Closd offers “Advanced signatures” under the EU eIDAS regulation. This high level of security is attained through the following steps:
• Integrating the technologies developed by DocuSign et Certeurope, providers certified by the European Commision. On each project, users can choose between the two technologies and keep the same interface and signature workflow.
• Combining these technologies with a strong three-layer authentication.
It is also possible to type mandatory notes on a document (e.g. “read and approved”) and add instructions for the signatory.
The legal certainty of documents signed on Closd is based on a three-layer authentication process for signatories:
- Personal account protected by a secure password chosen after receiving an invitation to Closd;
- Automated ID verification: Before their first signature on Closd, signatories must upload a picture or scan of a valid ID document. Users are guided through this quick and easy process at their first log-in. This verification only has to be done only once, provided the given ID does not expire;
- One-time password sent by SMS.
This solid body of evidence prevents any subsequent dispute over the signing of a document.
An authentication certificate is issued and archived by Closd upon each ID verification and electronic signature. This document gathers all the technical information relating to the ID verification (picture, verified elements, MRZ code validity) or to the electronic signature (envelope number, signatories’ email addresses, IP addresses, time and date, technology used, etc.).
This authentication certificate is provided to users along with the original signed document. This process complies with legal requirements and ensures the validity and full probative value of the electronic signatures, while maintaining an intuitive interface and a simple user experience.
An electronic signature is composed of electronic data and leaves no graphic representation on the document. The image on the document is merely symbolic. It doesn’t matter if it doesn’t look like the signatory’s handwritten signature. Its validity and probative force lie in the digital data incorporated into the document, which guarantees both its integrity and the authentication of the signatory:
- A digital certificate provided by a trusted Certification Authority, which proves that the signatory’s identity has been verified;
- A unique fingerprint of the file that ensures that the document has not been modified since it was signed.
A PDF reader (such as Adobe Acrobat Reader) can verify the validity of an electronic signature. When the document is opened, the PDF reader automatically performs two operations:
- It calculates the document’s fingerprint to see if it matches the fingerprint of the document that was signed;
- It checks the digital certificate to ensure its validity (therefore the authentication of the signatories).
If the reader recognizes one of these elements as invalid, a message will warn the user that the electronic signature is invalid. Thus, there is no need to initial the document on each page: The electronic signature technology also plays this role.
No. Electronic signature technologies play the same role as notarial binding (thanks to the document’s digital “fingerprint”). Therefore, any modification of an electronically signed document subsequent to its signature is automatically detected by the PDF reader in which it is opened. If the document was modified, a message appears warning the user that the affixed electronic signatures are no longer valid.