emSigner 2017 Fall Release

Forums: 

Release Bulletin for emSigner Signer Gateway – 1.0.0

Published: Sept 4th 2017

 

Signer Gateway

emSigner signer gateway service to users, with signer gateway users would be able to make signatures easily. Users needed to pass signature information through https post and uploads the document to be signed.

Data received from user moves to signer gateway, where the document is opened and helps the user to sign the document and receive back signed document easily to the return URL.

This service allows performing signatures without any integration. Signer gateway supports incoming signatures and the production of a resultant signature by the gateway.

 

3. Signer gateway integration

When third party application pass signature information through https post along with authtoken, password and all other required inputs. Data that is received through https post moves to signer gateway, Signer gateway detects IP address as validation process through IP whitelisting.

IP address should be from the list of IP whitelisting provided by the user, once IP address is validated through IP whitelisting then the user can able to sign the document and receive back signed document easily to the return URL.

 

 

Signer gateway works same as like payment gateway where in all the payment information will be sent to payment gateway and payment gateway process all the payments and on success transaction acknowledges back to called application, in the similar fashion Signer gateway receives the signer data information from the host application and processes the signer request and successfully signed document shall be sent back to the called application.

Supported file types are PDF, DATA and XML.

 

3.2. Security between emSigner and third party application

3.2.1. Authtoken

emSigner authentication token is required to use emSigner API, authtoken is used for emSigner signer gateway for validating the user. To generate the authtoken you need to send an authentication request to emSigner. Only the registered user can generate authtoken. The authtoken is user-specific and is a permanent token.

On deletion, the existing token will be deleted permanently. The authtoken of a user's account will become invalid if the user is deactivated.

3.2.2. HTTPS

emSigner website uses HyperText Transfer Protocol Secure (HTTPS). Using HTTPS, the computers agree on a "code”, and then they scramble the messages using that "code" so that no one in between can read them. This keeps your information safe from hackers.

3.2.3. IP Whitelisting

emSigner is secured with IP Whitelisting. IP Whitelisting allows you to create lists of trusted IP addresses or IP ranges from which your users can access your domains.

IP Whitelist is a security feature often used for limiting and controlling access only to trusted users. Using IP Whitelisting, users can be identified by IP address.

An Internet Protocol (IP) address is an identifier (ID) for a computer. Every computer on the internet has an IP address, which is used to identify it and allow it to communicate with other computers. A computer’s IP address changes depending on where it is located.

IP Whitelisting is a way to filter which computers can interact with your computer, by listing the IP addresses of approved computers.

3.2.4. Password

For additional security of transactions, users can also protect with password protection by generating your own unique password. By handshaking between emsigner.com and your application, the application stores your passwords using strong encryption.

3.2.5. Secure Sockets Layer

emSigner create a secure link between a server and a client machine through SSL.

According to the Internet Draft of the SSL Protocol, the point of the protocol “is to provide privacy and reliability between two communicating applications.”

 

4. API Details

User consumes emSigner signer gateway API and provides all the input data to URL.

Signer gateway (Application Programming Interface) for integrating signature modules with third-party applications, portals or websites, and to customize as per your needs. With the API, you can extract signer component and develop new applications or integrate with your existing business applications. As the API is independent of programming languages.

Subscribed users needed to pass signature information through https post and uploads the document to be signed. The User data that is sent is nowhere saved on the server.

This service allows performing signatures without any integration. Signer gateway supports incoming signatures and the production of a resultant signature by the gateway.

 

5. Transaction Details

Authtoken of the user should be from the subscribed list.

When validation of counter is a success then the response will be generated or else error will be triggered.

Transaction details display on the signer gateway dashboard like counters remaining balance, counters used and transaction history can be generated.

Transaction history will have all the information like Date & Time, Authtoken, Document Name, Status, Signature Type, Error Description, IP Address and File Type.

 

6. CO-Branding

Brand your account with Configuring Themes and Logo, with your signing experience. Making it easier for users to identify documents coming from your Organization.

This update adds the ability to customize your account profile. Branding your account is an excellent way to add the look and feel of your organization’s brand.