Logo preloader Xtension

Unique Trusted Third Party Service

The main idea of the signaturiX solution is to reduce the number of paper documents in circulation, i.e. to support paperless processes. Working on increasing the security, also the legal security, of our customers, together with the qualified trust service provider Certum, we created the unique Trusted Third Party service on the market.
Certum
Security
Signaturix

Our system can work in two ways. The first way is an independent solution for creating, signing and archiving electronic documents. In this case we use the additional software signaturiX Client. The second way is to use the API to integrate an existing document processing software (for example CRM or ERP) into signaturiX. In this case signaturiX exchanges via API the PDF files to be filled in and signed.

 

As part of our work to increase the security, including legal security, of our clients, together with qualified trust services provider Certum, we created a unique Trusted Third Party service on the market. This service is provided by Certum on a dedicated secure infrastructure. For each signaturiX client covered by the Trusted Third Party service, a cryptographic key pair is generated by Certum. The public key is implemented in the signaturiX instance deployed at the client, while the corresponding private key is stored exclusively on the hardware security module (HSM) at Certum, which it never, at any stage of the process, leaves. The biometrics collected during the signature creation by signaturiX are encrypted with the public key and then, in encrypted form, inextricably linked to the document content.

 

What if someone questions the authenticity of the signature?

As with paper documents the case goes to court and the court appoints an expert who has to verify the authenticity of the signatures. The Trusted Third Party Service supports this entire process by making the signaturiX Exporter and signaturiX Analyzer software available to the court experts who act on the basis of the court order.

 

The forensic expert, after a positive verification, obtains from the Trusted Third Party a one-time access enabling the decryption of biometrics from a specific signature in a specific document. In this way, the private key (which enables the decryption of the biometrics) never leaves Certum's secure infrastructure and cannot be used again without being verified again. Furthermore, the document analysed by the expert does not have to be shared with anyone else in order to retrieve the biometric signature data from it. Once the expert has access to the requested biometrics, he can check the authenticity of the signature using his own software or by using our solution - signaturiX Analyzer.

 

signaturiX Analyzer is advanced analysis software that enables the analysis of signature biometrics. The software examines and compares changes in the following signature biometrics characteristics as a function of time:

  • position of the stylus at time x(t),y(t),
  • The pressure you place on the screen with the stylus at a given point,
  • the speed of movement of the stylus at a given point,
  • the acceleration of the stylus at a given point,
  • change in pressure at a given point.

 

This is a new quality of signing electronic documents.

Publication date: 9 December 2020
Author: Tomasz Ostaszewski
Read the next articles
Mobile
Certum
Security
Mobile
Certum
Security
Biometric signature - the future of business
Mobile
Certum
Security
Let's create a unique project together
Write to us

Xtension Sp z o.o.

ul. Opacka 12

80-338 Gdańsk

 

+48 58 351 39 66

biuro@xtension.pl

 

LinkedIn