At present, the paperless office almost has been implemented in government agencies and large enterprises. The invoice and various types of documents have already gone paperless, even the signing of paper contracts is rapidly spreading to the signing of electronic contracts. Most countries government is vigorously promoting and popularizing the e-government service for all services, enterprises of all sizes are also building and improving various management systems to be paperless. However, if there is no digital signature for the e-documents or e-contracts, then we cannot guarantee the e-documents are trusted and cannot guarantee that they haven’t been tampered with or haven’t been counterfeited illegally, then the legal effect of the e-documents and e-contract cannot be guaranteed.
In other words, currently the only thing needs to do for the paperless transformation is to make the paperless trusted and secure. To make the e-documents generated by management systems be trusted, the e-documents should have a digital signature. However, in order to digitally sign the e-documents, users must apply for a PDF signing certificate from a CA and purchase a cryptographic hardware security module (HSM) in accordance with the Adobe technical requirements to ensure the security of the signing certificate, and it is necessary to provide a secure infrastructure for HSM and the corresponding security control measures, etc.
In addition, it is also needs the engineers who knows how to generate the HASH of the PDF file to be signed, how to use the signing certificate to sign the HASH, how to call the timestamp service to obtain the timestamp signature that need to purchase the timestamp call service, and how to call the certificate revocation list data to obtain LTV data to ensure the long term validation of the signature and so on. Therefore, it is not an easy task to achieve a digital signature for a trusted paperless of the e-document. This is why you can see too many e-documents don’t have digital signature.
Users can use MeSign App to digitally sign the e-documents and the e-contracts manually, but for large enterprises including government agencies and public institutions, they have a large number of documents or contracts need to be signed every day and they require to integrate the digital signature into the management systems to achieve fully automatic e-document signing and e-contract signing.
For this requirement, MeSign Technology provide E-sign API Call service, so that users do not need to apply for a PDF signing certificate from a CA, do not need to purchase expensive HSM, do not need to upgrade their existing infrastructures, do not need to understand how to digitally sign PDF file using the signing certificate, do not need to purchase timestamping service and do not need to know how to obtain the LTV data. What they only need to do is to generate the HASH of PDF file to be signed, and call E-sign API Call services to automatically return the signed data including the file signature data, timestamp signature data and LTV data, then write the returned signed data into the PDF file according to the PDF signature standards to complete the document signature.
The E-sign API is responsible to get your HASH data signed, it doesn’t care about the HASH is for document or contract. To sign an electronic contract, you need to call the signer's identity authentication interface and signing process control interface.
To implement digital signing for e-documents or e-contracts, users need to have the PDF file signature programming capabilities to interface with E-sign API, must know how to generate the HASH of the PDF file to be signed, and know how to write the returned signed data into the PDF file. If the user does not have these PDF file signature programming capabilities or want to fast deploy e-signature service, user can purchase MeSign e-Signing Agent System (software), as shown in the below diagram.
The business management systems locally dock to the MeSign e-Signing Agent system. It only needs to post the PDF file to be signed generated by the management system to the e-Signing Agent. The e-Signing Agent is responsible for generating the signing request data and post it to E-sign API to get the signed data, then the e-Signing Agent system will write the returned signed data to the PDF file to complete the PDF file signing, and finally return the signed PDF file to the business management system. The deployment of the e-Signing Agent System software is still to call the E-sign API, and the user still needs to purchase the E-sign API call times. The only difference is that the user does not understand the PDF signature programming and can directly send the PDF file to the e-Signature Agent System locally.
Deploying the e-Signing Agent System to dock business management system can not only complete the digitally signing e-documents automatically, such as the signing of the organization’s official announcements, internal or external publications, but also can complete the digitally signing e-contracts automatically including the signing of electronic employment agreement, to fully realize the trusted paperless application of all types of e-documents involved in the enterprise’s business management. All signed contracts and e-documents have global legal effect and global trusted by Adobe.
Please note that MeSign e-Signing Agent system only post the HASH of the original document to be signed to MeSign e-Signing Service in the cloud to protect the personal privacy and business secrets. It is because we always take the protection of our users’ confidential information as the top priority of all solutions. This is also the privacy protection bottom line we set for all solutions, which makes our document e-signing services and contract e-signature services different from our competitors.
If you want to host and manage the Signing Certificate locally, you can purchase MeSign E-signature Box (hardware), click here for more details.