- Data protection
- Digital identity
- Digital signature
- REST API
- Web Browser Module
A qualified electronic signature is an electronic signature that is compliant to EU Regulation No 910/2014 (eIDAS Regulation) for electronic transactions within the internal European market. It enables to verify the authorship of a declaration in electronic data exchange over long periods of time. Qualified electronic signatures can be considered as digital equivalent to handwritten signatures
eIDAS (electronic IDentification, Authentication and trust Services) is an EU regulation on electronic identification and trust services for electronic transactions in the internal market. It is a set of standards for electronic identification and trust services for electronic transactions in the European Single Market. It was established in EU regulation № 910/2014 of 23 July 2014 on electronic identification and repeals directive 1999/93/EC
eIDAS oversees electronic identification and trust services for electronic transactions in the European Union’s internal market. It regulates electronic signatures, electronic transactions, involved bodies and their embedding processes to provide a safe way for users to conduct business online like electronic funds transfer or transactions with public services. Both the signatory and recipient have access to a higher level of convenience and security. Instead of relying on traditional methods, such as mail, facsimile service, or appearing in person to submit paper-based documents, they may now perform transactions across borders, e.g., using “1-Click” technology.
eIDAS has created standards for which electronic signatures, qualified digital certificates, electronic seals, timestamps and other proof for authentication mechanisms enable electronic transactions with the same legal standing as transactions performed on paper.
The eIDAS Regulation came into effect in July 2014 as a means to facilitate secure and seamless electronic transactions within the European Union. EU member states are required to recognize electronic signatures that meet the standards of eIDAS.
We deliver to our customers the SignWise Services SaaS version. Software as a service (SaaS) is a software delivery model in which software and associated data are centrally hosted on the cloud by independent software vendors (ISVs) or application service providers (ASPs). It is sometimes referred to as “service(s) as a software substitute” (SaaSS) or “on-demand software”. SaaS is typically accessed by users using a thin client via a web browser. SaaS has become a common delivery model for many business applications, including office & messaging software, DBMS software, management software, CAD software, development software, gamification, virtualization, accounting, collaboration, customer relationship management (CRM), management information systems (MIS), enterprise resource planning (ERP), invoicing, human resource management (HRM), content management (CM) and service desk management.
One of the biggest buying points for SaaS is the potential to reduce IT support costs by outsourcing hardware, software maintenance and support.
MobileID is a upgrade of the traditional online authentication and digital signing; the SIM card of one’s mobile phone works as an identity tool.
Mobile Identity enables legally binding authentication and transaction signing for online banking, payment confirmation, corporate services, and consuming online content. The user’s certificates are maintained on the telecom operator’s SIM card and in order to use them, the user has to enter a personal, secret PIN code. When using Mobile Identity, no separate card reader is needed, as the phone itself already performs both functions.
In contrast to other approaches, the mobile phone in conjunction with a mobile signature-enabled SIM card offers the same security and superior ease of use than for example smart cards in existing digital identity management systems. Smart card-based digital identities can only be used in conjunction with a card reader and a PC.
Currently we support mobileID solutions from Estonia, Lithuania, Armenia, Azerbaijan, Finland.
Do you want create own mobileID solution? No problem. Connect with our sales team and we will find solution for you.
Digital ID-s are the electronic equivalents to peoples’ identity cards. It can be presented electronically to prove your identity or your right to access information or services online.
Digital IDs, also known as digital certificates, bind an identity to a pair of cryptographic keys. This pair (the private and public key) can be used to sign and encrypt digital information. A digital ID makes it possible to verify someone’s claim that they have the right to use a given key. Used in conjunction with encryption, digital ID-s provide a more complete security solution, assuring the identity of all parties involved in an electronic transaction. A digital ID is issued by a Certification Authority (CA) and signed with the CA’s private key.
A digital ID typically contains the:
- owner’s public key
- owner’s name
- expiration date of the public key
- name of the issuer (the CA that issued the digital ID)
- serial number of the digital ID
- digital signature of the issuer
- Digital ID-s ensure the authenticity of the author of the electronic document.
The authenticity of the paper document is defined by the signature, moreover, the signature itself can be authorized using a stamp or even by a notary. Electronic documents are signed using a digital signature, which not only defines the author, but is strictly linked to the contents of this document. Any changes applied to the document without author’s consent can be easily detected. Signing a document, verifying its authenticity, decrypting or encrypting can be easily done using modern cryptographic methods based on the pair of cryptographic keys.
