Everything you need to know about Enadoc Evia Sign
June 27, 2023
Legality, Compliances, and Security with Enadoc Evia Sign
Evia Sign is a digital signature platform that enables users to securely send and sign electronic documents. With its intuitive user interface and smart features, the platform ensures a seamless experience throughout the process.
The purpose of this article is to highlight the key aspects of Evia Sign’s legality and compliance and cover some of the most encountered questionnaires concerning platform security. It aims to emphasize how Evia Sign is well-suited for your organization and how it maintains relevant regulations and industry standards.
Let’s get started!
Evia Sign and its compliance status
As many businesses adhere to the concept of Industry 4.0, digitalization is the new normal of the era for running day-to-day business workflows with proven records of enhanced organizational productivity and efficiency, saving money and time while going green!
Evia Sign is one such digital solution that provides advanced digital signatures, so you sign documents on the go with a seamless experience that’s also compliant and secure.
In Evia Sign, documents that have been digitally certified are those that are electronically signed using an AATL-compliant certificate.
When a document gets signed and completed using Evia Sign by all the relevant signatories, it will be sealed with a digital certificate issued by the trusted third party, “GlobalSign,” a reputed organization that serves as a custom CA (Certificate Authority), and Evia Sign is certified by them. This digital certification seals and shields the electronic document from unauthorized alterations. If any such unauthorized modifications occur to the document, employing a popular pdf tool such as Acrobat Reader will instantly detect it and alert the user.
The role of digital certificate
If your next question is, what it means to be compliant with GlobalSign’s digital certificate, we’ve got the answer ready for you!
Once you have implemented the Evia Sign digital signing solution into your existing workflows, you can conveniently obtain the digital certificate from GlobalSign (after completing the identity verification processes). The digital certificate will then seal the electronic document once it is completed with the signatures from all the signatories in the document, making it tamper-evident.
Benefits included:
- · Globally recognized and trusted source: GlobalSign is part of the Adobe Approved Trust List (AATL), which means it is a trusted Certificate Authority (CA) approved by Adobe. This makes their digital certificates automatically trusted by Adobe software, including Adobe Acrobat and Adobe Reader.
- · Create trusted digital signatures to efficiently complete routine business workflows.
- · PKI-based framework: this means that Evia Sign digital signatures can provide enhanced confidence, credibility, and preservation of document integrity and signer’s identity validation.
- · Third-Party Timestamping: GlobalSign document signing certificates ensure that all digital signatures applied incorporate a trusted RFC 3161-compliant timestamp.
Evia Sign and its PKI structure:
Evia Sign utilizes Public Key Infrastructure (PKI) technology to establish secure communication and authenticate digital transactions through public key cryptography and digital certificates.
When a document is fully signed by the relevant signatories on the Evia Sign platform, it is sealed with a GlobalSign digital certificate. This process guarantees the integrity of the signed documents, making them tamper-evident, trustworthy, and legally valid. The implementation of PKI infrastructure by Evia Sign plays a pivotal role in establishing trust and security in the e-signing process.
Multi-factor authentication of Evia Sign for enhanced security
First Factor Authentication:
This is achieved in Evia Sign in two ways:
- · User Login Credentials: This consists of the user’s login credentials validated by Evia Sign’s authentication system against the stored user data to ensure the correctness of the provided information.
- · Login via O365 account: This consists of secure integration of Evia Sign with your existing o365 account, and with the required permissions granted and successful authorization, users can directly log into Evia Sign using their O365 account.
Second Factor Authentication:
Evia Sign adds an additional layer of protection to ensure that only authorized individuals or intended signatories can access or sign the document via multi-factor authentication using OTP / Access code.
This comprises a temporary OTP generated by the system / predefined password that provides access to the document, enhancing security and mitigating the risks of unauthorized access.
In the third step of the signature request process, the setting up of the OTP / Access Code can be enabled, where the signature requester can select the signatory, set up the OTP / Access Code, and securely deliver it through a pre-defined method — SMS or email. The successful validation of the OTP serves as the second factor of authentication, further confirming the user’s identity and authorizing access to the document and sensitive action, such as placing a digital signature.
The way forward in the legality and compliance lane of Evia Sign
Evia Sign qualifies as an Advanced Electronic Signature (AES) in the three-tiered e-signature types identified by the eIDAS regulation passed by the European Commission in 2014 — Due to its incorporation of the digital certificate from GlobalSign, a trusted third-party source, within the application.
The types of e-signatures and eIDAS requirements:
Simple Electronic Signatures (SES): These signatures don’t require ID verification from the signatory. They are the most basic form of electronic signatures and provide a low level of assurance.
Advanced Electronic Signatures (AES): AES requires ID verification. It adds an extra layer of confidence by verifying the identity of the signatory and enhancing the integrity of the electronic document, making it more reliable than simple signatures. This added level of authentication and verification enhances the overall security and reliability of the signed documents, providing increased assurance to the parties involved in the transaction.
Qualified Electronic Signatures (QES): QES requires face-to-face ID verification — in person or through video chat. It provides the highest level of assurance for the signatory. However, due to the need for in-person verification, QES entails additional technical and procedural requirements to ensure its validity and reliability.
Currently, when a signatory receives a document through Evia Sign, they can conveniently sign it using the advanced electronic signature (AES) certificate provided in the Evia Sign digital platform. This streamlined process improves department-level signature workflows, enhancing the productivity and efficiency of business approval processes.
Moreover, by eliminating the risk of missed signatures and embracing a paperless approach, the overall signing experience is elevated, providing added convenience and effectiveness.
The Future Scope of Evia Sign
As a futuristic approach toward legal compliance, Evia Sign is exploring the incorporation of additional pathways for Advanced Electronic Signatures. This would involve allowing the signature requesters to specify whether signatories can use their personal certificates, such as smart cards, for signing purposes.
By offering this flexibility, Evia Sign aims to provide the signatories with more options for authentication while still maintaining compliance with legal standards.
Now that you know all about Evia Sign on legality, compliance, and security aspects, it’s time to dive into the experience it offers!
Go green with Evia Sign!
