With this post we would like to inform about the official end-of-life of Wacom STU-300 and Wacom STU-500 products. The new successor products are STU-430 & STU-530.


Wacom STU-430
The STU-430 is a full-featured, monochrome signature pad with a new thin design and a low-profile, flat surface. The 4.5’’ screen is large enough to capture longer signatures as well as to accommodate soft buttons in addition to the signature area. The transflective LCD is easily readable in varying light conditions.



Wacom STU-530
The STU-530 features a 5″ high-quality, high-resolution color LCD screen providing ample space for both signatures and promotional messages. It offers a very comfortable signing experience with an improved, thin design and a low-profile, flat surface. The large, vibrant screen makes it ideal for businesses wanting to utilize the signature pad for advertising, promotions or branding while it is awaiting the next signature.


For further product information please visit our website at: https://www.xyzmo.com/e-signature-products/devicesoverview

This series of posts will help you to understand what a remote online e-signing solution needs to provide. This is post 3/5.

3 Authentication Methods

To protect a document (envelope) from unauthorized remote access via the web, it is critical that the online e-signature solution first authenticates accessing users. Especially in scenarios where you cannot capture a forensically identifiable signature from the signer (e.g., when using HTML5 signatures—see Section 4.1), these methods then also serve the purpose of reliably identifying the signer. Logging the executed authentication into the secure audit trail of the then signed document eventually enables you to reliably prove that only the previously identified user was able to actually sign the document in question.

3.1 Email-only authentication

This scenario is typically suited to non-business-critical documents for which you want to make signing as easy as possible. You simply send the link to the inbox of the recipient; no further authentication is necessary. In case of a dispute, you can prove with the audit trail that you sent the document to a specific email address, and often you have the IP-address of the computer and geolocation as well, if the recipient did not explicitly block it.

All of the following authentication methods start with this scenario and add additional authentication steps. Although arguably not quite as robust as a full biometric signature, each additional step below adds a little bit more evidential weight in case of dispute (more than enough for many use cases).

3.2 Recipients required to enter an access code before they can view the documents

In addition to the above, you can present the recipient with a security request page and require entry of a code to access the documents for viewing and signing. After the access code has been entered correctly, the recipient is led through the normal signing process. The access code is not sent in the same email that includes the link, as this would make it totally unsecure. Typically, the code is not even sent by email at all, but instead is communicated via another channel such as by phone. To have a code that works for a longer time, you can choose to have the access code agreed upon between the parties in a separate process.

The value of this is in case of a dispute: The sender can prove that the signer must have had access to the access code in order to sign the document.

3.3 Leveraging trusted authentication models that you already have in place

Some businesses have customer portals or other software already in place and the user is identified by such systems. Let’s assume the user is within a banking application where he/she manages all his/her transactions. If the user has to sign a document and has already been properly authenticated, then there may be no need for further authentication. But the proof of authentication has to be included in the audit trail in any case.

Another scenario is one in which the recipient already uses a secure authentication method (e.g., a token) for other purposes and this infrastructure is repurposed to authenticate him/her for document signing. As above, the authentication process must be included in the audit trail of the signed document.

3.4 Using social networking IDs such as Facebook login

With this scenario, popular social networking sites are used for authentication. Most of them provide services to allow third-party applications to authenticate users. The quality of this authentication depends very much on the quality of the social network profile that is used for authentication. In addition, the quality and amount of the data that you receive about the user from the social network for the audit trail has to be considered as this can be restricted to very basic information types.

3.5 Sending an SMS with a one-time password to the signer’s mobile phone

This authentication method capitalizes on the fact that mobile devices provide, worldwide, a very good means of identification for their owners. Many people carry mobile phones throughout the day and have them within reach at all times. The mobile telephone number is a strong identifier for the owner. This is why many banking and other applications already use this method for online transactions.

Additional security can be added if the one-time password is time-limited, e.g., if the recipient has to enter it within the next 5 minutes. Another consideration is whether the one-time password should be valid only for one signature or for the entire document/envelope. In addition, it’s recommended to include a unique identifier for the transaction in the SMS sent to the recipient together with the one-time password. This unique identifier should also be displayed in the security dialogue where the recipient has to enter the password, to allow him/her to prove that the password is for this transaction alone and not for another.

All of these messages must form part of a proper audit trail for the purpose of being able to prove everything that has been exchanged in the case of a dispute.