Your signature key is never deployed in the cloud. It stays on the token and the token authenticates its usage every time you sign documents (PIN2). The Cloud only sends information needed to sign a document to your token, not vice-versa.
The jurisdiction of a contract is usually defined in the text of the document. Just like a document signed via fax or express mail, a document signed on SignWise Service is subject to whatever jurisdiction the document establishes in its jurisdiction clause.
No legal advice is provided and, due to the varying circumstances of each agreement, we cannot guarantee the validity of any document executed online. Please see our terms of service. You should not act or refrain from acting on the basis of any content included in this FAQ without seeking the appropriate legal or other professional advice on the particular facts and circumstances at issue from an attorney licensed in your state. The content of the SignWise Services website contains general information and may not reflect current legal developments, verdicts or settlements. SignWise Services expressly disclaims all liability in respect to actions taken or not taken based on any or all the contents of this site.
SignWise Services paid plans generate a substantial immediate ROI. Customer who send around 200 documents per month via the SignWise Services experience an ROI of 75x or higher. Yes, you read that correctly – a 7500% return on investment.
Offices that send around 1000+ documents per month via the SignWise Services report an ROI of 75-300x, or 7500-30000%, describing significant savings in express mail and fax expenses and a reduced workload for clerical support staff. Similarily, the higer volume numbers delivers impressive ROI for larger teams.
More importantly, a higher percentage of contracts get signed with SignWise Services. What would a 10%, 20%, or 30% increase in your sales conversion rate mean for your business? The financial justification for transitioning to online signatures is clear and compelling.
Need to contact our sales team? Interested in learning more about SignWise Services products and pricing models?
SignWise Services provides you the status of each file shared for signature with detailed status information.
If your recipient didn’t receive the notification email, we suggest several steps. Firstly, confirm that the recipient’s email address was entered correctly. Secondly, advise the recipient to check their Spam folder. It is rare for our emails to be placed in spam folders, but it does happen occasionally. Third, send the recipient another notification by navigating to your document, then clicking on the document, opening the document, and clicking Send Reminder.
Most common files are supported for upload to SignWise Services if customer is using SignWise Services file storage. Note that PDF files can be signed without adding the file to ASiC container (ASIC-e). All documents may experience slight formatting changes.
Yes. Using the SignWise Services API, certain SignWise Services features can be embedded inside a website or webservice.
SignWise Services have an industry-leading, extensible, REST-based API. SignWise Services are perfect for managing the signature acquisition function for your software or company’s internal system. Integrating to SignWise Services is easy. Please see our API page or contact us to discuss integrations or partnerships.
This is optional feature but you may:
– display your company logo on signing pages
– use your own domain names
– display custom company information on email notifications to recipients.
An original document is a file uploaded for execution. The signed document is the original file with electronic signatures.
For Customers who are using SignWise File storage service
Once uploaded and sent for signing, a document is locked and stored on a secure server with extra copies. After execution, the final document is bound with a secure hash algorithm, ensuring that no party may change an executed document. The portal’s neutrality provides further legal defense against any attempts to invalidate an executed agreement.
For Customers who are using internal storage service
Documents will not be stored in SignWise Services platform.
The electronic signature solution allows you to use your ID-card (Smart card) or mobile ID (Wireless PKI) to sign a document, creating a valid electronic signature under eIDAS and the relevant directive. Documents executed online with electronic signatures can have the same legal standing as paper documents executed by hand.
Motivated by environmental concerns and cost savings, many offices are pursuing paper-free initiatives. The SignWise is a key component in reducing paper use, providing a secure, effective method to get documents signed online without printed copies.
SignWise Services is renowned for its elegant, intuitive user experience and particularly secure electronic signature infrastructure. From sending a document with a few clicks to signing a form online, SignWise Services makes electronic signatures easy and enjoyable. With infrastructure by Amazon Web Services, our security and scalability are world-class. Continuous development and improvement keep Signare in the list of top level services.
For the professional and small business, the portal provides the simplest and most effective online document management software. For the large organization, it offers rapid deployment with few or no IT requirements, minimal training needs, a powerful suite of enterprise-only features, and custom consulting. We find the other electronic signature programs to be complex and intimidating, and, perhaps most importantly, to require signers to change their behavior in significant ways. SignWise Services replicates pen-and-paper signing in the browser, which provides a secure and familiar-feeling experience.
Furthermore, SignWise Services uses innovation in many key areas, including our robust authentication process, electronic signature solution, mobile signing options, and fill-out-a-form navigation tools. We offer an easy-to-use, full-featured solution designed for your needs.
