In this article, we propose What-You-See-Is-What-You-Timestamp (WYSIWYT) as an attractive alternative to Qualified Electronic Signatures, for certain signing needs where non-repudiable user acceptance and integrity protection are required for a given contract or transaction, i.e. when documents need to be formally accepted, but where no fulfilment form is prescribed by national law.
Throughout the European Union, a Qualified Electronic Signature (QES) is the legal equivalent to a hand-written signature. Regulated through the eIDAS (Electronic Identification and Trust Services) framework, a QES provides data integrity, and non-repudiation by linking the signed document with qualified electronic data that authenticates the signer with a high level of assurance. On the downside, a QES may incur significant costs due to demanding user identification and compliance demonstration.
A number of transactions in everyday business, however, do not require the full legal force of a QES, but simply a non-repudiable time stamping, e.g. for legal archiving purposes. An example is a bank requesting acceptance of legally binding documents from a user, such as fee and service condition agreements.
Such non-repudiable time stamping can be securely and efficiently achieved using the Cryptomathic WYSIWYS (what-you-see-is-what-you-sign) technology, in conjunction with the provider’s readily available user authentication mechanisms and a trusted time stamp authority.
WYSIWYT uses a simple infrastructure:
User domain: The user is in possession of a laptop, tablet or mobile phone and uses a browser for document acceptance.
Business Application Provider domain: The application provider manages the business workflow including strong authentication and prepares the document(s) to be accepted.
Trust Services domain: The Time-Stamp Authority (TSA) provisions of trusted time stamps.
This is a typical WYSIWYT workflow:
As a result of this process, the user has provided their wilful acceptance of the document(s). Under the condition that the driving application logs a binding between the user and the WYSIWYT time stamp, that acceptance is not repudiable: Using the WYSIWYT time stamp, the bank or business can demonstrate before a court of law, that a given document in a given form was presented to the user, and may reproduce the semantic context under which the user provided their acceptance.
When no fulfilment form is prescribed by national law, WYSIWYT has multiple advantages compared with QES, or non-QES performed through another solution available in the e-signature domain where items b), c) and d) may not be optimal:
Data protection: With WYSIWYT, the documents stay in the bank/business premises. This may be achieved for QES if WYSIWYS technology is used, but other signing solutions typically require the upload of the documents to the signing solution provider’s cloud.
Identity verification with WYSIWYT is based on the business’s established KYC (Know Your Customer) solution. In contrast, identity verification is strong but costly for QES, because a certificate-issuing Trust Services Provider is involved. Identity verification is generally not as strong as WYSIWYT for other solutions as typically external links are sent that can be easily copied or shared.
User authentication with WYSIWYT is as strong as the bank’s established authentication mechanism for bank transactions which in the EU must include multi-factor authentication. While in the case of QES, a certificate-issuing Trust Service Provider is involved, user authentication outside the QES setting is simpler and generally not as strong as WYSIWYT as it is usually done with “unique” URLs being sent to the user.
Proof of accurate rendering and integrity protection is in the bank’s hand through the Cryptomathic WYSIWYS technology. If WYSIWYS technology is not used, such proof is contained in the signing-solution provider’s logs, and therefore that provider is necessarily involved in all litigations.
Time stamping: Non-repudiable proof that a document existed at a given point in time is guaranteed using WYSIWYT. While, in other consumer applications, a simple seal may be used to indicate the integrity of the document, it is only as strong as the trustworthiness of the time stamping system which is negligible in an untrusted environment.
Cost: In large quantities, the WYSIWYT solution costs a few cents per document, while other solutions are usually significantly above 1€ per document, depending on the exact features and plans.
The WYSIWYT functionality is readily available in the Cryptomathic Signer.