New Android release brings visual signature into digital signatures
It’s really tough!
.ID visual signature is not just a signature image pasted to your PDF file. It is actually a part of your digital identity.
What does that even mean?
Well, your digital identity is a specific certificate (X.509 standard, if it says something to you), it includes the verified data about you, and additionally, it allows any software to understand it was you who signed the document thanks to the public key stored in the certificate.
In the latest Android release, we are adding your handwritten signature data to this certificate as biometric data. We create a unique digital fingerprint from the handwritten signature and store it with the reference link as a part of your identity certificate.
Now, each time you sign the document by entering a PIN-code, we can securely attach a visual signature to the document as well.
So how does it change how we are signing the digital documents from now on and how visual signature looks like?
First of all, it changes the onboarding flow. Starting from the Android 3.1 release, we are giving our users an option to add a visual signature during account creation.
After the user has verified the email, she can now draw the handwritten signature.
And as a next step, you protect it with PIN-code. It means you do not have to scribble your signature each time. Instead, you enter your 6-digit PIN-code and it unlocks a 128-bit private key to sign the document and attach your visual signature to the document.
When you open the signed copy of the file, you can see the signatures summary page that features your visual signature.
Of course, all existing users can now create their visual signatures as well. Just head to the Digital Identity screen in your app and add the visual signature.
And one more thing…
.ID signatures are following industry standards for digital signatures. It means that under the hood, we are using ASIC containers, to bundle together files and XML signature files (called XAdES signatures).
Each such digital signature has at least three digital fingerprints:
- One for each signed file making sure that the original document is authentic
- One for each signer making sure that signature was authentically and securely given
- One for the combination of files and signatures, making sure that the whole package was not tampered with.
We are keeping all that security in place!
There’s always an ASIC container available to store those very important fingerprints to secure your digital signatures.
Just click on the Options menu in the upper right corner and you can still get that ASIC container.
It means that we are first in the world to combine the best of both worlds: security of XAdES digital signatures and ubiquity of PDF-based visual signatures into one easy-to-use combo.
And all that comes with a refreshed look of the document screen in Android and twice-reduced file size of the app, as a bonus! :)
So to sum up, starting from Android 3.1 you can:
- add visual signature to your digital identity,
- download signed Word and PDF files with visual signatures,
- for any other file type, you can download the signature page separately for print out,
- for the whole document container, download a visual signature page that lists all the signed files and all the signers in a nicely designed PDF,
- always download the original file and original ASIC signature container.
Happy scribbling! Get the latest Android 3.1!