The world’s largest and most prominent companies choose SignWise Services (www.signwise.org) because of our API, unrivaled user experience, robust infrastructure, and experienced professional services team. We work with your company to integrate the ideal workflow for your business needs. SignWise Services offer custom services including integration consulting, extensible APIs, and premier support. Contact us to discuss your needs and learn about the special features of our SignWise Services.
In this case, the fax or postal service needs to be used.
No. Signees don’t need to have an account to receive a document from the SignWise Services. There is no limit to the number of recipients to whom you send/share documents. When you send/share a document, your recipient will receive an email containing a unique link. After clicking the link, the recipient views and signs the document in the browser. If the recipient must sign documents then they must have a strong electronic ID for signing documents in the SignWise Services. The SignWise Services user interface (WEB page) is easy to use and intuitive so new recipients can sign more easily then with their current software.
The best user experience is provided with the following browsers:
The SignWise Services is designed for businesses, enterprises, governments, mobile networks operators, trust service providers, certification authorities, non-profit organisations, and others. In addition, some of the world’s largest corporations and government agencies use SignWise Services API for they own needs. The SignWise Services is simple enough for every entity’s who trusts electronic signing.
Absolutely not. Electronic documents are much safer and more secure than paper contracts and have the same legal standing when executed in accordance with the EIDAS and the directive. While documents sent by mail and e-mail are exposed throughout intra-office distribution, electronic documents are kept completely confidential and are viewed only by designated recipients. Our clients’ documents are stored in secure servers.
The service provider provides services “as is”. The service provider does not give any additional warranties in addition to those explicitly described in the terms of service. For example, the service provider does not warrant or take obligations regarding specific functions available through the services, whether these can be used for a specific purpose, are reliable, available and meet the client’s needs. The service provider is not liable for the functioning of the client’s electronic identity and certificate data carrier.
The service provider may use and forward to contractual partners anonymised data for researching the behaviour and preferences of clients and consumer habits.
The service provider collects, processes and stores the following data on the client and users, some of which allow to identify the client or users:
- Upon registering to use the services as a natural person: first and last name, ID code, date of birth, address, e-mail address, telephone number, mobile ID and/or regular telephone number, credit card information;
- Upon registering to use the services as a legal person: name, registry code, registered address, location address, VAT number (if available), website address, e-mail addresses (general, contact, technical contact, accountant), credit card information;
- upon issuing an invoice, the client’s name, address and other information necessary to meet the requirements of the Accounting Act;
- upon visiting the website, the IP address of the user’s computer;
- session information of client or user accounts;
- changes in information, preferences and access information of the client or user account.
Personal data are processed under the Personal Data Protection Act, other information in conformity with the terms of service and the law.
Data, including personal data are processed to identify the client or user, provide services and forward information in cases agreed upon in the contract or established in the terms of service or the law.
If the user uploads files containing personal data, incl. sensitive personal data, to the services, then the service provider treats this user or the client connected to the user as a chief processor of personal data, who must ensure that the data are processed as prescribed by the Personal Data Protection Act.
Upon creating a client account and user account, the client and user respectively agree that the service provider may:
- send information to their e-mail address about the service provider and the services;
- process the user’s data for constant improvement and personalisation of the services;
- anonymise data before processing so that the user cannot be identified, and process or forward these for processing anonymously to contractual partners for other purposes.
The service provider has the right to restrict or refuse to provide services to the client if the client has unpaid fees. In this case, access to the client account is only granted for the client to view and pay debts.
Upon delay of payment for the services, the service provider has the right to demand that the client pays a fine for delay in the amount 0.3% per day of the unpaid amount until it has been paid off completely. The client covers the expenses of collecting the amount which was not paid on time.
Only a credit card can be used to pay for the services, unless agreed otherwise. The client must provide their credit card information to sign a contract and use services included in a paid package. If the client has used free services and has not provided credit card information upon signing the contract, then the client must provide credit card information to use paid services. The service provider checks the information and validity of the credit card immediately after receiving the information, and after this the credit card is used to pay for services consumed automatically. The client has the right to submit several credit cards, in which case they must select one default credit card which is used in first order for automatic payment. If an automatic payment from the default credit card fails, then the service provider has the right to withdraw the payment from another credit card of the client.
Payments are done on the basis of a notification sent to the client for services provided in the previous month through the client account and/or to their e-mail address by the 10th business day of the next month and the client must pay for the services within fourteen (14) calendar days from the notification being sent. The invoice is made available to the client through the client account or sent to their e-mail address after the services are paid for.
