2021 September Release

Applying Digital Signatures in the Fabasoft Business Process CloudPermanent link for this heading

This chapter describes the process of how a digital signature is applied to a document by a user in the Fabasoft Business Process Cloud.

Logging in as User in the Fabasoft Business Process CloudPermanent link for this heading

To apply a digital signature to a document, signatories must authenticate themselves in the Fabasoft Business Process Cloud. Various authentication methods, including 2-factor authentication, are available for this purpose. Users and the available authentication methods are managed by the administrators of their cloud organization.

Either the web client or the “Fabasoft Cloud“ mobile app for iOS or Android can be used for signing documents.

Provide Images for Visual SignaturePermanent link for this heading

When digitally signing documents, users can insert visual representations of their respective signatures. In order to do so, the user can define images in the settings menu (account menu (your user name)” > “Advanced Settings” > “My Signatures”). These images can either be uploaded as an image file, generated from an entered text, or created as handwritten signature at the workstation or on the mobile device.

When a visual signature is inserted in the signing dialog, an identification for the signatory (i.e. the current user) is automatically generated below the signature image. In the Fabasoft Business Process Cloud, each user can be identified by the Fabasoft Cloud ID (i.e. property with reference: COOSYSTEM@1.1:objaddress) of the object representing that specific user. The Fabasoft Cloud ID cannot be changed whereas the login e-mail address or the name of the user may change over time. The signatory identification is made up of the first 40 characters of the SHA256 hash of this Fabasoft Cloud ID.

Note: If a user has to be anonymized in the Fabasoft Business Process Cloud (e.g. due to data privacy reasons), it is not possible to find the Fabasoft Cloud ID of the original user anymore.

Close DocumentsPermanent link for this heading

Documents must be closed (i.e. finalized) before signing them. When a document is closed that is not in PDF format, the document will be converted to the PDF format so that the PDF signature can be applied afterwards. When signing a document in the web client, it will be automatically closed before opening the signing dialog.

Open the Signing DialogPermanent link for this heading

The user starts the signing dialog either via an activity work item in the workflow or by selecting the corresponding menu entry from the context menu in the web client. In the mobile app for iOS or Android, the signing dialog can be opened only via the activity work item in the workflow.

Add Visual Signatures, Stamps, and Text Fields in the Signing DialogPermanent link for this heading

In the signing dialog, a user may place the following elements into the document:

  • Images representing the visual signature of the user
    These visual signatures can be configured by the users themselves in the settings menu. The visual signature also contains the signatory identification.
  • Images representing stamps of the organization
    These stamps are configured by the administrator of the cloud organization. A stamp will not contain the signatory identification.
  • Text fields
    These fields may contain the name of the signatory, the place, a date, or any free text.

The signatory may add zero, one or multiple visual signatures, stamps, or text fields, and distribute them on multiple pages.

Add a Remark in the Signing DialogPermanent link for this heading

The signatory may add a remark for the signing operation in the signing dialog.

Select a Certificate for Signing in the Signing DialogPermanent link for this heading

If the administrator of the cloud organization has uploaded multiple certificates for signing, the user may also select one of these certificates which are then used to apply the PDF signature.

If there is no certificate configured for the cloud organization, a default certificate provided by the Fabasoft Business Process Cloud is used to apply the PDF signature.

This default certificate is issued for:

email=digitalsignatures@fabasoft.com, cn=Fabasoft Business Process Cloud Digital Signatures, ou=Cloud Service, o=Fabasoft AG, l=Linz, st=Oberösterreich, c=AT

It is issued by the following trusted certificate authority:

cn=GLOBALTRUST 2020 ADVANCED 1, o=e-commerce monitoring GmbH, c=AT

Applying the PDF SignaturePermanent link for this heading

All data entered in the signing dialog will be transferred to the server of the Fabasoft Business Process Cloud. On the server, the PDF signatures will be applied to the PDF document.

Multiple PDF signatures may be created because

  • the user added visual signatures, stamps, or text fields on multiple pages.
  • the user added multiple visual signatures or stamps on a page.

For each PDF signature, the following steps will be executed:

  • The remark (if provided), the name of the user, the name of the organization, the login e-mail address, and the signatory identification will be stored in the signature reason property of the PDF signature.
  • “Fabasoft Cloud” will be stored in the signature location property of the PDF signature.
  • The digital signature for the PDF document and some additional information is generated by Fabasoft Secomo where the private key of the certificate is stored, secured by a hardware security module (HSM).
  • The PDF signature is stored in the PDF document.

For further information, refer to chapter “Technical Details”.

In addition to the PDF signature, each signing operation will be protocolled in the meta data of the signed object. Open the properties of the object and switch to the “Signatures” tab. On that tab, you will see all electronic signature operations, all digital signature operations, and the signing times, the remarks, and the user objects that have applied the signatures.