Home>Solutions>Document Digital Signature and Encryption Automation Solution

Document Digital Signature and Encryption Automation SolutionCompletely solve the trust and security issues of the e-documents and e-contracts

1. Current e-document and e-contract solution issues

Adobe officially released PDF format files in 1992 to vigorously promote the electronization of documents. In 1999, Adobe Acrobat and Adobe Reader began to support digital signature technologies, intended to promote the credibility of electronic documents. According to the introduction on Adobe website, Electronic Signature (or e-signature) is a broad term referring to any electronic process that indicates acceptance of an agreement or a record. Typical e-signature solutions use common electronic authentication methods to verify signer identity, such as an email address, a corporate ID, or a phone PIN. If increased security is needed, multifactor authentication may be used. The best e-signature solutions demonstrate proof of signing using a secure process that includes an audit trail along with the final document.

But, if the user sets to use the graphic of the handwritten signature, electronic signature has a problem that it is impossible to verify whether the graphic of the handwritten signature is indeed the signature of the signer. The signing parties of the contract only either trust the signature graphic or verify the authenticity of the signature graphic by other means. This is the deficiency of the electronic signature.

Digital Signature is one specific type of electronic signature, which is an improved and more reliable electronic signature. Digital signature use certificate-based digital IDs to authenticate signer identity and demonstrate proof of signing by binding each signature to the document with encryption, there is no need to include an audit trail along with the final document. The signer’s identity validation occurs through trusted certificate authorities (CAs) or trust service providers (TSPs). In summary, Digital Signature is a type of certificate-based e-signature that complies with the strictest legal regulations - and provides the highest level of assurance of a signer’s identity.

At present, the most popular service providers, such as DocuSign and Adobe Sign use electronic signatures to sign the contracts online. The signing parties can complete the contract signing on the platform after finishing the email verification. But in order to ensure that the signed electronic contract files will not be tampered with, then the signed documents need to be digitally signed by the PDF signing certificate of the service provider. That is to say, the signing platform does not use the signer’s digital certificate to sign the documents. According to the electronic signature laws in some countries, electronic contracts signed with electronic signatures have legal effect. According to EU and Chinese electronic signature law, only the digital signature method has the same legal effect as the handwritten signature.

There is a document privacy issue in current e-contract signing solutions that need to be highly paid attention to as well is that currently almost all the electronic signature service providers require users to upload the user’s original document or contract to the e-signing platform. On the face of it, it facilitates users greatly, but it has risks that leaking the confidential information of the contract to the non-signatory third party.

Another issue is some service provider used the self-signed signing certificate to sign the document and contract, it will have the warning message like “At least one signature has problems” in Adobe Reader. All PDF signing certificate should be trusted in Adobe Reader so that the signature can be validated instantly by using Adobe Reader.

2. MeSign Solution Introduction

MeSign R&D team has already developed and released WoSignDoc Contract E-signature Service in 2015. At that time, we adopted the same methods as most e-signature service providers to require users to upload the original contract file to our service platform. However, as the awareness of protecting the personal privacy and business secrets of the original contract continues to increase, we think this kind of solution should be changed.

MeSign Technology have 15-year experience and development advantages in digital signature and encryption technology and have an Adobe global trusted root CA for issuing global trusted PDF signing certificates. We think the requiring users to upload the original documents to be signed to the e-signing platform exists huge document privacy issues for individual and organizations. In order to solve this security issue, MeSign Technology innovatively integrate the document digital signature service and encryption service into MeSign APP (encrypted email client software), turning MeSign APP software into an electronic document signing and encryption tool software. Users can use MeSign APP only to complete e-document signing and e-contract signing on the user's local computer, without relying on any e-signature platform, and no need to upload the original document to be signed to the e-signature platform, so that the confidential information of user documents and contract can be reliably protected.

