Home>Solutions>Document Digital Signature and Encryption Automation Solution

Document Digital Signature and Encryption Automation SolutionCompletely solve the trust and security issues of the e-documents and e-contracts

1. Current e-document and e-contract solution issues

Adobe officially released PDF format files in 1992 to vigorously promote the electronization of documents. In 1999, Adobe Acrobat and Adobe Reader began to support digital signature technologies, intended to promote the credibility of electronic documents. According to the introduction on Adobe website, Electronic Signature (or e-signature) is a broad term referring to any electronic process that indicates acceptance of an agreement or a record. Typical e-signature solutions use common electronic authentication methods to verify signer identity, such as an email address, a corporate ID, or a phone PIN. If increased security is needed, multifactor authentication may be used. The best e-signature solutions demonstrate proof of signing using a secure process that includes an audit trail along with the final document.

But, if the user sets to use the graphic of the handwritten signature, electronic signature has a problem that it is impossible to verify whether the graphic of the handwritten signature is indeed the signature of the signer. The signing parties of the contract only either trust the signature graphic or verify the authenticity of the signature graphic by other means. This is the deficiency of the electronic signature.

Digital Signature is one specific type of electronic signature, which is an improved and more reliable electronic signature. Digital signature use certificate-based digital IDs to authenticate signer identity and demonstrate proof of signing by binding each signature to the document with encryption, there is no need to include an audit trail along with the final document. The signer’s identity validation occurs through trusted certificate authorities (CAs) or trust service providers (TSPs). In summary, Digital Signature is a type of certificate-based e-signature that complies with the strictest legal regulations - and provides the highest level of assurance of a signer’s identity.

At present, the most popular service providers, such as DocuSign and Adobe Sign use electronic signatures to sign the contracts online. The signing parties can complete the contract signing on the platform after finishing the email verification. But in order to ensure that the signed electronic contract files will not be tampered with, then the signed documents need to be digitally signed by the PDF signing certificate of the service provider. That is to say, the signing platform does not use the signer’s digital certificate to sign the documents. According to the electronic signature laws in some countries, electronic contracts signed with electronic signatures have legal effect. According to EU and Chinese electronic signature law, only the digital signature method has the same legal effect as the handwritten signature.

There is a document privacy issue in current e-contract signing solutions that need to be highly paid attention to as well is that currently almost all the electronic signature service providers require users to upload the user’s original document or contract to the e-signing platform. On the face of it, it facilitates users greatly, but it has risks that leaking the confidential information of the contract to the non-signatory third party.

Another issue is some service provider used the self-signed signing certificate to sign the document and contract, it will have the warning message like “At least one signature has problems” in Adobe Reader. All PDF signing certificate should be trusted in Adobe Reader so that the signature can be validated instantly by using Adobe Reader.

2. MeSign Solution Introduction

MeSign R&D team has already developed and released WoSignDoc Contract E-signature Service in 2015. At that time, we adopted the same methods as most e-signature service providers to require users to upload the original contract file to our service platform. However, as the awareness of protecting the personal privacy and business secrets of the original contract continues to increase, we think this kind of solution should be changed.

MeSign Technology have 15-year experience and development advantages in digital signature and encryption technology and have an Adobe global trusted root CA for issuing global trusted PDF signing certificates. We think the requiring users to upload the original documents to be signed to the e-signing platform exists huge document privacy issues for individual and organizations. In order to solve this security issue, MeSign Technology innovatively integrate the document digital signature service and encryption service into MeSign App (encrypted email client software), turning MeSign App software into an electronic document signing and encryption tool software. Users can use MeSign App only to complete e-document signing and e-contract signing on the user's local computer, without relying on any e-signature platform, and no need to upload the original document to be signed to the e-signature platform, so that the confidential information of user documents and contract can be reliably protected.

This innovative solution exclusively provided by MeSign Technology is precisely because the email transfer process is highly consistent and coincides with the contract signing process. From drafting the contract to agreeing to sign the contract, both signatories complete the contract signing by emails. Therefore, after the contract is finalized, initiating the contract signing and completing the contract signing in the email client - MeSign App is the perfect solution which become even more powerful. Therefore, MeSign Technology firmly believes that using the client software locally to sign documents and contracts must be the future development trend, because this solution can reliably solve document privacy issues, and can complete document signing and contract signing without relying on third-party platforms. This solution can meet the increasing demands of users who attach great importance to protecting documents and contract confidential information and also meet the demands of using the decentralized applications.

MeSignDoc services are charged value-added services provided by MeSign Technology. After user purchased these two services, all documents and contracts will be signed by the Adobe global trust PDF signing certificate to implement the digital signatures and timestamps, ensuring they are global trusted and global legal effect.

MeSignDoc services make users do not need to apply for a PDF signing certificate from CA, do not need to rely on any electronic document signing service provider. With this service, users can directly use the MeSign App on their computers to immediately sign PDF documents trusted by Adobe globally without the limits on the number of documents. Users can add digital signatures to various published PDF documents at any time to ensure that the published documents are trusted and to prevent illegal tampering and counterfeiting of the document. MeSign App also supports encrypting document when signing it with the encryption certificate of the user who has the right to read the document, ensuring that only the authorized reader can seamlessly open and view it with the Adobe Reader, and others who are not authorized cannot decrypt and read this document. MeSign makes users to complete the digital signature of the document on their computers, so that the document does not have to leave the users’ computers, ensuring the security of the confidential information of the documents.

