A better way to sign documents

Digital signing is a commonly accepted technology for protecting integrity and proving authenticity of electronic documents. The basic principle behind digital signing is the application of an asymmetric cryptographic calculation on the document content, using a pair of “keys” (known as the private key and public key pair) that are uniquely assigned to the “signer” of the document. This asymmetric sharing of a secret or secrets, in the form of the private key and public key; as well as the use of these keys to perform digital signing is generally considered as one of the best ways to establish “non-repudiation” on the electronic information exchanged between the involved parties. These key pairs are commonly referred to as the digital certificates.

In the past, the perceived and real difficulties in the safe-keeping and the use of these digital certificates by users have hindered the wider adoption of this PKI-based technology.

To fundamentally solve these problems, we must find a sufficiently secure way to store these digital certificates and to give the users the needed mobility when accessing them for digital signing and other purposes. In practice, it must not tie the user to a particular client device where the certificate is stored. Ideally, it must not rely on the use of some special hardware that is attached to the client device for the reading and decoding of these digital certificates.  The AT.Sign solution has innovatively solved these problems by allowing the users to safe-keep their private keys in SecurStore integrated with the solution or in external HSM hardware devices.   Access to these private keys is controlled by one-time password.      

This innovative approach has greatly improved the ease-of-use of digital signature technologies in application scenarios such as: medical record signing, prescription signing, commercial and financial document signing