How do you secure an electronic signature?

How do you secure
an electronic
signature?
eSignatures &
eArchiving
11-May-21
May 11, 2021

Eric Peeters
Sales Manager @Connective
ICT Lawyer @Timelex
Speakers
Hans Graux
CEO @Xenit
Ronny Timmermans

How do you secure an electronic signature?
eSignatures & eArchiving
• Trust for content centric digital
transformation
• Digital Signature – The Legal framework
• Connective - The Solution
• How to digitally and legally sign your
documents in the Alfresco Digital Business
Platform
• Q&A
Insurance, Banking, Government, Legal are
facing a new type of risk due to changing client
expectations and an increase regulatory burden.
Agenda

All processes need to document “proof” and “agreement”
q Identity
q Authenticity
q Integrity
q Non-repudiation
Trust for content centric digital transformation
eIDAS, “Electronic Identification And Trust Services”, aims to facilitate “cross-border digital transactions
(interoperability) between citizens of the European Union, in order to stimulate economic and social
development between the participating countries”.

Identification, signatures and archiving -
A recent experience…

I WANT TO DO SOMETHING DANGEROUS…
Time to enter
the market

• It’s 2021, so app time!
• I know they allow itsme login, but
onboarding…?
• Create an account. Log on with
itsme. Share the necessary data.
Read (ahem…) the contract. Sign it
with itsme. Receive a copy via e-
mail.
• … it was done. Under two minutes.
How to open the
door

What just happened there, from a lawyer’s perspective?
• Itsme is an EU notified identification scheme under the eIDAS Regulation
• Under Belgian eID act, this allows authoritative identity data to be used, also towards
the private sector
• Unique identification via the national number, authorised under the National Register
Act
• All in compliance with KYC regulations
• Remote qualified signature created, made possible through the eIDAS Regulation
• Sealed copy sent via e-mail, also under the eIDAS Regulation
• All the pieces of the puzzle were just there, technologically and legally!

Let’s take a closer look at the
framework

The Legal Framework
IDENTIFICATION SIGNATURES
DOCUMENTS &
ARCHIVING

EU Legislation
• eIDAS Regulation: framework for
recognition of trustworthy eIDs for
eGovernment purposes – covers e.g.,
the eID card
• But it can be opened up to private
sector use too
• Unlocks a basic data set
• Combined with a risk-based approach
for KYC
Belgian Legislation Outcome
Identification
• Belgian Act on e-identification of 2017
allows recognition of private sector
identity schemes
• Itsme was recognised, and notified at
the EU level
• Trustworthy mobile eID
• Also works across borders!

EU Legislation
• eIDAS Regulation: e-signatures (for
humans) and e-seals (for companies and
processes), and of course time stamps
• Various levels of assurance, with EU level
recognition
• Made more flexible to support remote
signing, also at the highest level of
assurance (qualified signatures), or batch
signing
• Standardisation framework evolved to
match this: legal and standardised
Belgian Legislation Outcome
Signatures
• Belgian Digital Act of 2016
• Amended the Code of Economic Law
(Trust Services in chapter XII)
• Qualified Seals for e-Signatures of
representatives
• Materialisation (printing…) of e-
Signatures
• Trustworthy mobile signing
• Trustworth batch signing
• Greater flexibility

EU Legislation
• Nondiscrimination of electronic
documents in e-Commerce Directive
and in eIDAS Regulation
• No archiving or digitisation yet
Belgium Legislation Outcome
Documents & Archiving
• Digital Act also created rules for
qualified e-archiving (including
digitisation services) in 2016
• Finally, also a standardisation
framework through a Royal Decree in
2019 (based on international
standards) – now open for business!
• End to end legislation is available
• Used to have lots of exceptions, now
there are very few

Results
The technology has been there for many years
The laws and standards have caught up
The market is (nearly) complete
Is it possible? Legal? Secure? Virtually always yes – even banks are doing it for specifically strictly regulated business activities!
The best part? More and more of this is just off the shelf, at the highest level of trustworthiness!
Today is not about looking at the future, it’s looking at the present!

About Connective Digital Signature

What is Connective
eSignatures?
Connective eSignatures is a fast, user-friendly
and secure signature platform to upload, sign
and distribute digital documents. It is an end-to-
end solution that includes a wide range of
signing methods from eIDs to SMS that allows
you to configure signature flows in a few simple
clicks.

The benefits
Efficiency!
No more paper
Acceleration!
Save Time
No need to print & scan documents
anymore. Everything is digital!
Sign one or multiple documents in
just a few clicks anywhere & anytime
on the device of your choice.
Flexibility!
Anywhere. Anytime
Accelerate your business both internally
as externally. No need to chase
signatures. You have a clear overview at
any time.
Security!
Integrity first
Legal compliance!
Valid worldwide
Guarantee that your signed document
remains unchanged! Even minor altering
will be detected and will result in
invalidating the signature!
Most countries worldwide have
adopted regulations recognising the
legality of digital signatures.
User experience!
Easy as can be
Easily enhance your stakeholders’
interactions with your organisation.

WHY CHOOSE CONNECTIVE eSIGNATURES?
A wide variety of signature methods
BASIC & ADVANCED DIGITAL SIGNATURES
Belgian eID
SMS OTP
iDIN Sign
Biometric Scribble
Manual Scribble
Email OTP
itsme® QES Sign
Other Smartcards
DNI electronico Certigna certificate
Luxembourg eID
Swisscom QES
BankID SE
via OIDC
BankID NO
via OIDC
NemID via OIDC
FranceConnect
Swisscom AES
ID check via
Video
QUALIFIED DIGITAL SIGNATURES
itsme® Digital Identity
eIDAS QES

How to digitally and legally sign your
documents in the Alfresco Digital Business
Platform

The Tech Framework
IDENTIFICATION SIGNATURES
DOCUMENTS &
ARCHIVING

Xenit Connector for Alfresco
The Connective’s eSignatures functionalities can be integrated into your own web applications via the flexible and fully
functional Application Programming Interface (API). So any desired functionality can be automated in the background,
guaranteeing a seamless integration with your own customer portal.

Legal Archive
• It is all about « bewijskracht », « valeur probante », « evidential value », ..
• Relevant norms in EU
• ISO 16175-2:2011 - Guidelines and functional requirements for
digital records management systems
• CoreTrust-Seal:2018 – for thrustworthy repositories
• Nestor Seal – German standard for thrustworthy repositories
• ISO 16363:2012 - Audit and certification of trustworthy digital
repositories
• ISO 14641:2018 - Electronic document management — Design and
operation of an information system for the preservation of electronic
documents
• NF_Z_42-013 (SAE) : Norme français
TECHNOLOGY
DOCUMENTATION
PROCESS

• Restamping & Long term quality with Alfresco Health Processor (HP)
• Long term integrity of Signature needs restamping
Alfresco as a legal, long-term archive
Alfresco Health Processor :
Checks integrity of each objects
Performs restamping
SWARM health processor :
Checks digital integrity of the “File”
95%
COMPLIANT

Digital signature – Try it out
• From any device
• Chasing signature becomes obsolete
• Sign any type of documents

Thank You
Telephone: +32(0)16 891 800
Email: sales@xenit.eu
Website: www.xenit.eu
Contact Details

How do you secure an electronic signature?

More Related Content

What's hot

Similar to How do you secure an electronic signature?

More from XeniT Solutions nv

Recently uploaded

How do you secure an electronic signature?