Mobile Signing

Understand the true meaning of mobile signing

Get SigningHub Mobile apps and start signing from anywhere

Different Approaches to Mobile Signing

Using a mobile device for accessing business systems is now commonplace. The ability to view and digitally sign documents from a mobile device is an essential requirement when choosing a signing platform. However what is often not understood is that there are different levels of mobile signing, with varying degrees of what is actually performed on the mobile device:

Mobile device is used to initiate the signing process

The signing key is located on the server and signature takes place there, however the user initiates the process from their mobile device. SigningHub has easy to use iOS and Android apps for this and you can learn more about them here.

Mobile device is used to authorise the signing process

This is where the user’s mobile is sent a One Time Password (OTP) code as a form of authentication – typically using SMS messaging or via native OTP app like Google Authenticator. Again in this mode the user’s signing key is located on the server and signature takes place there. The mobile device is only being used as a second channel for user authentication. SigningHub again supports this method of user authentication.

Mobile device is used to actually sign the document

This is the “truest” form of mobile signing, i.e. the user’s signature key actually resides on the mobile device and the document signature is created on the mobile device. This is an area where SigningHub is particularly strong compared to the competition and is explained below.

True Mobile Signing Feature

In the truest form of mobile signing the user’s private signing key actually resides on the mobile device and therefore under the sole control of the user. This is a highly advanced solution and not many vendors can meet this level of security. The following diagram illustrates the process:

SigningHub is the leading solution in the mobile signing area and can implement the above mobile signing process in a number of different ways

Using specialist readers attached to mobile devices

SigningHub iOS and Android apps can use specialist smartcard readers attached to the mobile device, e.g. the Precise Biometric Tactivo readers act as covers for the mobile device. Such readers allow the user’s same PKI-enabled smartcard to be used with the SigningHub native apps as well as PCs and physical access control systems

Using Entrust® IdentityGuard SmartCredentials app

In this case the user’s private signing key is located in the Entrust app installed on the mobile device. At the time of signing, SigningHub sends a hash of the document to the Entrust app for signing on-board the mobile device (this communication is conducted via the Entrust IdentityGuard solution).

Using AET® ConsentID app

In this case the user’s private signing key is on a secure tamper-resistant micro-SD card (or it can even by a secure SIM card). At the time of signing, SigningHub sends a hash of the document to the AET app for signing on-board the secure micro-SD card (this communication is conducted via the AET MSSP Server solution).