Among its digital signature services, Docuten allows you to use a biometric signature to sign documents from a mobile device, tablet, or smartphone, for Apple, Android and Windows platforms. This signature is similar to the handwritten signature, has full legal validity and is completely safe.
Digital signing process via mobile devices
The biometric signature is signed on the device itself, just as we would on paper. When you sign, Docuten captures the signature’s biometric strokes, and stores them encrypted securely. In this way, the signatory is identified with full guarantee.
The platform also allows for the addition of a qualified time stamp to reliably certify the time of the signature.
The signature information is stored on the PDF, and the PDF is the original electronically signed document
About the characteristics of biometric signature
1. Legal validity of biometric signature
The validity of the signature is given by storing the signature’s biometric strokes securely within the signed document:
- The biometric strokes of a signature are composed of: Speed in X, Speed in Y, Acceleration in X, Acceleration in Y, Angular Accelerations, Pressure Variation, number of strokes, order of strokes, stroke durations, etc.
This biometric data is encrypted in the application itself with the public part of an encryption key. The private part is stored by the Certification Authority or the Notary that generated it, and only upon court request is the private key used to decrypt the biometric information.
2. No Rejection
In order to guarantee the legality of the signature and avoid rejection, the following information is incorporated into the biometric signature data stored for security reasons
- Device from which the signature was made.
- Geo-location of the signature.
- Recognized time stamp , which guarantees in a reliable way to know when the signature was made.
3. Biometric Signature Format Security
The biometric signature made by Docuten, has the highest level of security.
- The final document, encrypted and signed, can never be modified . If this should be the case, the hash and digital signature would be altered and collected in the history of the document itself.
- Biometric signature data can only be accessed by those with the master certificate’s private key.
- The time stamp is included along with the biometric data proving the exact time of the signature.
- The original document to be signed is the one sent to the mobile device . No image or part of the original document is sent, the original document itself is sent to be signed.
- The signature on the tablet is done on the original document itself, which is the one that is displayed, and not on an image of the document. From a legal point of view, as on paper, it is necessary to sign on the original document.
- The mobile device app sends to the server the signed document with the biometric signature information encrypted and stored inside the signed documents, this bonding of the original document and the signature is not performed outside the tablet. In terms of security, it is very important that this process be carried out on the device itself and not separately, because otherwise it could jeopardize the access and custody of the signature made on the document.
- A forensic verification tool designed to be used by a calligraphic expert in the event of a dispute over the signed document complements the platform. Through this tool, the expert is able to discern whether or not the signature contained in the signed document belongs to the alleged signatory.
4. Biometric signature formats
The signature platform allows you to use any of the main international standards, but for the case of biometric signature it is used:
- PAdES in all its levels (Basic, Enhanced, LTV), as defined in ETSI TS 102 778.