This innovative solution exclusively provided by MeSign Technology is precisely because the email transfer process is highly consistent and coincides with the contract signing process. From drafting the contract to agreeing to sign the contract, both signatories complete the contract signing by emails. Therefore, after the contract is finalized, initiating the contract signing and completing the contract signing in the email client - MeSign APP is the perfect solution which become even more powerful. Therefore, MeSign Technology firmly believes that using the client software locally to sign documents and contracts must be the future development trend, because this solution can reliably solve document privacy issues, and can complete document signing and contract signing without relying on third-party platforms. This solution can meet the increasing demands of users who attach great importance to protecting documents and contract confidential information and also meet the demands of using the decentralized applications.

Document D-signature Service and Contract E-signature Service are charged value-added services provided by MeSign Technology. After user purchased these two services, all documents and contracts will be signed by the Adobe global trust PDF signing certificate to implement the digital signatures and timestamps, ensuring they are global trusted and global legal effect.

MeSign Document e-Signature Service makes users do not need to apply for a PDF signing certificate from CA, do not need to rely on any electronic document signing service provider. With this service, users can directly use the MeSign APP on their computers to immediately sign PDF documents trusted by Adobe globally without the limits on the number of documents. Users can add digital signatures to various published PDF documents at any time to ensure that the published documents are trusted and to prevent illegal tampering and counterfeiting of the document. MeSign APP also supports encrypting document when signing it with the encryption certificate of the user who has the right to read the document, ensuring that only the authorized reader can seamlessly open and view it with the Adobe Reader, and others who are not authorized cannot decrypt and read this document. MeSign makes users to complete the digital signature of the document on their computers, so that the document does not have to leave the users’ computers, ensuring the security of the confidential information of the documents.

MeSign Contract E-signature Service allows users to initiate the electronic contracts signing and complete the signing of electronic contracts on their own computers without relying on any electronic contract signing service provider, including the signing of various e-commerce contracts and the signing of the employment agreement. The user completes the contract e-signing directly on his/her computer, ensuring that these important confidential contract file to be signed do not have to leave the user’s computer or the user’s internal management system, ensuring the security of the confidential information in the contracts.

The most important core point of MeSign Document Digital Signature Service is: we provide users with a local e-signature tool (MeSign APP), so that users do not need to submit the original file to be signed to the e-signing service platform to complete the e-signature, nor do they need to submit the signed PDF file to the e-signature service platform for verification. This service protects the personal privacy information and the business confidential information thoroughly. Using MeSign APP to achieve full encryption and signing of electronic contracts and electronic documents has met and exceeded the requirements of the EU General Data Protection Regulation (GDPR) for the protection of user privacy information.

3. Solution Details

MeSign Document Digital Signature Service provides three solutions as APP local signing, API call HASH signing and local deploying e-signature system for batch signing. We also provide the Adobe trusted PDF signature certificate that can be used to digitally sign documents using Adobe Reader. The total four solutions can meet all kinds of electronic signature application needs of users worldwide.

(1) Using MeSign APP to sign and encrypt document

MeSign APP does not provide electronic signature method to sign contract that only validate the signer’s email address since we think this is not enough to validate the signer’s identity. MeSign APP just provide digital signature method to sign the contract that need to validate the signer’s authentic identity. We also provide global trusted PDF document digital signature service. Users who have purchased the Document D-signature service can sign the PDF document using MeSign APP, and users who have purchased the Contract E-signature service can initiate an unlimited number of contracts signing and sign the contracts.

Users do not need to apply for a PDF signature certificate from the CA, they only need to use MeSign APP to sign the contract and document directly. In other words: the document to be signed does not leave the user's computer, and the digital signature is completed directly on the user's computer, without submitting the document or contract file to be signed to any e-signature platform. If you need to encrypt the document, you only need to select the user who has the right to read, MeSign APP will automatically retrieve the user’s public key for encryption to encrypt this document to ensure the confidentiality of the document.

