Here is our five-step guide to how the digital signature process works:
1. Create the document
The document is created with whatever tool is used in the organization. To prepare for signing, the document should be converted to PDF (Portable Document Format). Not only is this the best format for adding digital signatures into the document, but it is also the format that can be viewed by anybody on any device. It is recommended to use the PDF/A standard when creating the document, as this format is made for archiving. It also ensures that the visual representation of the document is preserved.
# 2. Upload the document
With digital signatures, there are numerous options out there. The provider chosen depends entirely on what aspects of the digital signature are required. There are basic free apps, subscription services offering premium features, cloud-based solutions for on-the-go signing, or an app integrated into your CRM. Choose whichever suits best for the types of documents that need to be signed. If you need to sign a more casual document without money involved, it might be okay to use a simple electronic signature, for example scribbling a handwritten signature on a screen. This will have no evidence of the signer’s identity. But if you are dealing with legal documents or contracts, you should opt for a digital signature with identity verification built into the solution to keep you safe. Digital signature encryption ensures the data associated with the signed document is secure, and helps to verify the authenticity of the signature.
# 3. Send a signature request
Create a signature request to send the document to the signers. Each signer will receive the document, and have the option to sign it, using a method defined by the sender, such as eID, uploading ID paper, or even the low-security scribble a signature on a screen. The latter gives no indication of the user’s identity unlike the former two. Multiple users may be added to a signature request, and may sign in-sequence or in-parallel. Use the solution, for example Signicat, to manage the documents to be signed and reach out to the users signing. Receive status updates of the request and if multiple signers are involved, you will receive another update when the signing is complete. Generating the document and sending a signature request can all be done directly within a CRM system, such as Microsoft Dynamics or SalesForce.
# 4. Wait for signatures
Each of the signers will receive a notification that they have received a document to sign. Depending on the user and their location, different methods are available to sign the documents. In some geographies, such as the Nordics, there is wide coverage of eIDs, and in this case, the user can sign simply by using the eID credentials. The user’s identity has already been validated, and can then be re-used for signing. If no eID is available, the user can sign by uploading their personal ID paper and taking a self-portrait. This is more work for the user, but will give good proof of identity. If the identity is already known by other means, or the risk is low, the user can sign using a simple scribble on the screen, and an OTP (One Time Password) sent to the user’s mobile phone, which then will prove possession of the device.
# 5. Finalise the document
Once the document is signed by all required signers, the signed document is generated. This contains all the collected evidence during the signing, and the signatures will show who signed and can be verified to make sure the document has not been modified after it was signed. This information can later be used as legal evidence. Once upon a time, you needed a courier to send signed paper documents to the recipient, but now you can send everything finalised with the touch of a button, while knowing everything is legal and verified.
# What about a higher level of identity assurance?
In many regulated industries, a higher level of identity assurance is required. Consumer lending, car leasing and real estate are becoming increasingly digital, but a simple finger signature on a screen is insufficient without identity verification.
The ability to integrate identity verification in an electronic signing workflow has been a game changer for many industries. A person’s identity can also be verified across borders, either with an electronic ID or a digital service that validates a person’s identity by scanning their ID document during the process, and even combines it with a selfie or liveness check.
These methods give the other party certainty that the signer is who they say they are, and a result of this verification will be included in the electronically signed documents.
Depending on the customers requirements for assurance, the solution can consist of:
- A simple scribble on a screen
- Additional one time password sent by text message
- ID document scanning with or without selfie
- Verified digital identity, which represents strong customer authentication level of assurance.