The European Union implemented a comprehensive set of regulations (eIDAS) to govern electronic signatures in 2014. As well as giving legal status to Simple Electronic Signatures (like a basic click through for consent) the regulations also set out the requirements for Advanced Electronic Signatures which confer stronger security and greater legal status. Advanced Electronic Signatures are preferable when signing important documents.
All signatures on Agreeable.com meet the requirements for Advanced Electronic Signatures.
To create a signature request on Agreeable a user must first log in with their email credentials. Agreeable maintains a record of the email used to log in, timestamps the event, and stores the IP address of the computer used when creating this request. This information can be viewed on any document signed on Agreeable by viewing the Audit Trail of the document. The Audit Trail is stored securely on Agreeable’s servers in a Microsoft Azure data centre.
All documents signed on Agreeable are individually certified by a third party Certification Authority (CA). The CA is registered under the Adobe Approved Trust List (AATL).
After every signer has signed the document, Agreeable adds an additional signature to lock the document so that no further changes can be made.
Agreeable also adds a certification signature at the beginning of the process, allowing users to only fill in form fields (date, initials, etc) and signature boxes. This ensures that every user can only sign what they see (document contents remain the same and unchanged during the entire signing process).
All documents are converted to the industry standard PDF format. This allows Agreeable to embed within the document a version history (every signature is a version), so from Adobe Reader you can see the version every signer has signed.
Our documents have LTV "Long Term Validation" support, as we embed a certified timestamp granted by a trusted certification/timestamp authority. To open it a user simply opens the document in Adobe Acrobat and clicks on Signature Panel (the signature icon will open it). This will show the following:
- - Who created the document.
- - Who signed the document.
- - Confirmation of the embedded timestamp.
- - Confirmation that the document has all information necessary to be validated.
- - Details of all signature fields.
- - Confirmation that signatures are valid.
- - Confirmation that the document has not been modified since the signature was applied.
- - A unique identifier for the certificate and information on the Certificate Authority.
Who is our Certification Authority?
Agreeable exclusively uses Ensured Document Signing CA, a Dutch company registered on the Adobe Approved Trust List (AATL)
What secure algorithm is used for the certificate?
What does the Signature Panel look like?
Below is an example of the details contained in the Signature Panel:
What else helps confirm that the signature is in fact an Advanced Electronic Signature?
In meeting or exceeding the requirements under eIDAS, Agreeable signatures are capable of identifying if the data accompanying the message has been tampered with after being signed. If the signed data has changed, the signature is marked invalid.
All signatures have a certificate, electronic proof that confirms the identity of the signatory and links the electronic signature validation data to that person.