Because PKI based eSign is unscalable and simple eSigns are unsecure, unverifiable, so

Advanced ESignature 

ESign%20Stamp_edited.jpg

Based on self-sovereign cryptographic digital identity, I-AM Crypto-ID, the Pi-Control    platform embeds advanced eSignature to digital documents and transactions. This is a sleeker alternative for age old PKI based eSignature technology and a secure alternative to traditional simple eSignatures

TM

®

"Using Pi-Control advanced esign we began signing all our internal and external digital transactions for better verifiability"

Business Head at Reputed Bank

Bank
 

Advanced eSign

An advanced eSign is a simple signature with additional elements in place to enhance the authenticity and security of digital documents and transactions. Here are the requirements for an advanced eSign, as per eIDAS guidelines:

  1. It must be uniquely linked to the signatory

  2. It must be capable of identifying the signatory

  3. It must be created using data that the signatory can use under their sole control with a high level of confidence

  4. It must be linked to the signed data in such a way that any subsequent change in the data is detectable

One of the benefits of eSign is that signers do not have to be present physically which increase convenience and boost electronic commerce. Due to this reason various governments have released their own set of regulations on electronic signatures.  Most enterprises use either PKI based electronic signature or simple electronic signature. 

PKI Based eSign is an extremely cumbersome model of eSignature implementation. Owing to the complex key management, high costs, and immense user education, these are highly unscalable forms of eSign

Simple eSign is data in electronic form attached to or mapped with other data in electronic form and which is used by the signatory to sign. This can be an image of your physical signature in digital form, or a checkbox that indicates your consent. Simple e signatures are scalable and easy to use but they are vulnerable to repudiation and other identity related cyber threats.  

Sign42 is powered by I-AM    Cryptographic digital identity platform and Pi-Control. Sign42 derives the trust based on a self-sovereign identities framework within I-AM   It eliminates the need for manual overhead of key management and makes onboarding and eSigning simplified.

®

®

Regulatory Compliance

In addition to being fully compliant with the Model Law, Sign42 Pi-Control Advanced eSign follows eSignature guidelines as specified by regulatory bodies in Europe (eIDAS), USA (UETA/ eSIGN ACT) and India (IT Act2000 and 2008 amendment)

Sign42 is compliant with following eIDAS Advanced ESignature Regulation (Europe)

  1. ESignature must be uniquely linked to the signatory

  2. ESignature must be capable of identifying the signatory

  3. ESignature must be created using data that the signatory can use under their sole control with a high level of confidence 

  4. ESignature must be linked to the signed data in such a way that any subsequent change in the data is detectable

Sign42 Compliance India IT ACT.png

Sign42 is compliant with following UETA and ESign ACT (USA)

  1. Intent to sign: Electronic signatures, like traditional wet ink signatures, are valid only if each party intended to sign

  2. Consent to do business electronically: The parties to the transaction must consent to do business electronically. Establishing that a business consented can be done by analyzing the circumstances of the interaction, but consumers require special considerations. Electronic records may be used in transactions with consumers only when the consumer has:

    1. Received UETA Consumer Consent Disclosures

    2. Affirmatively agreed to use electronic records for the transaction

    3. Has not withdrawn such consent

  3. Association of signature with record: In order to qualify as an electronic signature under the ESIGN Act and UETA, the system used to capture the transaction must keep an associated record that reflects the process by which the signature was created, or generate a textual or graphic statement (which is added to the signed record) proving that it was executed with an electronic signature.

  4. Record retention: U.S. laws on eSignatures and electronic transactions require that electronic signature records be capable of retention and accurate reproduction for reference by all parties or persons entitled to retain the contract or record.

India

India

 

Sign42 Vs PKI Comparison

Parameters

I-AM SIGN42

PKI

Unique ID Association

TTP assigns unique identities to signer

individuals choose their digital identity & private/public keys independently

One Time Use Signing Key

Document content specific, contextual, time-sensitive, dynamic

Same key is used multiple times, vulnerable to compromise

Non-Deniable

(Non-Repudiation)

The signer can generate the key only after successful crypto authentication, thus the signature is undeniable

CA1 binds key K to user X, and CA2 binds key K to user Y, then either or both user can deny that he/she has not signed. 

Non-Forgeable Identity

TTP makes sure the uniqueness of the identity and authentication, thereby signature is non-forgeable

Given the public key, it is hard to find the private key. So it is hard to forge

Control of Signing (Authorization)

Tamper Proof (Integrity)

Authentication

Privacy (Encryption)

Signing happens only after authentication, so signer has the sole control of signing

Control of signing is dependent of private key; finding private key from the public key is a hard problem. In this way signing activity is controlled.

The hash of the document is used both in signing and verifying process making it tamper proof

The hash of the document is used both in signing and verifying process. So it is tamper proof.

TTP authenticates each user and Enterprise in real time for every user interaction (signing/verifying)

The CA verifies only revocation list. It doesn’t authenticate the users or enterprise, leaving the responsibility to the respective parties

TTP helps generating the symmetric keys for message privacy using I-AM Crypto-ID of transacting parties and TTP

Public private key pair can be used for encrypting and decryption of the message.

 

Sign42 Advantages 

Easy: Frictionless Integration, easy to use, without any requirement of USB tokens, key files

Low Operating Cost: Lower Operational Costs are because of no key management overhead and no dedicated workforce requirement  

Compliance: Ensures IT Act Compliance and fulfills reliability and security requirements specified by Indian IT act and most other eSign specifications

Scalable: Highly scalable to millions of users, entities, devices, applications and things

Low Onboarding Cost: Reduced Onboarding Costs and Complexity because of democratized electronic signature scheme and no PKI like in-person verification costs

Real-time: Real Time operation to collectively generate electronic signatures among signer, TTP and verifier

Military grade security: Strong and Comprehensive Cryptographic architecture, combines strong novel identity model with strong signature scheme. Eliminates fundamental limitations in traditional eSign specs

IoT Ready: Universal Identity Extensibility, Extends eSign capabilities to apps, things along with the users

Cryptographic MFA

Cryptographic Authentication

Secure Remote Access

 
 

Getting Started

people meeting-3245739_640.png
magnifying-33170_640 Transaction Securit

Join one of our Group Demo

Join our Workshop on Cryptographic Authentication

calendar-1559935_640.png

Schedule a Discovery Session

  • linkedin

©2020 by Fortytwo Labs LLP