2 min read

Cryptomathic Signer Supports Multi-Tenancy+ for Global Signatures

Cryptomathic Signer Supports Multi-Tenancy+ for Global Signatures

When deploying digital signatures to fully digitalize business processes, large organization such as banks must comply with the technical and legal guidelines of the country in which they operate. Complying with standards of various jurisdictions can prove difficult when the signature solution must be made available on both a global and a local level. Cryptomathic’s eIDAS certified QSCD solution, Signer, provides the required functionality for Multi-Tenancy, Multi-Policy, and Multi-IdP support - enabling flexible electronic signatures that delivers the level of granularity that such large organizations require. 


Multi-Tenant Use

Cryptomathic’s Signer is multi-tenant capable and provides a strong logical split between tenants. This makes it ideal for the banking and finance industry where clients are often booked via booking centers.

 Adopting Global e-Signature Strategy for Large Banks and Financial Services

Larger organizations may have several booking centers on the same instance / technology stack and need to ensure that tenant A cannot see what tenant B does and vice versa. This “Chinese” wall between tenants also allows TSPs (trust service providers) to offer direct integration with multiple clients who cannot see what each other does. By doing so, a business can leverage one QSCD instance with multiple clients/tenants without impeding security or SLA requirements.

Multi-Policy Use

Cryptomathic’s Signer technology provides multi-policy support to deliver electronic signatures using different policies, should it be for different jurisdictions or different assurance levels within the same jurisdiction.

 Selected Signing Services

For example, one policy could be for qualified electronic signatures (QES), another one for advanced electronic signature (AdES) as per the EU’s eIDAS regulation. Other policies include QES and AdES, according to ZertES, the Swiss Federal law on electronic signatures. 

In our Selected Signing Service offered in partnership with Swisscom we also offer support for secure electronic signatures under the Singapore Electronic Transaction Act (SG ETA), and more.

This enables global banks to introduce signature services throughout the organization with a single technology platform / API. 

Multi-IdP Use

Finally, Cryptomathic’s eIDAS technology is also suited for Multi-IdP use. An Identity Provider (IdP) typically acts as a single sign-on solution to provide users with their credentials and assert that the user has been strongly authenticated. When they represent a substantial authentication level, such assertions can be used to activate the signature key in Signer in compliance with the European Norm 419 241-1 (to digitally sign at a qualified level). In Signer it is possible to support multiple IdPs simultaneously if they have been entrusted before, thus allowing for great flexibility. The current version supports:

  • Security assertion markup language (SAML assertion)
  • SMS-based OTP using Authenticator for easy user enrollment
  • Other methods, including Open ID Connect using so-called JWT tokens.

Contact us for free consultancy on implementing a global e-signature service.


Download white paper