When you’re a regular reader of the TrustCubes blog or if you’ve appreciated the corporate vision of the company then you’ll know that we stand for identity and automation. We want to create Trust online. We want to improve todays ecosystem and better it for all organisations, users and relying parties operating within today’s connected online environment. We want to enable applications to benefit from extra identity layers that help end users understand with whom they are communicating and transacting.

When it comes to Document Signing we have exactly the same vision. We want to see strong identities being used in Document Signing. Many companies today have transformed many of their business processes from manual paperwork to digital document workflows. However, when the document needs to be signed by someone of authority, we still see companies printing, signing, scanning and emailing/Dropboxing. Regardless of their digital transformation maturity they are still following manual processes as paper is printed, stored and then often send via snail mail because the only legal version of the document is the one that includes all wet ink signatures.

To help solve this problem Europe took the lead and defined EIDAS where qualified digital certificates are seen as the legal equivalent of wet ink signature. Thanks to EIDAS we can now imagine automating the document signing process.

For business to business (B2B) workflows this system works most of the time. Companies purchase Qualified or Advanced AATL certificates issued by approved CAs (Certificate Authorities) for their employees. The CA validates the company information and in the case of qualified certificate also the complete Identity of the signer (such as via face to face validation and verification of the national identity card). This process can take several weeks depending on the CA. I say most of the time, because quite often this system still isn’t working. One such example is that the company might use specific signing software that doesn’t support all certificates CAs.

Unfortunately for business to consumer (B2C) workflows this system rarely works at all. As a fall back we tend to rely on electronic signatures, rather than digital signatures, which capture a signature of sorts but do not provide the identity proof of who the signature is there represent. In some workflows we also see customers being asked to visit an office or take a digital workflow back to paper based just to obtain a signature. The result is that all the advancements we’ve made in digital communications and transactions mean nothing when revert to paper based audit trails because we can’t provide the necessary levels of identity assurance.

Additionally the cost to a consumer to obtain an Advanced AATL certificate is around EUR 250, and the average issuance time is around one week. Let’s imagine a digital signature is needed for a bank loan, it starts to become unreasonable to think that a consumer would pay EUR 250 and wait another week just to digitally sign an agreement from her bank.

At Trustcubes we changed this system to make use of strong identity assurance more accessible to both B2B and B2C. Instead of expecting users to purchase and subsequently manage digital certificates, instead we use strong identities like eID and BankID (amongst others).



How does it work?

The user will simply login using a strong identity he already possesses today. (BankID, eID, Nemid, Itsme, etc). The Identity of the user is now verified and the identity information is captured. That identity information is then embedded within the document before it’s sealed digitally using an X.509 Qualified seal.

Whereas there are some other providers that use their local national eID to embed identity information within the signed document, no-one can offer the breadth of strong identity support available through TrustCubes. Because we connected the Customer IAM functionality of Ubisecure to the signing solution, we currently support over 10 different integrations.

To give a quick example. Using the TrustCubes solution I can sign a contract in the UK using my qualified digital certificate (because I took the time to obtain one!) and then send it for countersignature to my customers across Europe. It doesn’t matter that my customers do not have qualified digital certificates. My Belgian customers will sign with their eID or their itsme app, My Swedish customers will use their bankID, my Danish customers their NemID. There are no more delays or purchase costs for these digital certificates. The document is completely legal according the EIDAS regulation.

We can finally digitalize the complete document Signing process for both B2B and B2C with an high assurance of who signed the document. What an exciting time!