The final blog in our series on the different types of eSignatures, this deep dive focuses on Cloud Signatures for Remote Signing and the details around this eSignature solution.
![Types-of-Signatures-RemoteSigning-2 (1)[53]](https://blog.signinghub.com/hs-fs/hubfs/Types-of-Signatures-RemoteSigning-2%20(1)%5B53%5D.png?width=777&name=Types-of-Signatures-RemoteSigning-2%20(1)%5B53%5D.png)
Cloud signatures for remote signing
Relatively new in comparison to other types of eSignatures, Cloud Signatures describe certificate-based digital signatures in the cloud.
Cloud Signatures enable Remote Signing via mobile or web devices with Advanced Electronic Signatures and Qualified Electronic Signatures backed by trusted and compliant certificates from Certificate Authorities (CA) and Trust Service Providers (TSP).
What is remote signing?
This type of eSignature provides users with complete mobility. It allows people to sign from any internet-connected device, including mobile phones, laptops and tablets.
Remote signing sets businesses free from the need to install signing devices locally. Instead, it is a cloud-hosted signing service that provides a high-trust, eIDAS-compliant electronic signature solution. eIDAS recognises Remote Signing and supports its use for creating Remote Qualified Signatures.
Remote signing differs from local signing where a user must sign via a Secure Signature Creation Device (SSCD), which uses a secure smart card or token. Even in this case, users can utilise a cloud-based remote signature.
The user must have installed the SSCD local drivers and have a smartcard reader connected. Then, their Cloud Signature service provider can send the document or transaction to the SSCD for local signing.
View this short video explaining a remote signing workflow.
[embed video]
What is a Remote Signing Service Provider (RSSP)?
In most cases, a Remote Signing Service Provider is a Trust Service Provider or a Qualified Trust Service Provider. RSSPs deliver hash signing operations via the Cloud Signature Consortium protocol.
When a user signs a document electronically, the eSignature solution sends a hash for signing via the Cloud Signature Consortium protocol to an RSSP. The RSSP’s solution completes all required authorisation, signs the hash and returns the hash to the eSignature solution to compile it into the user’s signature.
What is the Cloud Signature Consortium?
The Cloud Signature Consortium is a group of industry and academic organisations committed to building robust standards for cloud-based digital signatures. Ascertia is a member.
The standards ensure mobile and web-based applications comply with the most demanding global eSignature regulations. Esteemed organisations created The Cloud Signature Consortium to develop standard protocols to ensure distributed applications and services leverage digital signatures in a non-proprietary way.
With digital signatures migrating to a cloud-based approach, the functions needed to create digital signatures are distributed across several service instances, each carrying out sometimes multiple steps within the eSignature creation process. The Cloud Signature Consortium has ensured the interfaces between such services are now standardised.
How do I set up remote signing?
Remote signing requires slightly more effort to set up than other types of digital eSignatures. While more time-consuming initially, it provides greater flexibility and accessibility in out-of-office situations.
How remote signing works:
Ascertia vets a user before they can start using the SigningHub remote signing service. Their unique signing key must be created inside the Hardware Security Module (HSM) with a Signing Certificate, which is issued by the Trust Service Providers’ Certificate Authority.
eIDAS and ETSI/CEN standards place strict requirements for HSM requirements. Ascertia’s ADSS SAM Appliance complies with Common Criteria EAL4+ EN 419 241-2 Protection Profile.
Our remote signing solution can be embedded into any third-party business web application. Alternatively, SigningHub can be embedded via REST/JSON API, our mobile browser, iOS Android apps or third-party business application connectors.
Is remote signing secure?
Remote signing using Advanced Electronic Signatures (AES) provides a high degree of security. It falls under identical security requirements as traditional Advanced Electronic Signatures.
With remote signing, the user’s identity can be captured and bound to their signing certificate after they have been through an accredited identity provider’s extensive checks.
A user’s signing key can be held centrally in a secure HSM, in an encrypted database or within the user’s mobile device. Additionally, various single-factor or multi-factor options can authenticate users.
This type of eSignature provides an even higher level of security since the entire process of signing and verifying is standardised and assured to very robust levels.
What makes a cloud signature via remote signing legal?
Remote signing provides the same high level of trust as Advanced Electronic Signatures (AES) and Qualified Electronic Signatures (QES).
The regulations around such signature processes govern the trusted Certificate Authorities (WAs), which issue e-identity certificates to end-users. User signing keys are highly protected, and trying to dispute a cloud signature made using your key under your control is almost impossible.
Regarding law standards, a remotely signed Advanced Electronic Signature or Qualified Electronic Signature is deemed equivalent to or better than a handwritten signature.
We recommend remote signing signatures when only the highest levels of trust and security will do when you’re on the move. Remote signing provides security and peace of mind even when you’re away from the office.
Remote signing offers strong interoperability based on industry-standard digital signature techniques (ISO 32000, ISO 19005 and ETSI PAdES formats).
Choosing an eSignature solution that can support your current needs and is flexible enough to support your business’s future requirements is imperative.
Want to learn more about the different types of eSignatures and which one is suitable for your business needs? Download our eBook, Choosing the Right Type of eSignature.
