eIDAS provides the technical and legal framework needed for electronic identification and digital signatures to allow the banking industry to digitize its processes fully. This article introduces the technology required for remote signing at a qualified electronic signature (QES) level.
Key Drivers and Challenges
Key drivers of electronic identification and digital signatures are:
- the accelerated digital transformation across all industries
- the need for business continuity - also in purely digital processes
- the need for non-repudiable digital agreements and
- severe competition, which is pushing towards digitized and less costly processes.
However, implementing these non-repudiable processes in a business infrastructure can be challenging, expensive, and time-consuming. Most companies do not have in-house competence in designing optimal processes (optimized on business aspects and legally compliant) or choosing and implementing the appropriate technology.
On the other side, businesses are reluctant to outsource the identification and signing service fully, as they risk losing ownership of important customer data.
Proven and Reliable Signing Technology by Cryptomathic
Cryptomathic Signer provides the necessary technology for remote signing with a qualified electronic signature (QES).
In doing so, Cryptomathic Signer leverages the existing digital identification and authentication procedures, including, but not limited to:
- Authentication services - for strongly authenticating digital/online users
- DMS - document management systems
- IdM - Identity management systems
- KYC - Know Your Customer - for initial onboarding and AML compliance
Cryptomathic’s eIDAS-certified remote signing solution (Signer) is modular and blends seamlessly into existing IT architecture. The solution adapts and complies with varying legal framesets depending on the countries and areas of jurisdiction involved.
Non-Repudiation Provided by WYSIWYS
WYSIWYS stands for “What You See Is What You Sign.” It is used to ensure that the data to be signed is non-repudiable, meaning that it cannot be tampered with before and after the signing process, which occurs under the user’s sole control.
WYSIWYS is designed to counter “man-in-the-middle” attacks that could occur:
- Between the WYSIWYS server and client
- Between Signer and client
- Man in the browser
- Reuse of federated identity credentials
Suited for Multi-Tenant, Multi-Policy, and Multi-IdP Use
Cryptomathic Signer is suited for Multi-Tenant, Multi-Policy, and Multi-IdP (Identity Provider) use:
For Multi-Tenant use, Signer provides a strong, logical split between tenants and is a good fit for booking centers.
For Multi-Policy use, Signer supports secure signing under multiple regulatory schemes, including ZertES (Swiss regulation), eIDAS (EU regulation), Singapore ETA and more.
Overview of Integration Options
Cryptomathic Signer can be integrated into different integration options for digital banking:
- Native integration into existing platforms
- eConsent “DBC” module for integration with core digital banking systems
- Signature Portals such as “Signius,” which is a fully-fledged portal with custom UI and can be integrated with custom KYC, Auth, and DMS
Depending on customer requirements, Cryptomathic Signer is available as an on-premise licensed technology, hybrid service, or a fully managed cloud service.