be used in the transaction. More complex transactions can include acknowledgement of disclosures or terms and conditions, collection of any type of information with a variety of options including:
Users can also be asked to upload a document such as a copy of a driver’s license. The transaction can also provide materials to the user such as an employee handbook.
2d. A critical part of the signing process (a legal / regulatory process requirement) is the proper presentation of the actual document to the signer along with a request for their signature.
2e. Electronic Signature Capture - PRONTOSign™ supports four methods of electronic signature capture (as opposed to digital signature computation) and display:
2f. Once the signature is submitted by the signer, PRONTOSign™ creates the signature block and inserts it into the document. At a minimum the signature block includes the printed name and the electronic signature. Additional signature block data can optionally be included such as date/time signed (with a variety of formats), email address, IP address, organization, DocumentID, TaskID, title and even custom text or an image of your choosing.
2g. A digital signature is computed for the document (the information displayed to the signer) and the signer’s private key is used to digitally seal the document as they viewed it. Normally, signers do not possess a Public Key Infrastructure (PKI) based digital signature key and digital certificate. In this case, the PRONTOSign™ uses its own key and certificate to seal the document. The transaction can optionally be configured to use the private key on the signer’s computer (software-based or smart card-based). PRONTOSign™ currently supports client side digital signature operations on the Microsoft Windows platform using Microsoft CryptoAPI v2 operations. If you required integration with other PKI systems please contact AlphaTrust. A PKI digital signature keyset (digital certificate + private key) is supplied with each instance of the software. A client may elect to use a keyset issued from any PKI system if prefers. PRONTOSign™ supports standard X.509v3 digital certificates with a 2,048 bit or higher RSA public key. Standard digital signing operations use the Microsoft FIPS certified cryptographic providers on the Windows Server operating system. Cryptographic digital signing operations involve hashing the data to be signed (usually the bytes of a PDF documents) using a SHA-1 has algorithm. The hash is then encrypted by means of the RSA algorithm using the private key of the public-private keyset assigned to the software instance. This signed data blob is then stored as an artifact of the transaction so that is may later be used to verify the authenticity (data integrity) of document by means of a standard digital signature verification process using the public key contained within the digital certificate associated with the public key of the public-private keyset assigned to the software instance.
2h. In addition to the digital signature (seal) of each individual signer, the PRONTOSign™ also computes a digital signature (over the document and signature information) to serve as witness to the transaction and maintain document integrity over the entire transaction. PRONTOSign™, as an option, may also embed a special PDF certifying digital signature compliant with long-term validation (LTV) standards (all PKI artifacts embedded per EU ETSI / PAdES standards). This permits a PDF document to be self-validating – anyone can determine the document’s validity without reference to any other software or online system, even decades into the future. Note: this special signature type is different than a standard PDF certifying signature which requires online systems to validate and whose PKI artifacts expire. Contact AlphaTrust for further details.
3a. PRONTOSign™ logs all transaction information and audit trail history in its SQL database.
3b. All documents are stored in the PRONTOSign™ document database in serial order by transaction ID and its associated document ID(s) and task ID(s).
3c. If the transaction has been defined to send copies to signers or other designated participants, PRONTOSign™ will send a copy of all documents in the transaction via email or Web download to the applicable parties.
3d. The transaction may be configured to send the transaction (and signed documents) to another information system via a store and forward process, or via email.
Document Format Requirements
PRONTOSign™ processes HTML and Adobe PDF documents. PRONTOSign™ can process HTML documents conformant to HTML 3.2, HTML 4.0, HTML 4.01, XHTML 1.0, and HTML 5 or PDF documents in PDF 1.3 through 1.8 formats. Documents in other formats should be converted to HTML or PDF prior to submission to PRONTOSign™. Documents may be authored according to this specification in other data formats and using other tools, such as Microsoft Word. Documents must be saved to HTML or PDF format prior to submission to PRONTOSign™, or use server side format conversion tools.
No End User Software Requirements
One of the strengths of the PRONTOSign™ architecture is that the only user software requirement is a web browser for both a mobile and a desktop environment. PRONTOSign™ does not use any client side software, plug-ins, Java code, ActiveX controls, or similar technology. It supports wireless touch devices such as smartphones and tablets (Apple iOS, Android, Windows and Blackberry OS), as well as standard PC and Mac desktop and laptop computers. When using the optional client-side digital certificate capability, PRONTOSign™ requires Internet Explorer v9.0 or higher on the desktop. Adobe Acrobat® Reader v7.0 or higher is required for viewing signed Adobe® PDF documents, but is not required for the review and signing process.
PRONTOSign™ is typically integrated into web-based business process workflows or applications to perform the function of creating legally enforceable documents including the proper gathering of electronic signatures from all parties to a transaction. The software is broadly applicable to any business process requiring documents or records in permanent form. Our customers find that PRONTOSign™ is easily extended to hundreds of additional use cases across an enterprise’s various groups or business units.
To download our product brief entitled PRONTOSign™ Product Overview, please click here.
AlphaTrust provides the most cost effective and highest performing electronic signature workflow orchestration solutions available. Call us at +18.104.22.16800, option 1, or fill out this brief form with a few details and let us show you how we can help you.