The demand for remote digital signatures to enhance security and customer experience continues to grow across the EU as the banking and financial sector moves forward with digitalization, global expansion and technological transformation. This article presents 3 integration options for Cryptomathic’s digital signing solution.
In recent years, it has become increasingly apparent that banking customers haved moved away from traditional branch-based banking and across to online and mobile alternatives. This is due to technological advancements and digital processes that streamline requirements, making it easier for both businesses and consumers to manage business needs and finances in parallel.
This means that customers now expect services to be made readily available - convenient and technologically sophisticated - increasing the requirement and use of technology to remotely ‘bridge’ customers and financial institutions.
Transitioning towards remote digital services
The integration of qualified digital signatures into various financial services as a form of online security and identity will increase the level of trust between customers, organizations as well as other vendors such as third party (fintech) companies.
The following sections introduce 3 comfortable approaches to integrate digital signing into a corporate IT infrastructure.
The second option proposes a special building block, designed for integration with core banking systems such as mobile banking or online banking applications.
The last option provides an as-a-service solution. It reduces the company’s integration effort, all while keeping the signing activity behind the frontend of the customer.
1. Multi-Purpose integrated technology solution
The first option is a multi-purpose solution, providing a variety of APIs, SDKs and possibilities of customization for high secure, end-to-end digital communication chains. (full description: Signer - how it works)
Cryptomathic’s eIDAS-certified signing technology satisfies this demand with its different integration options while delivering the highest assurance level for multiple jurisdictions.
Cryptomathic supplies back-end solutions, channel management applications as well as front end SDKs for an easy, error-free and secure integration.
Native Integrations in the frontend
By using Cryptomathic’s SDKs in the frontend applications, customers and application providers can simplify the implementation process. Cryptomathic provides APIs for signing and certificate handling. They can be easily integrated into mobile apps, desktop applications and HTML over HTTPS communication. A special API allows companies to register a user and establish a certificate for a given policy.
End-to-end channel control
Cryptomathic also includes a Software Development Kit (SDK) and API to secure the channel outside the customers (firewall-)protected zone. A What-you-see-is-what-you-sign server (WYSIWYS) provides a pre-produced application for managing the signing process. Additional software which is also included in the SDK allows to control and protect the channel end-to-end. The Signer API is Common Criteria Certifie.
Cryptomathic’s technology for a native integration in the backend includes:
- RestFul API for the Registration Authority
- A customizable WYSIWYS server
- Support for a range of new or exisiting multi-factor authentication methods and systems
Integration Module for Digital Banking
The eConsent Module for Digital Banking Consent (DBC) is designed for integration with core banking systems that are already delivering digital services, such as mobile banking or online banking. Typically, such a system may already provide some notifications and manage some content, including documents.
This integration includes:
- Docker container for integration with core banking systems
- Built-in workflow management for advisors and signatories
- Mobile banking UX
- Integrates with core banking portals, including Crealogix, Temenos or Avaloq
eConsent integrates within the core banking solution and can be triggered by processes to register a workload for advisors and signatories in an automated fashion. Messages can be sent to mobile devices to notify banking customers; for example, an individual who has applied for a loan can be notified on their mobile device that a document is available for signing.
As-a-Service Digital Verification and Signature Portal
The third type of integration available for Cryptomathic’s eIDAS technology is a hosted digital identity and signing portal, through Cryptomathic’s partners, such as ESYSCO’s Signature Portal “Signius”. Rather than integrating APIs or code into existing software, signing can be performed by subscribing to a remote signing web portal. The portal's back end delivers functionality that allows users to file certain documents that can then be distributed automatically to a signatory or multiple signatories via an email message that notifies them that a document requires a signature. These documents could be uploaded manually or automatically by an uploader API that creates a file, typically a PDF file, and then sent and distributed to be signed.
Such digital signature portals include:
- Full-fledged portal with custom UI
- Doc Upload for multi-party signing and workflow orchestration
- Possible integration to custom KYC, Auth, or DMS
- Workflow management, such as batch-signing and multi-party signing
- User ID and user auth
- Track and trace that allows the advisor to see what has been signed and what is still awaiting a signature
- Custom branding
- Integration through API
- Integration with existing IdP
- Delivery of app
Contact Cryptomathic for further details on integration options.