Advanced Electronic Signature
An advanced electronic signature is an e-signature that specifically complies with eIDAS, an EU regulation that ensures stricter authorization methods for electronic transactions among EU member states. Compliance requires that an e-signature be linked tightly to its signatory and includes protections against tampering and fraud.
AES-256 or Advanced Encryption Standard is a symmetric key cipher used for both encoding and decoding data. It has become the industry standard for data security.
Application Programming Interface (API)
An API, or Application Programming Interface, is a set of tools operating in the background of software applications to help build and integrate services from one app to another.
Authentication is the process of verifying a user's identity by validating certain identifying documents or proving that something is true, genuine, or valid by ensuring that a document is not forged.
A biometric signature involves recording the unique pattern of an individual person's physical features, such as their retina, fingerprint, or voice.These patterns are stored and embedded in documents to verify the identity of a signatory.
Blockchain-based timestamping is an additional level of verification for documents. Transaction information is stored in the form of blocks, carrying a timestamp that records whenever a document is signed digitally.
Bulk signing is a feature that allows users to sign multiple documents at the same time. Businesses that deal with large volumes of paperwork, such as invoices or HR documents can use a bulk signing feature within a digital e-sign application.
Certificate Authority (CA)
A Certificate Authority, or CA, is a trusted entity that is widely recognized for ensuring key security and digital certificates. A CA is authorized to issue digital certificates in its region of operation by the government or regulatory authority overseeing the digital identity.
A completion certificate is created during each signing process and includes certain details like image copies of signatures, IP addresses for individual signers, times and dates of signing, and more.
Cryptography is the study of secure communication strategies that permit only senders and the intended recipients to view message contents. There are three different types of cryptography: Secret Key, Public Key, and hash functions.
Data in Transit
Data in transit refers to information (i.e. emails, text messages) flowing across public networks, such as the internet, and private networks, such as any organization network.
Decryption is the process of converting encoded or unreadable data to its original form. To decrypt data, the key used to encrypt it has to be used.
Digital Signature Certificate
Digital signature certificates are the digital equivalent of physical or paper certificates issued for identification purposes. They are issued by a Government of India-authorized Certifying Authority (CA) upon verifying one's identity.
A digital signature is a type of e-signature that contains one or more characters in digital format, representing an individual's identity in correlation with digital information of some kind. It uses the Public Key cryptography technique to provide the highest level of security.
eIDAS (Electronic Identification, Authentication, and Trust Services)
eIDAS is the EU regulation 910/2014 that replaced the eSignature directive of 1999/93/EC beginning on June 30th, 2016. It outlines specific rules for electronic identification and trust services for electronic transactions in the European market.
Electronic records store information in digital form on a computer as proof of each transaction. This recorded data can be any combination of any text, images, graphics, etc.
An e-signature, or electronic signature, is an alternative to the traditional pen and paper way of signing documents. They are digital images or symbols attached to documents and linked to a signatory.
Encryption is a method by which original information is converted into a sequence of codes so that only authorized parties can access the data.
An encryption key is usually a string of characters generated to encode or decode data. The longer the key is constructed, the harder it is to break the encryption code.
The US Electronic Signatures in Global and National Commerce (ESIGN) Act is a federal law passed in the United States that lays out guidelines for using electronic records and signatures in interstate and foreign commerce.
FIPS stands for Federal Information Processing Standards, which consists of set of standards that an organization must meet to be considered "FIPS compliant."
The General Data Protection Regulation 2016/679 is a regulation in EU law that is designed to provide citizens of Europe control over their transfer of personal data across EU countries.
A hash function is an algorithm where an input (group of characters or numerical values) is mapped to an output of fixed length.
Hardware Security Module (HSM)
An HSM is a hardware device that manages digital keys and secures cryptographic processes like the encryption and decryption of data, digital certificates, and more.
In-person Signing is a feature of some e-signature applications that enables users to get documents signed in real-time, face-to-face situations. This feature saves us from the hassle of carrying physical documents.
IT Act, 2000
The Information Technology Act of 2000 is an act of the Indian Parliament that provides legal recognition for electronic means of communication as an alternative to paper-based modes of communication.
A mobile SDK is a set of tools and programs offered to help any developer add digital signing functionalities directly to their existing app without starting from scratch.
Multi-Factor Authentication (MFA) is an authentication method where user have to provide two or more pieces of evidence or verification factors to get access to information or an application.
One-Time Password (OTP)
An OTP, or one-time password, is a password generated for any transaction from a digital device. It generally consists of a randomized numeric or alpha numeric string of characters.
Public Key Infrastructure (PKI)
Public key infrastructure, or PKI, is a framework used to manage digital signatures through encryption. Each digital transaction has two keys: A public key, which is available to all those who need to validate the signer's e-signature; and a private key, which is available only to the signer so they can e-sign the documents.
Qualified Electronic Signature (QES)
A qualified electronic signature is the highest level of compliance according to eIDAS. It involves face-to-face identity verification of signatories and a digital certificate from a Trust Service Provider (TSP).
The Registration Authority (RA) is an organization that validates a certificate request and verifies the identity of the user before the Certificate Authority issues a digital certificate.
Regulatory compliance involves a set of policies and procedures that an organization has to follow in accordance with the law in order to keep operating.
Role-based Access Control
Role-based Access Control is a method by which access will be permitted depending on the user's role within an enterprise. It helps mitigate identity-related access risks in an organization.
SignForms allow you to create on-demand, self service documents to collect signatures through a secure URL without any coding. You can create SignForms using an e-sign service and embed them in your organization's email for everyone to access.
A signature wizard is an application used for creating custom signatures. It allows you to draw or type your signature, or even upload a document containing an image of your signature.
SSL, or Secure Sockets Layer, is a type of security encryption used for securing web pages. It displays a garbled mix of characters when someone tries to obstruct the data.
Standard Electronic Signature
A standard electronic signature is a digital mark added by the signatory using a cryptographic digital signature certificate (DSC) when signing a document, thereby making it secure and tamperproof.
Tamperproof records are digital files signed by a user and registered through blockchain. Because each record contains the recipient's public key, they can prove ownership of the record without relying on the Certificate Authority.
Templates feature in many e-sign apps in order to define a common format for particular types of documents and save them for future reuse.
TLS, or Transport Layer Security, encrypts information sent over the internet to prevent hackers from seeing what you transmit. This is particularly used for ATM pins, passwords, and account numbers, but it can also be used to protect other types of sensitive information.
Trust Service Provider (TSP)
A Trust Service Provider, or TSP, is an entity that provides trust services such as timestamping, issuance of digital certificates, and validation of e-signatures. They issue certificates only after verifying the identity of the user.
Trusted Document Timestamping
Document timestamping adds a permanent timestamp to digitally signed documents as a way to prevent fraud and prove its existence at the time and date of signing, even if digital signature certificate expires.
The Uniform Electronic Transactions Act is a US law designed to remove barriers to electronic commerce. It establishes legal recognition to electronic contracts and harmonizes state laws concerning the validity of electronic signature.
A USB token houses a digital signature certificate in a password-protected USB device, so personal identity can be verified by anyone with the USB. These USB tokens are issued by a Certificate Authority.
A user interface is the sensory channel by which a user interacts with hardware devices. The ultimate goal of UI design is to make the interaction between the machine and person simple and efficient.
A wet signature is a signature made using a pen or seal for signing a document. Wet signatures are not necessarily a person's name. It can be a stamp or fingerprint marks that are used to sign a document.
Webhooks are automated notifications sent from third-party apps. They allow users to send real-time information from one application to another to create an automated workflow.