This chapter describes the process of how a digital signature is applied to a document by a user in the Fabasoft Business Process Cloud.
To apply a digital signature to a document, signatories must authenticate themselves in the Fabasoft Business Process Cloud. Various authentication methods, including 2-factor authentication, are available for this purpose. Users and the available authentication methods are managed by the administrators of their cloud organization.
Either the web client or the “Fabasoft Cloud“ mobile app for iOS or Android can be used for signing documents.
When digitally signing documents, users can insert visual representations of their respective signatures. In order to do so, the user can define images in the settings menu (account menu (your user name)” > “Advanced Settings” > “My Signatures”). These images can either be uploaded as an image file, generated from an entered text, or created as handwritten signature at the workstation or on the mobile device.
When a visual signature is inserted in the signing dialog, an identification for the signatory (i.e. the current user) is automatically generated below the signature image. In the Fabasoft Business Process Cloud, each user can be identified by the Fabasoft Cloud ID (i.e. property with reference: COOSYSTEM@1.1:objaddress) of the object representing that specific user. The Fabasoft Cloud ID cannot be changed whereas the login e-mail address or the name of the user may change over time. The signatory identification is made up of the first 40 characters of the SHA256 hash of this Fabasoft Cloud ID.
Note: If a user has to be anonymized in the Fabasoft Business Process Cloud (e.g. due to data privacy reasons), it is not possible to find the Fabasoft Cloud ID of the original user anymore.
Documents must be closed (i.e. finalized) before signing them. When a document is closed that is not in PDF format, the document will be converted to the PDF format so that the PDF signature can be applied afterwards. When signing a document in the web client, it will be automatically closed before opening the signing dialog.
The user starts the signing dialog either via an activity work item in the workflow or by selecting the corresponding menu entry from the context menu in the web client. In the mobile app for iOS or Android, the signing dialog can be opened only via the activity work item in the workflow.
In the signing dialog, a user may place the following elements into the document:
The signatory may add zero, one or multiple visual signatures, stamps, or text fields, and distribute them on multiple pages.
The signatory may add a remark for the signing operation in the signing dialog.
If the administrator of the cloud organization has uploaded multiple certificates for signing, the user may also select one of these certificates which are then used to apply the PDF signature.
If there is no certificate configured for the cloud organization, a default certificate provided by the Fabasoft Business Process Cloud is used to apply the PDF signature.
This default certificate is issued for:
email@example.com, cn=Fabasoft Business Process Cloud Digital Signatures, ou=Cloud Service, o=Fabasoft AG, l=Linz, st=Oberösterreich, c=AT
It is issued by the following trusted certificate authority:
cn=GLOBALTRUST 2020 ADVANCED 1, o=e-commerce monitoring GmbH, c=AT
All data entered in the signing dialog will be transferred to the server of the Fabasoft Business Process Cloud. On the server, the PDF signatures will be applied to the PDF document.
Multiple PDF signatures may be created because
For each PDF signature, the following steps will be executed:
For further information, refer to chapter “Technical Details”.
In addition to the PDF signature, each signing operation will be protocolled in the meta data of the signed object. Open the properties of the object and switch to the “Signatures” tab. On that tab, you will see all electronic signature operations, all digital signature operations, and the signing times, the remarks, and the user objects that have applied the signatures.