Users use the MeSign APP for document signature and encryption, which not only solves the complex process issues of digital signature and encryption (no need to apply for document signing certificate and encrypting certificate), but also solves privacy protection and document security issues (no need to upload document to be signed to the e-signature platform). The signed contracts and documents completed using MeSign APP all use Adobe global trusted PDF signing certificate to achieve digital signature and time stamp signature, and support Adobe Long Term Validation (LTV) function, perfect for global trust and global legal effect.

(2) Calling E-sign API for batch document signing and contract signing

In order to meet the needs of large enterprises and government agencies for the integration of electronic signature functions in internal business management systems, MeSign E-Signature Service provide cloud E-sign API call services for users who are familiar with PDF signature programming, to achieve low-cost, fully automatic global trusted PDF files e-signature service, which is convenient for users to integrate trusted digital signatures into their business management system seamlessly and at low cost, thoroughly implement trusted paperless office and digital management, and can be used to sign e-commerce contracts and employee agreement, certification documents, press documents, etc., and can automatically send signed documents to end user using encrypted emails. Calling E-sign API service is charged per time, 100 times free for users to test API calls.

The user only needs to submit the PDF file to be signed generated by the business management system to the local E-sign API calling system, and this system generates the signing request data and post to MeSign e-Signing Service System by E-sign API to obtain the signed data with time stamp data and LTV data, then write the call-returned signed data into the PDF file to complete the digital signature. Click here for details.

(3) Deploying e-Signature system for batch document signing and contract signing

If the user does not know how to program PDF file digital signature, user needs to purchase the MeSign e-Signature System (MSS, software) to deploy on the user's intranet. The user only needs to submit the PDF file generated by the business management system to the MSS. The system generates the HASH of the file to be signed, and post the HASH to the cloud E-sign API to obtain the signed data with timestamp data and LTV data, and then the system writes the returned signed data to the PDF file to complete the digital signature.

MeSign e-Signature System is a plug-and-play software system, users do not need any PDF digital signature programming experience, nor need to apply for a PDF signing certificate from any CA, directly docking with business management systems to achieve the completion of PDF files digital signature, the signed PDF file Adobe global trusted and global legal effect.

Since the e-Signature System still needs to call the E-sign API for digital signature, the user still needs to purchase the E-sign API call times for the signature. Click here for details.

If users want to deploy and manage PDF signing certificate locally, they need to purchase HSM (Hardware Security Module) for the private key security, and also need to have a computer room environment and key management measures that are compatible with the secure deployment of cryptographic device, and also need to purchase MeSign e-Signature System Pro edition and charged timestamp service. This is And timestamp to call the service. This solution is not recommended, but if user is interested, please contact us.

(4) Purchase Adobe global trusted PDF Signing Certificate and use Adobe Reader to complete document digital signature

MeSign electronic signature service automatically provides users with a PDF Signing Certificates of Adobe global trusted for digitally signing PDF documents and signing electronic contracts. Users don't need to care about how to apply for the PDF signing certificates, how to manage the certificate and how to sign a document with a certificate, all are automatically done by MeSign APP.

However, if users want to have a PDF signing certificate in hand for digital signature and manually use the document signing function provided by Adobe Reader to sign PDF documents, they can purchase an Adobe global trusted PDF Signing Certificate from MeSign website. MeSign PDF Signing Certificate provides trusted assurance of authentication for electronic documents by validating author and document, click here for more details.

After successfully applying for MeSign PDF Signing Certificate, users can use the digital signature function of Adobe Reader's "Management Tool"-"Certificate" to digitally sign the PDF files, as shown in the figure below.

