.ID visual signature is not just a signature image pasted to your PDF file. It is actually a part of your digital identity.
Well, your digital identity is a specific certificate (X.509 standard, if it says something to you), it includes the verified data about you, and additionally, it allows any software to understand it was you who signed the document thanks to the public key stored in the certificate.
In the latest Android release, we are adding your handwritten signature data to this certificate as biometric data. We create a unique digital fingerprint from the handwritten signature and store it with the reference link as a part of your identity certificate.
Now, each time you sign the document by entering a PIN-code, we can securely attach a visual signature to the document as well.
So how does it change how we are signing the digital documents from now on and how visual signature looks like?
First of all, it changes the onboarding flow. Starting from the Android 3.1 release, we are giving our users an option to add a visual signature during account creation.
After the user has verified the email, she can now draw the handwritten signature.
And as a next step, you protect it with PIN-code. It means you do not have to scribble your signature each time. Instead, you enter your 6-digit PIN-code and it unlocks a 128-bit private key to sign the document and attach your visual signature to the document.
When you open the signed copy of the file, you can see the signatures summary page that features your visual signature.
Of course, all existing users can now create their visual signatures as well. Just head to the Digital Identity screen in your app and add the visual signature.
.ID signatures are following industry standards for digital signatures. It means that under the hood, we are using ASIC containers, to bundle together files and XML signature files (called XAdES signatures).
Each such digital signature has at least three digital fingerprints:
We are keeping all that security in place!
There’s always an ASIC container available to store those very important fingerprints to secure your digital signatures.
Just click on the Options menu in the upper right corner and you can still get that ASIC container.
It means that we are first in the world to combine the best of both worlds: security of XAdES digital signatures and ubiquity of PDF-based visual signatures into one easy-to-use combo.
And all that comes with a refreshed look of the document screen in Android and twice-reduced file size of the app, as a bonus! :)
Happy scribbling! Get the latest Android 3.1!