The client has the right to change price packages during the term of the contract, in which case the client pays for services according to the corresponding price package for the period when they used services under this package. The service provider has the right to set restrictions or refuse to allow the change of package if the client has unpaid fees.
The customer takes the duty to pay for services when the contract is signed. The duty to pay the fee does not depend on whether the client is actually using the services. Disturbances in using the service do not waive the client’s duty to pay for the service.
The service provider has the right to set fees for using the services by publishing price packages on the website and/or private pricelist, and the client must pay for the services if the services are not free of charge. The client must select a suitable price package to use the services. Prices stated in packages do not include any local or state taxes and VAT is added depending on the client’s country of location, which the service provider identifies on the basis of an IP address or VAT number, depending on the client.
Yes. Every client receives the latest updates but not the new functions if the service provider decides it this way.
The client and/or user account may be connected to the client’s or user’s LinkedIn, Facebook, Google+ and Twitter accounts if desired, and the service provider, user and client have the right to post information to these social networks as the client or user in relation to their activities with the services.
By using the services, the user undertakes not to break any law of the United Kingdom. This means, among other things, that the user cannot upload files to the services if they don’t have the permission of a relevant person to upload these files.
Whenever the user uploads files to the services, they must ensure that this does not break the contract, terms of service, generally accepted practices and the law. The user may not upload files to services if they contain viruses or other computer programmes and files which damage or otherwise disturb the regular functioning of the services or which are saved in the computers of the service provider or the users and disturb or damage their regular functions.
No. The service provider offers service support only by e-mail.
The service provider has access to files uploaded by the customers for the purpose of support, maintenance and development carried out in the services, if the files are stored in data storages used by these services. The service provider doesn’t have the right to open and view any uploaded files.
Clients cannot access each other’s files, i.e. the files of each user are separated from the files of other users. Users can access only the files for which the client has granted them access. A third person can only access files which have been shared with them.
The service provider takes all necessary security measures in order to protect files from unauthorised persons and malware and ensure that files are safe during the time the contract is valid. The service provider confirms that the services conform to the requirements of OWASP Application Security Verification Standard Level 2A. The users’ files are stored at a data centre certified at SAS-70 type 2 level (SOC2) in 256-bit SSL encrypted form.
The information and files of all clients related to using the services are stored in the information system managed by the services, with data storage service providers whose servers are in the European Economic Community unless the parties have agreed otherwise. Upon signing the contract, the client agrees that such data and files are stored in this manner.
Every time the user logs into the services, they confirm that (a) all information they have submitted are correct, true and complete; (b) they are at least 18 years old or have their guardian’s consent to use the services; (c) they have all rights and authorities to use the services in the client’s name. These confirmations are presumed correct and the service provider does not have to check it.
The contract for using the services is deemed to have been signed from the moment when the user starts using the services, i.e. an account has been created and activated for the user and/or the user starts factually using the services. The contract does not expire.
The SignWise Web Browser Module is a software which the client or user installs in the computer, which allows a web browser to interact with a chip or USB data carrier containing electronic certificates which the services support. The client or user has the right to stop using the services at any time by removing this software from their computer.
Meeting the AES requirements makes an electronic signature equivalent to a handwritten signature in most EU countries and the Economic Community.
An advanced electronic signature (e-signature): (a) is connected only to the signer; (b) allows to identify the person; (c) is made with information necessary for e-signatures which can only be used by the signer at a high level of security, and (d) is connected to signed data in a way that allows to identify all later changes in the data. An AES is created by a qualified electronic signature creation device and is based on a qualified certificate for electronic signatures. A qualified certificate is a certificate which conforms to specific EU requirements and is issued by a certification service provider who also conforms to specific EU requirements.
The service provider notifies clients and users of changes in the terms of service on the website and by a notice sent to the client’s and users’ contact information at least fourteen (14) calendar days before their entry into force. If the client or user disagrees with the changes then the client has the right to terminate the contract during the 14 calendar days before the actual changes. If the client and/or user continues to use the services after these 14 calendar days has passed, then they are deemed to have agreed with changes in the terms of service.
No. The client and the user may not use the services provided by the service provider or any services provided through these (a) if they disagree with the terms of service; (b) for committing fraud or other offence; (c) against the law in any other way.
SignWise Corporation Limited (registry code 09097865, address 24 Holborn Viaduct, International House, London, EC1A 2BN, the UK) or an affiliated subsidiary or partner who has the right to provide the service.