//英文版截图

3. Superiority Analysis

MeSign Document Digital Signature Service has the following eight unique advantages, and one of the biggest advantages is the global trust of all signed documents, and the second advantage is the protection of user privacy, not uploading the user’s document to be signed to the signature platform. Specifically:

  1. (1) Local e-signature tool
    MeSign APP, a local e-signature tool, make the two traditional paper office work - letters and documents completely paperless and trusted, and integrate e-mail signing, e-document signing and e-contract signing seamlessly into one APP, this solution perfectly meets the most office work need for office business processing and administrative offices. This perfect solution is unique in the world.
  2. (2) Global trusted e-signature
    Whether Contract E-signature service or document e-signature service, the authentic identity of each signer will be validated by trusted third-party CA in accordance with international standards and MeSign CPS. Not only is the identity of the signer trusted, but also each PDF signing certificate used for digital signatures contains signer identity information is trusted globally by Adobe.
  3. (3) E-signature is non-repudiation
    Whether Document D-signature or Contract E-signature service, users need to explicitly agree to sign when using the E-sign function of MeSign APP to sign documents and sign contracts, and the e-contract signing process control based on email transmission ensures contract e-signing process and signing behavior of the parties are auditable that each signer need to enter the consent signing password when signing. Document e-signing and contract e-signing use digital certificate signature technology and timestamp signature technology to ensure that the consent to signing behavior is non-repudiation.
  4. (4) Global legal effect
    Signed contracts and documents are digitally signed using Adobe global trusted digital certificates. According to the electronic signature laws and regulations of countries around the world, the e-contracts and e-documents signed by MeSign Digital Signature Service have legal effect in the world. At the same time, MeSign APP will automatically add the signing reason into the signed contract, clearly stating that each contract signatory acknowledges that the signed contract has legal effect. The same solution for e-document signing clearly indicates that the document e-signature complies with the relevant laws and regulations and has the same legal effect as the handwritten signature of the paper document.
  5. (5) Protection of privacy and confidentiality
    Use MeSign APP to sign e-contracts and sign e-documents, we do not submit the files to be signed to the cloud e-signing platform, all e-signing operation is done locally in MeSign APP on the user's computer, effectively protecting the personal privacy and business secret in the contracts and documents, unlike other e-signature platforms that require users upload original contract file to their e-signature platform. Similarly, we do not provide contract management and contract archiving services to protect the user’s privacy and secret in the contract. The signed contracts and documents are stored in the user’s mailbox securely and encrypted, ensuring that we don’t have the contract files and document file.
  6. (6) Read and e-signature validated
    The user has completed the e-signature verification when opening the signed PDF file for reading with Adobe Reader, and the first line of Adobe Reader will display "Signed and all signatures are valid" (signed contract) or directly display the true identity of the signer (signed document), greatly facilitates all relevant parties (document user, contract signer and relying party) to directly verify whether the signature is valid. Unlike other e-contract signing service providers that require user upload signed contract to a verification system to verify the signature to get a verification report. Our solution is not only for the convenience of users, but also for the protection of user’s contract secret that it is impossible to disclose to the e-signature platform.
  7. (7) Watermark anti-leakage protection
    When the contract is initiated, the email of the party to be signed is inserted as watermark into the contract file as an anti-screenshot and anti-photo protection, which can effectively track the path of leakage of confidential information in the contract and reduce the risk of leakage of the confidential information . This protection measure is more secure than the traditional paper contract signing, and effectively solves the risk of the paper contract information being leaked by photocopying. Watermark protection can also be selected for encrypted documents to prevent illegal screenshots and photos from being leaked.
  8. (8) Automatic configuration of signing certificate
    Digital certificate signature technology is used to sign PDF files, but users do not need to apply for a PDF signing certificate from CA. They only need to use the MeSign APP to automatically complete the digital signature of contracts and documents. MeSign APP will automatically configure a signing certificate for each user for digital signature. The signed documents and contracts are countersigned with Adobe trusted timestamp signature, proving the signing time credibility of each contract and document signature, and supporting Adobe LTV (Long Term Validity) to ensure that the signature of the signed contracts and documents are still valid for a long time even if the signing certificate expires.

