Signing

Signed statement

1753 views May 2, 2019 May 10, 2020 4

Signicat Signature with signed statement enables the end-user to use a supported ID method to digitally sign a short text statement. The statement expresses the end-user’s consent for the contents of one or several separate documents to be signed, and is constructed in such a way as to include the description of the documents or their title. The end-user only needs to sign once, regardless of the number of documents.

For ID solutions that support non-visible properties as part of the data to be signed, a data structure containing cryptographic digests of the documents to be signed is also included. This further enhances the connection between the documents to be signed and the signed statement.

The signed statement, as well as each original document, audit trails, and other evidence collected during the signing ceremony, is combined into an LTV-SDO (long-term validation signed data object) which is then digitally sealed by Signicat. One LTV-SDO is created for each original document.

Please refer to our documentation on Signed statement signing orders for information on creating a signed statement signing order.

End-user experience

From the end-user’s perspective, providing a signed statement is not much different from signing a document. The documents can be viewed as usual in Signicat’s document presenter; the only difference is that the user will be asked to confirm that they have read a statement and agree with it before entering their credentials. It might look something like the image below (this example is specific to Norwegian BankID).

Different levels of Signicat Signature

  1. Direct authentication-based signing
  2. Simple signed statement
  3. Signed statement with non-visible properties

Common for all these levels is that the main piece of evidence (SAML response, signed statement) is combined with other pieces of evidence into an LTV-SDO and digitally sealed by Signicat. For more information about sealing, see Get started with long-term validation.

Was this helpful?