Advanced Electronic Signature
An advanced electronic signature is an e-signature that specifically complies with eIDAS, an EU regulation that ensures stricter authorization methods for electronic transactions among EU member states. Compliance requires that an e-signature be linked tightly to its signatory and includes protections against tampering and fraud.
AES-256 or Advanced Encryption Standard is a symmetric key cipher used for both encoding and decoding data. It has become the industry standard for data security.
Application Programming Interface (API)
An API, or Application Programming Interface, is a set of tools operating in the background of software applications to help build and integrate services from one app to another.
Authentication is the process of verifying a user's identity by validating certain identifying documents or proving that something is true, genuine, or valid by ensuring that a document is not forged.
A Government of India-prescribed method to sign documents digitally, which has the equivalent legal validity of a handwritten signature.
A chronological record containing the history and details of a given operation. It is used to verify operations, and serve as evidence in case of suspicious activities.
A biometric signature involves recording the unique pattern of an individual person's physical features, such as their retina, fingerprint, or voice.These patterns are stored and embedded in documents to verify the identity of a signatory.
Blockchain-based timestamping is an additional level of verification for documents. Transaction information is stored in the form of blocks, carrying a timestamp that records whenever a document is signed digitally.
Bulk signing is a feature that allows users to sign multiple documents at the same time. Businesses that deal with large volumes of paperwork, such as invoices or HR documents can use a bulk signing feature within a digital e-sign application.
Certificate Authority (CA)
A Certificate Authority, or CA, is a trusted entity that is widely recognized for ensuring key security and digital certificates. A CA is authorized to issue digital certificates in its region of operation by the government or regulatory authority overseeing the digital identity.
A completion certificate is created during each signing process and includes certain details like image copies of signatures, IP addresses for individual signers, times and dates of signing, and more.
Cryptography is the study of secure communication strategies that permit only senders and the intended recipients to view message contents. There are three different types of cryptography: Secret Key, Public Key, and hash functions.
A server-provided address to which any user can post data—as long as they have an internet connection. A callback URL can also be used to give directions to the system on where (webpage or other location) a trigger should be sent.
A comma-separated values (CSV) file is a text file containing data separated by commas. This type of file is most frequently found in spreadsheets and databases, where it is used to move data between programs.
Data in Transit
Data in transit refers to information (i.e. emails, text messages) flowing across public networks, such as the internet, and private networks, such as any organization network.
Decryption is the process of converting encoded or unreadable data to its original form. To decrypt data, the key used to encrypt it has to be used.
Digital Signature Certificate
Digital signature certificates are the digital equivalent of physical or paper certificates issued for identification purposes. They are issued by a Government of India-authorized Certifying Authority (CA) upon verifying one's identity.
A digital signature is a type of e-signature that contains one or more characters in digital format, representing an individual's identity in correlation with digital information of some kind. It uses the Public Key cryptography technique to provide the highest level of security.
DomainKeys Identified Mail (DKIM) is an email authentication method that helps companies take responsibility for their messages during transit. Mailbox providers can check the source of each message using cryptographic techniques.
eIDAS (Electronic Identification, Authentication, and Trust Services)
eIDAS is the EU regulation 910/2014 that replaced the eSignature directive of 1999/93/EC beginning on June 30th, 2016. It outlines specific rules for electronic identification and trust services for electronic transactions in the European market.
Electronic records store information in digital form on a computer as proof of each transaction. This recorded data can be any combination of any text, images, graphics, etc.
An e-signature, or electronic signature, is an alternative to the traditional pen and paper way of signing documents. They are digital images or symbols attached to documents and linked to a signatory.
Encryption is a method by which original information is converted into a sequence of codes so that only authorized parties can access the data.
An encryption key is usually a string of characters generated to encode or decode data. The longer the key is constructed, the harder it is to break the encryption code.
The US Electronic Signatures in Global and National Commerce (ESIGN) Act is a federal law passed in the United States that lays out guidelines for using electronic records and signatures in interstate and foreign commerce.
Email bounce notifications
Email notifications received by a sender when an email they sent from the app is not delivered to end users.
FIPS stands for Federal Information Processing Standards, which consists of set of standards that an organization must meet to be considered "FIPS compliant."
The General Data Protection Regulation 2016/679 is a regulation in EU law that is designed to provide citizens of Europe control over their transfer of personal data across EU countries.
A hash function is an algorithm where an input (group of characters or numerical values) is mapped to an output of fixed length.
Hardware Security Module (HSM)
An HSM is a hardware device that manages digital keys and secures cryptographic processes like the encryption and decryption of data, digital certificates, and more.
In-person Signing is a feature of some e-signature applications that enables users to get documents signed in real-time, face-to-face situations. This feature saves us from the hassle of carrying physical documents.
IT Act, 2000
The Information Technology Act of 2000 is an act of the Indian Parliament that provides legal recognition for electronic means of communication as an alternative to paper-based modes of communication.
Legally binding contracts
Agreements between two or more parties that are legally enforceable and legitimate under federal and state contract laws.
A mobile SDK is a set of tools and programs offered to help any developer add digital signing functionalities directly to their existing app without starting from scratch.