MeSignDoc contract signing service allows users to initiate the electronic contracts signing and complete the signing of electronic contracts on their own computers without relying on any electronic contract signing service provider, including the signing of various e-commerce contracts and the signing of the employment agreement. The user completes the contract e-signing directly on his/her computer, ensuring that these important confidential contract file to be signed do not have to leave the user’s computer or the user’s internal management system, ensuring the security of the confidential information in the contracts.

The most important core point of MeSignDoc Digital Signature Service is: we provide users with a local e-signature tool (MeSign App), so that users do not need to submit the original file to be signed to the e-signing service platform to complete the e-signature, nor do they need to submit the signed PDF file to the e-signature service platform for verification. This service protects the personal privacy information and the business confidential information thoroughly. Using MeSign App to achieve full encryption and signing of electronic contracts and electronic documents has met and exceeded the requirements of the EU General Data Protection Regulation (GDPR) for the protection of user privacy information.

3. Solution Details

MeSignDoc Digital Signature Service provides three solutions as APP local signing, API call HASH signing and local deploying e-signature system for batch signing. The total three solutions can meet all kinds of electronic signature application needs of users worldwide.

(1) Using MeSign App to sign and encrypt document

MeSign App does not provide electronic signature method to sign contract that only validate the signer’s email address since we think this is not enough to validate the signer’s identity. MeSign App just provide digital signature method to sign the contract that need to validate the signer’s authentic identity. We also provide global trusted PDF document digital signature service. Users who have purchased the Document D-signature service can sign the PDF document using MeSign App, and users who have purchased the Contract E-signature service can initiate an unlimited number of contracts signing and sign the contracts.

Users do not need to apply for a PDF signature certificate from the CA, they only need to use MeSign App to sign the contract and document directly. In other words: the document to be signed does not leave the user's computer, and the digital signature is completed directly on the user's computer, without submitting the document or contract file to be signed to any e-signature platform. If you need to encrypt the document, you only need to select the user who has the right to read, MeSign App will automatically retrieve the user’s public key for encryption to encrypt this document to ensure the confidentiality of the document.

Users use the MeSign App for document signature and encryption, which not only solves the complex process issues of digital signature and encryption (no need to apply for document signing certificate and encrypting certificate), but also solves privacy protection and document security issues (no need to upload document to be signed to the e-signature platform). The signed contracts and documents completed using MeSign App all use Adobe global trusted PDF signing certificate to achieve digital signature and time stamp signature, and support Adobe Long Term Validation (LTV) function, perfect for global trust and global legal effect.

(2) Calling E-sign API for batch document signing and contract signing

In order to meet the needs of large enterprises and government agencies for the integration of electronic signature functions in internal business management systems, MeSignDoc service provide cloud E-sign API call services for users who are familiar with PDF signature programming, to achieve low-cost, fully automatic global trusted PDF files e-signature service, which is convenient for users to integrate trusted digital signatures into their business management system seamlessly and at low cost, thoroughly implement trusted paperless office and digital management, and can be used to sign e-commerce contracts and employee agreement, certification documents, press documents, etc., and can automatically send signed documents to end user using encrypted emails. Calling E-sign API service is charged per time, 100 times free for users to test API calls.

The user only needs to submit the PDF file to be signed generated by the business management system to the local E-sign API calling system, and this system generates the signing request data and post to MeSign e-Signing Service System by E-sign API to obtain the signed data with time stamp data and LTV data, then write the call-returned signed data into the PDF file to complete the digital signature. Click here for details.

(3) Deploying E-signature Box for batch document signing and contract signing

If the user does not know how to program PDF file digital signature, user needs to purchase the MeSign E-signature Box (hardware) or E-signature System (software) to deploy on the user's intranet. The user only needs to submit the PDF file generated by the business management system to the MSS. The system generates the HASH of the file to be signed, and post the HASH to the cloud E-sign API to obtain the signed data with timestamp data and LTV data, and then the system writes the returned signed data to the PDF file to complete the digital signature.

MeSign E-signature Box is a plug-and-play system, users do not need any PDF digital signature programming experience, nor need to apply for a PDF signing certificate from any CA, directly docking with business management systems to achieve the completion of PDF files digital signature, the signed PDF file Adobe global trusted and global legal effect.

MeSign E-signature Box is a hardware product with a built-in HSM card, and the private key of the PDF signing certificate is safely stored in the HSM card. If users want to deploy MeSign E-signature System and manage PDF signing certificate locally, they need to purchase HSM (Hardware Security Module) for the private key security.

MeSign Technology has spent many years in document digital signature technical research, completely solving the issues and overcame the difficulties in the current electronic signature service market. We innovatively took the lead in providing a solution that uses local client software to implement electronic contract signing without uploading the original contracts to the e-signing service platform. It effectively solves the security issues of electronic contract confidential information that users care about. The fully automatic signature and encryption of electronic documents implemented by MeSign Technology makes document signing and encryption as default options, thereby truly ensuring the trust and security of each electronic document.