4. Service Introduction

MeSign fully automatic document signature and encryption solution provides two main services to global users: Global trusted Document D-signature Service and Global legal effect Contract E-signature Service. Users purchased the Document e-Signature Service and the Contract E-signature Service must submit the identity validation proof documents because the users who purchase these two services will be auto-configured the Adobe global trusted PDF signing certificate for free. Users need to complete the identity validation if they want to apply these PDF signing certificate according Adobe policy and related standards. The details of these two services includes:

4.1 Document e-Signature Service provides the following 11 services and functions:

  1. (1) Auto-configure Adobe global trusted PDF signing certificate.
  2. (2) Use MeSign APP to digitally sign an unlimited numbers of PDF documents.
  3. (3) Signed documents can be opened and automatically validated by Adobe Reader, which will show the “Signature is valid” and users do not need to validate the signature on another signature verification platform additionally.
  4. (4) Allow users to upload the picture of their handwritten signature and organization’s seal to system, but MeSign do not verify whether the pictures the users uploaded to the system are correct or not. We will display the validated identity information of users below the signature picture to remind users or other relay parties to check whether the signature pictures or seals are correct.
  5. (5) Adopt certifying signature to achieve document signature. After the document has been signed, the document will be locked automatically. Open it by Adobe Reader will show the identity information of the signer at the top of the Adobe Reader.
  6. (6) Support multiple signatures for one document, the second and the following signature all adopt approval signature to achieve signature.
  7. (7) Every signed document supports LTV (Long Term Validation) feature, to ensure the signature of the document is validated for a long time even the signing certificate is expired.
  8. (8) Every signed document will have a timestamp signature automatically, and the timestamp signature is Adobe global trusted.
  9. (9) Support co-signing function, allowing multiple organizations achieve co-signing by co-signing process. Co-signing process control is same to the contract signing process control.
  10. (10) Users can select whether to encrypt this document when signing it, they only need to select the authorized reader from the contacts, and MeSign APP will automatically obtain the public keys of the encrypting certificate to encrypt the document. Therefore, only the authorized users can read this encrypted document seamlessly.
  11. (11) MeSign APP provides the log of the document signing, and users can check the e-seal or e-signature usage by logging into their MeSign account.

4.2 Contract E-signature Service provide the following 14 services and functions:

  1. (1) Auto-configure Adobe global trusted PDF signing certificate.
  2. (2) Auto-generate the trusted e-Seal or e-Signature used for document stamping or signature, there are one e-signature for individual and six e-seals/e-signature for organization, and there is no limit on the number of the employees who can be authorized to using the e-Seals or e-Signature. In addition, the e-Seal administrator can authorize or unauthorize the employees to use the e-Seal or e-Signature by logging into MeSign account at any time.
  3. (3) Use MeSign APP to initiate unlimited contract signing.
  4. (4) The signing behavior confirmation and agree-to-sign process control service, and the user need to enter the agree-to-sign password every time they agree to sign the contract.
  5. (5) The contract initiator is responsible for setting up the position of the e-Seal or e-Signature for each signer.
  6. (6) The contract signing process is transferred by encrypted email.
  7. (7) The identity validation service of every contract signatory.
  8. (8) The agree-to-sign process control and the contract signing process.
  9. (9) All the contract signatories keep the copy of the signed documents with watermark to avoid being leaked by screenshots and photographs.
  10. (10) Auto-apply the PDF signing certificate for all contract signatories.
  11. (11) Auto-generate the trusted e-seals and e-signature for all contract signatories for free.
  12. (12) Adobe global trusted timestamping service for Contract E-signature service.
  13. (13) Send the copies of the signed documents to all contract signatories after completing the contract signing.
  14. (14) Generate the audit report of the contract signing process after finishing the signing and MeSign APP provides log service of the contract signing and the usage of the e-seal and e-signature.

5. Summary

MeSign Technology has spent many years in digital signature technical research, completely solving the issues and overcame the difficulties in the current electronic signature service market. We innovatively took the lead in providing a solution that uses local client software to implement electronic contract signing without uploading the original contracts to the e-signing service platform. It effectively solves the security issues of electronic contract confidential information that users care about. The fully automatic signature and encryption of electronic documents implemented by MeSign Technology makes document signing and encryption as default options, thereby truly ensuring the trust and security of each electronic document.