Multi-Factor Authentication (MFA) is an authentication method where user have to provide two or more pieces of evidence or verification factors to get access to information or an application.
One-Time Password (OTP)
An OTP, or one-time password, is a password generated for any transaction from a digital device. It generally consists of a randomized numeric or alpha numeric string of characters.
An open-source standard format for blockchain timestamping. It is feasible to establish and verify the existence of documents without relying on a third party, with the introduction of systems like bitcoin, ethereum, and litecoin.
A process that involves downloading documents for offline access when there is no internet connection available. Field agents from your organization will collect signatures in person from signers in remote locations.
Public Key Infrastructure (PKI)
Public key infrastructure, or PKI, is a framework used to manage digital signatures through encryption. Each digital transaction has two keys: A public key, which is available to all those who need to validate the signer's e-signature; and a private key, which is available only to the signer so they can e-sign the documents.
Postman API collection
Postman is an API platform to build and test APIs. With the postman API collection, developers can build and test API queries in real time using the documentation and tools supplied by software vendors.
Qualified Electronic Signature (QES)
A qualified electronic signature is the highest level of compliance according to eIDAS. It involves face-to-face identity verification of signatories and a digital certificate from a Trust Service Provider (TSP).
Qualified signature creation device
The qualified signature creation device (QSCD) qualifies digital signatures via software and hardware, allows signers to control their private key, and ensures signature creation data is generated and managed by an authorised trust service provider.
The Registration Authority (RA) is an organization that validates a certificate request and verifies the identity of the user before the Certificate Authority issues a digital certificate.
Regulatory compliance involves a set of policies and procedures that an organization has to follow in accordance with the law in order to keep operating.
Role-based Access Control
Role-based Access Control is a method by which access will be permitted depending on the user's role within an enterprise. It helps mitigate identity-related access risks in an organization.
In the context of eSign, rebranding refers to maintaining brand identity while documents are being signed. Brand identity can be strengthened by assuring signers that documents were sent directly from the company.
Allows users to create a field with numerous visible alternatives, from which signers can select only one.
SignForms allow you to create on-demand, self service documents to collect signatures through a secure URL without any coding. You can create SignForms using an e-sign service and embed them in your organization's email for everyone to access.
A signature wizard is an application used for creating custom signatures. It allows you to draw or type your signature, or even upload a document containing an image of your signature.
SSL, or Secure Sockets Layer, is a type of security encryption used for securing web pages. It displays a garbled mix of characters when someone tries to obstruct the data.
Standard Electronic Signature
A standard electronic signature is a digital mark added by the signatory using a cryptographic digital signature certificate (DSC) when signing a document, thereby making it secure and tamperproof.
Software development kit (SDK)
A collection of software tools and programs developers can use to create applications for certain platforms. SDKs are made by hardware and software providers to help developers integrate their apps with other services.
Fields that allow signers to add an image or company stamp to a document. This helps signers reinforce their authority as an individual or as a signatory on behalf of an organization.
Tamperproof records are digital files signed by a user and registered through blockchain. Because each record contains the recipient's public key, they can prove ownership of the record without relying on the Certificate Authority.
Templates feature in many e-sign apps in order to define a common format for particular types of documents and save them for future reuse.
TLS, or Transport Layer Security, encrypts information sent over the internet to prevent hackers from seeing what you transmit. This is particularly used for ATM pins, passwords, and account numbers, but it can also be used to protect other types of sensitive information.
Trust Service Provider (TSP)
A Trust Service Provider, or TSP, is an entity that provides trust services such as timestamping, issuance of digital certificates, and validation of e-signatures. They issue certificates only after verifying the identity of the user.
Trusted Document Timestamping
Document timestamping adds a permanent timestamp to digitally signed documents as a way to prevent fraud and prove its existence at the time and date of signing, even if digital signature certificate expires.
The Uniform Electronic Transactions Act is a US law designed to remove barriers to electronic commerce. It establishes legal recognition to electronic contracts and harmonizes state laws concerning the validity of electronic signature.
A USB token houses a digital signature certificate in a password-protected USB device, so personal identity can be verified by anyone with the USB. These USB tokens are issued by a Certificate Authority.
A user interface is the sensory channel by which a user interacts with hardware devices. The ultimate goal of UI design is to make the interaction between the machine and person simple and efficient.
A Qualified Trust Service Provider in the European Union that allows users to sign documents through a qualified electronic signature (QES), which meets the legal standards of eIDAS and is owned by parent company, Bit4id.
Vernacular signing experience
The ability to select a specific language for communication emails and the signing interface for each recipient from a list of supported languages. The language can be set when you configure a sign workflow.
A temporary, random 16-digit number that is linked to the Aadhaar number issued by the Government of India. When performing authentication or e-KYC services, VID can be utilised instead of an Aadhaar number.
A wet signature is a signature made using a pen or seal for signing a document. Wet signatures are not necessarily a person's name. It can be a stamp or fingerprint marks that are used to sign a document.
Webhooks are automated notifications sent from third-party apps. They allow users to send real-time information from one application to another to create an automated workflow.