It’s worth considering how the sender should be able to handle and define the one-time password settings. There are three main options to select from here:

  1. The recipient can enter his/her mobile phone number themself. Clearly this is convenient for both the sender and the recipient, but it invites potential misuse by the recipient.
  2. The sender defines in advance which mobile number has to be used and the recipient cannot change that. This scenario is very common as it adds considerable security to the process.
  3. Finally there are scenarios where both parties—recipient and sender (e.g., a sales employee)—should have no chance to define (change) the mobile number for the recipients and often do not even see them. In this scenario, the sender can only select the recipient from a list of names. The mobile numbers are stored in a central place and cannot be adjusted by the sender. This can even be taken a step further with an upstream process in which the recipient agrees in writing that, in the future, a one-time password sent to his predefined mobile number can be used as an equivalent to his signature.

Certain countries assign the same legal value to a proper implementation of this method—or special, country-specific versions of it in conjunction with certificate-based signatures (see Section 1.1)—as a handwritten wet-ink signature, an example being “Handy-Signatur” in Austria.

3.6 Authentication with national identity cards or passports

Many countries supply their citizens with electronic identity (eID) cards that provide the machine-readable travel document functionality specified by the International Civil Aviation Organization (ICAO). In Europe, most ID cards are based on the European Citizen Card (ECC) specification and not only print the cardholder’s personal data (e.g., name, date and place of birth, nationality) on the face of the card, but also store the data in the integrated chip. Cardholders can use this eID function to carry out legally recognized transactions with public authorities and private companies via the internet.

Germany’s new identity card (nPA), for instance, achieves access control of the personal data stored on the card through a Password-Authenticated Connection Establishment (PACE) protocol and Extended Access Control (EAC). The PACE protocol performs user authentication using a Personal Identification Number (PIN) and establishes a secure connection between the ID card and the card reader to protect the communication across the contactless interface. The cardholder gives his/her consent for card access by entering the PIN.

3.7 Authentication and signing with third-party digital certificates

In cases where the recipient already has in place a Public Key Infrastructure with personal digital signing certificates (“PKI”, for example on smart cards, USB-tokens, purely as software on computers), this certificate can be used not only to authenticate the signer, but also to digitally sign the document. Most often, it is simply an attempt to reuse the existing PKI infrastructure, which was in place for other purposes. This allows you to take advantage of the existing certificate and use it for the digital signing of the document.

Some national identity cards even go beyond the pure eID function and also directly provide the function of using it to execute a qualified electronic signature (QES). Although, theoretically, this is a great way to reuse infrastructure that is already in place, market penetration and user acceptance is often problematic, as described in Section 1.1.

… read more next week.

DocuSign Acquires ARX

March 11th, 2015

SAN FRANCISC, March 11, 2015 – DocuSign, Inc. (DocuSign®) announced its acquisition of Algorithmic Research, Ltd. (ARX). The acquisition builds on a three year business partnership between DocuSign and ARX, bringing together ARX’s CoSign digital signature technology with DocuSign’s Digital Transaction Management (DTM) platform. No financial details about the deal were disclosed but Israeli newspapers estimate DocuSign is paying $30-50 million.

Way back in 1997, ARX was sold already once to Cylink for $83 million. But Cylink did not survive the dot.com bubble and fell back into the hands of its management and employees in a buyout. Since then the company has focused on digital signature solutions.

Gerald Cäsar“This continues DocuSign’s strategy of buying market share in the e-signature market,” stated Gerald Cäsar, xyzmo owner and CEO. “Already in the last years, DocuSign primarily tried to win market share with very high marketing expenses, assuming that the competition did not have the money to match these expenses. With the backing of large investors, that assumption proved to be right. For many years for 1 USD revenue, DocuSign invested close to 1 USD in sales and marketing.

This new acquisition of ARX fits very well into its strategy to dominate the e-signature market using money. The rationale is that customers want to make a safe decision and buy from the largest company. Many of them will not realize initially that the company uses proprietary standards and that they have to pay for these high marketing and acquisition costs to enable a decent exit for the current DocuSign investors.

This is unlike xyzmo, which does not try to force its standards on its clients. It has based its technology on the most widely approved international open standards, like the ISO PDF standard and true digital signatures, and it does not use proprietary e-signature technology. You do not need to be a xyzmo customer or visit xyzmo’s website to check the validity of your documents. This is fundamentally different from DocuSign. There you are very much dependent on the vendor: your e-signature is valid only as long as you keep paying. But you need to have evidence that can’t expire, and that requires a method of verification that’s independent of the e-signature vendor.”

Page 19 of 218« First...10...1718192021...304050...Last »