eIDAS provides the technical and legal framework needed for electronic identification and digital signatures to allow the banking industry to digitize its processes fully. This article introduces the technology needed for remote signing at the level of a qualified electronic signature (QES).
Key Drivers and Challenges
Key drivers of electronic identification and digital signatures are:
- the accelerated digital transformation across all industries
- the need for business continuity - also in purely digital processes
- the need for non-repudiable digital agreements and
- severe competition, which is pushing towards digitized and less costly processes.
However, the implementation of these non-repudiable processes in a business infrastructure can be challenging, costly and time-consuming. Most companies do not have inhouse competence, neither in designing optimal processes (optimized on business aspects and legally compliant) nor in choosing and implementing the right technology.
On the other side, companies are reluctant to outsource the identification and signing service fully, as they risk losing ownership of important customer data.
Proven and Reliable Signing Technology by Cryptomathic
Cryptomathic Signer offers the technology needed to remote signing at the level of a qualified electronic signature (QES). In doing so, Signer leverages the existing digital identification and authentication procedures, including, but not limited to:
- Authentication services - for strongly authenticating digital / online users
- DMS - document management systems
- IdM - Identity management systems
- KYC - Know Your Customer - for initial onboarding and AML compliance
Cryptomathic’s eIDAS certified remote signing solution (Signer) is modular and blends seamlessly into existing IT architecture. The solution adapts and complies to varying legal framesets depending on the countries and areas of jurisdiction involved.
Non-Repudiation Provided by WYSIWYS
WYSIWYS stands for “What You See Is What You Sign.” It is used to ensure that the data to be signed is non-repudiable, meaning that it cannot be tampered with before and after the signing process, which occurs under the user’s sole control.
WYSIWYS is designed to counter “man-in-the-middle” attacks that could occur:
- Between Client and WYSIWYS server
- Between Client and Signer
- Man in the browser
- Reuse of federated identity credentials
Suited for Multi-Tenant, Multi-Policy, and Multi-IdP Use
Cryptomathic Signer is suited for Multi-Tenant, Multi-Policy, and Multi-IdP (Identity Provider) use:
For Multi-Tenant use, Signer provides a strong, logical split between tenants and is a good fit for booking centers.
For Multi-Policy use, Signer supports secure signing under multiple regulatory schemes, including ZertES (Swiss regulation), eIDAS (EU regulation), Singapore ETA and more...
Overview of Integration Options
Cryptomathic Signer can be integrated into different integration options for digital banking:
- Native integration into existing platforms
- eConsent “DBC” module for integration with core digital banking systems
- Signature Portals such as “Signius,” which is a fully-fledged portal with custom UI and can be integrated with custom KYC, Auth, and DMS
Depending on customer requirements, Cryptomathic Signer is available as a on-premise licensed technology, hybrid service or as a fully managed cloud service.