DigiCert® Document Signing Manager

DELIVER BUSINESS AND LEGAL COMPLIANCE WITH THE HIGHEST LEVEL OF TRUST

Trust and identity are crucial in the age of digital documents What is a Qualified Trust As digital documents increasingly replace paper Service Provider? processes, the need for trusted signing solutions is growing at a rapid pace. Without trust, businesses, Signing service regulations set by the governments and individuals cannot be certain of the and the European validity of people and organizations, creating a risk for Technical Standard Institute (ETSI) tampering or fraud in transactions, agreements represent the highest benchmark for and . signing security and identity in the world. The highest level of assurance DigiCert Document Signing in this standard is a Qualified Trust Manager delivers identity and (QTSP). As part of the acquisition of QuoVadis, DigiCert Even in the world of secured signing, not all document is recognized by the EU and ETSI as signing solutions are the same. DigiCert Document meeting the signing standards laid out in Signing Manager is built on Public Key Infrastructure, eIDAS regulations, making DigiCert one a proven encryption, and identity of a select few global QTSPs. DigiCert technology. With Document Signing Manager, a also meets all requirements for qualified document is not only signed with cryptographically signatures in , according to secure identity, any person reviewing knows who signed the Swiss Signature Law (ZertES). the document and they will see that the document is unaltered. In fact, DigiCert + QuoVadis document signing is recognized both as equivalent to a handwritten signature and in many places, proof of identity equal to a form of government ID.

As a QTSP, signing solutions from DigiCert meets and exceeds the highest standards for signing security, authentication and identity in every region around the world.

1 DigiCert® Document Signing Manager

Different grades of assurance for different types of documents

Recognized digital signatures vary in requirements and validation, according to the level of assurance needed by an individual or organization.

Type of signature Basic/Standard Electronic Advanced Plus Digital Qualified (SES) Signature (ADS/AATL) (QES)

Signature An electronic signature a signer A digital signature that meets A digital signature that meets requirements applies to a document as specific requirements, providing advanced requirements and evidence of their acceptance a higher level of signer identity backed by a Qualified Trust or approval. This can include a verification, security and Service Provider (QTSP) on scanned image of a signature or tamper-proofing. the EU Trusted List (ETL) and selecting the “I accept” button. certified by an EU member state or a QTSP on the Swiss Trusted List. This advanced digital signature is often used as an equivalent to a “wet signature.”

Assurance and None Signature linked to unique signer QTSP must establish the identity validation integrity and authenticity of Signer can be identified by the signer: requirements government identification, but not guaranteed 1. The electronic signature creation data is secure Signature created using the and confidential specific identity data under the signer’s sole control 2. The identity of the signer can be proven by the Signature is tied to signed data QTSP by face-to-face, or for which changes are detectible similarly robust identity verification process

Signature is qualified for Adobe Approved Trust List (AATL)

Examples Employees signing documents Consumer credit or Contracts to lease, transfer or during onboarding loan agreement buy real estate

Commercial agreements Collective employment Family law documents between corporate entities contracts Incorporation of limited Consumer agreements Employment agreement liability company between agent and employee Software license agreements

eIDAS Level of Low assurance Substantial assurance High assurance Assurance (LoA)

Validation level No validation Some validation Maximum (rigorous) validation

2 DigiCert® Document Signing Manager

Two ways to sign Stronger security Create stronger security with options for Two Factor Individual signatory (eSignature) Authentication (2FA).

A natural person, as an individual signatory, can easily Easy integration and securely sign documents like personal contracts for Incorporate web services and third-party workflows like real estate transactions, bank accounts and confidential Adobe Sign, Ascertia Signing Hub and others. information like medical documentation. Flexible deployment options Organizational signatory (eSeal) Deploy a hosted or on-premises solution. For business and government, a legal person, as an Key benefits organizational signatory, can sign for the company or entity—with the option for mass or bulk signing—while • Reduce the cost of paper, administration, and ensuring the document remains tamper-proof. shipping fees • Improve customer loyalty and experience by The document signing advantage simplifying on-boarding or signing requirements Empower your customers to digitally sign anytime, • Decrease turn-around time for signature anywhere. Our all-in-one solution includes certificates, transactions from days to minutes technology and automation options that deliver • Increase security for high dollar a competitive edge while improving the value transactions customer experience. • Deploy trust with legally valid signatures Features • Ensure business continuity while creating a competitive advantage Customized signing workflows • Satisfy global and industry governance Build comprehensive workflows with multiple and regulations technology options such as Ascertia SigningHub, Adobe Sign or DocuSign. Technical specifications Effortless validation and integrations Allow your customers to remotely create a secure identity in minutes using Verify by DigiCert powered Digital signing protocols by IDnow. • Rest API Simplified key management • CSC API Protect keys in a Qualified Signature Creation Device, hosted in a trustworthy environment. Available integrations Streamlined administration • Adobe Sign Make management easy for Admins with centralized • Ascertia SigningHub policy and control for users and signers. • DocuSign Detailed tracking Obtain reports and check audit trails for corporate or government regulation and policy.

3 DigiCert® Document Signing Manager

Compatible with

• Microsoft Office® • Other third-party solutions like DocuSign • Adobe® Acrobat & Adobe Reader • Plus, a variety of document types including PDFs, • LibreOffice® ODF, DOCX and XML • Open Office™

Cloud based remote signing architecture

User Environment Business Layer DigiCert ONE Signing Engine

Signing Secure protocol for Adobe Sign Request Identify Validation (hash) authentication and Services authentication of User initiates signing SAM module to HSM request from any device Signing Hub Credentialing with any browser API Service Digital DigiCert ONE DSM HSM EN 419 221-5 PP Signature certified crypto module Signature Activation Signing Service Protocol Business Application (SAM) SMS Authorization using OTP OTP Time-Based OTP (Google Authenticator , etc.) OTP (n/a for TOPT) Messaging Service HSM encrypted Signing Keys for users

OTP (n/a for TOPT)

DigiCert® ONE The trusted leader in PKI

Document Signing Manager is part of DigiCert ONE, a At DigiCert, finding a better way to secure the is modern, holistic approach to PKI management. Built on a concept that goes all the way back to our roots. That’s advanced, container-based architecture, DigiCert ONE why our certificates are trusted everywhere, millions allows you to rapidly deploy in any environment, roll of times every day, by companies across the globe. It’s out new services in a fraction of the time, and manage why our customers consistently award us the most users and devices across your organization at five-star service and support reviews in the industry. any scale. And it’s why we’ll continue to lead the industry toward a more innovative and secure future. In SSL, IoT, PKI, and For more information on DigiCert® Document Signing beyond—DigiCert is the uncommon denominator. Manager, contact one of our document PKI experts at [email protected]

© 2021 DigiCert, Inc. All rights reserved. DigiCert is a registered trademark of DigiCert, Inc. in the USA and elsewhere. All other trademarks and registered 4 trademarks are the property of their respective owners.