Service Description
Last updated: Tue 25 Jul 2017 10:36:45 UTC
Index
3. Design the workflow (Author)
3.1.2 Mass-signing Workflow Session
3.3.4 Workflow Session language
3.3.7 Personal invitation message
3.3.8 Personal confirmation message
3.5 Settings available via API only
4. Initiate the workflow (Initiator)
4.1 Initiate Workflow Execution from Design View
4.2 Initiate Workflow Execution from Template Workflow
4.2.1 List of Template Workflows
4.2.2 Select to edit Template Workflow or directly initiate Workflow Execution
5. Administer the Workflow Execution (User)
5.9 Change of authentication to view and authentication to sign methods
5.12 Review evidence attachments
6. Follow the workflow (Party)
6.1 Overview of Workflow Execution
6.2.2 List of Initiated Workflows
6.4 Reviewing the Sign Material
6.4.3 Other branded Sign View components
6.4.6 Mandatory/optional explanation
6.4.16 Requested attachments section
6.5 Rejecting to sign the Sign Material
6.5.3 Rejection confirmation page
6.6.2 PIN by SMS authentication and Signature Confirmation Section
6.6.3 Swedish BankID authentication and Signature Confirmation Section
6.6.4 Signature Confirmation Section
6.7 Receiving the confirmation after signing
6.7.1 Signature Registration Section
6.7.2 Signature confirmation page
6.7.3 Signature confirmation message
7.1 Collecting missing Sign Material
7.2 Producing the Transaction Logs
7.2.1 Recording Signatories’ activities in Scrive eSign
7.2.2 Generating images of the confirmation after Signatories signed
7.2.3 Recording Signatories’ system information
7.2.4 Record the time of each event in Scrive eSign relating to a Signatory’s activity
8. Evidence Package generation
8.1 Preparing the Evidence Package
8.1.1 Prepare a Final PDF (step 1)
8.1.2 Append the Verification Page (step 2)
8.1.3 Append the Evidence Quality of Scrive E-signed Documents (step 3)
8.1.4 Append the Evidence Quality Framework (step 4)
8.1.5 Append the Service Description (step 5)
8.1.6 Append the Evidence Log (step 6)
8.1.7 Append the Evidence of Time (step 7)
8.1.8 Append the Evidence of Intent (step 8)
8.1.9 Append the Digital Signature Documentation (step 9)
8.1.10 Append the Digital Signature (step 10)
8.1.11 Append the Keyless Digital Signature (step 11)
9.1.2 Learn more and manage workflow
9.1.3 Mass-withdraw invitations
9.1.8 Download metadata as CSV
9.2 Template Workflow editing list
9.4 Auto-deletion of documents and personal data
10.1 Organisation administration
1. Definitions
“Attachments” means attachments to the Main Document provided by the Author or Signatories.
“Author” means the person(s) that configure the Workflow Settings.
“Clock Error Samples” means the term as defined in the Attachment Evidence of Time.
“Delivery Method” means the method to deliver the invitation to participate in a Workflow Session.
“Design View” means the administrative user interface of Scrive eSign for the purpose of configuring the Workflow Settings.
“Evidence Attachments” means the attachments with additional evidence inserted into the Final PDF as explained in section 8, the attachments are Evidence Quality of Scrive E-Signed Documents, Service Description, Evidence Quality Framework, Evidence Log, Evidence of Intent, Evidence of Time and Digital Signature Documentation.
“Evidence Material” means the Final PDF including the inserted Evidence Attachments.
“Evidence Package” means the Evidence Material sealed with a digital signature.
“Field Data” means data associated with text fields, checkboxes, radio buttons and signature boxes in the Main Document.
“Final PDF” means the final Main Document after all Signatories have signed, including Field Data rendered with the placements defined by the Author in the Workflow Settings.
“Initiator” means the person that initiates Workflow Execution.
“Initiated Workflow” means a set of Workflow Settings where Workflow Execution has been initiated.
“Integrated System” means a system that communicates with Scrive eSign via the Scrive API.
“Main Document” means the document that is displayed in the Design View and Sign View and is possible to edit with Field Data.
“Party” or “Parties” means persons participating in the Workflow Execution.
“Role” means the Role of a Party during a Workflow Session.
“Scrive API” means the application programming interface of Scrive eSign.
“Sign Material” means the material being reviewed, signed and completed by the Parties during Workflow Execution, including a) the Main Document, b) Attachments and c) Field Data.
“Sign View” means the graphic user interface in Scrive eSign’s web based interface, for the Parties to review and for Signatories to sign the Sign Material.
“Signatory” means a person that has been defined to sign the Sign Material in the Sign View during a Session.
“Signature Confirmation Section” is the final section where the Signatory is asked if they are sure that they wish to sign the document.
“Signature Drawing Modal” is the modal where the Signatory is asked to draw or type their signature.
“Template Workflow” means Workflow Settings saved by an Author for later reuse. “Transaction Logs” means database logs in Scrive eSign, including records of the Signatories activities in Scrive eSign.
“User” is a person or a group of persons with an account in Scrive eSign which is linking to a verified email address.
“Viewer” means a person that has been defined to only have access to view the Sign Material in the Workflow Session.
“Workflow Execution” means when Scrive eSign guides the Parties through Workflow Sessions as configured in the Workflow Settings.
“Workflow Session” means a set of activities defined for a Party to execute the assigned Role. A Party can be assigned multiple Workflow Sessions.
“Workflow Settings” means any combination of settings in section 3 defining how the Parties can interact with the Sign Material during Workflow Execution.
2. Purpose
The purpose of this document is to explain how Scrive eSign worked at any given point in time to facilitate the full understanding of the process that generated the final Evidence Package. Each time Scrive eSign is updated with new features this document is also updated. The scope of the document is to describe the Scrive eSign system in full. Because it is possible to initiate Workflow Execution via API it is possible that parts of the e-signing workflow have happened outside of Scrive eSign. Because Scrive can only document features that are within our control, parts of a workflow may have happened outside the scope of this document.
3. Design the workflow (Author)
Workflow Settings are defined in the Design View by the Author. The features for designing the Workflow Settings are clustered in the Design View in three main sections. We describe the features in these sections according to the structure in the Design View.
3.1 Add Parties
3.1.1 Simple Workflow Session
Add a Workflow Session and add information about the Party participating in the Workflow Session. You can add an infinite number of Workflow Sessions. The minimum amount of Workflow Sessions is one.
3.1.2 Mass-signing Workflow Session
To replicate a Template Process multiple times with many separate Parties it is practicable to add the Parties in bulk. This feature enables adding a list of Parties to a Workflow Session as a CSV file. When initiating the process Scrive eSign will automatically replicate the process for every row in the CSV file and include the Party information of that row to that Workflow Session.
3.1.3 Invitation order
Select in what order the Parties shall receive the invitation to participate. Parties can receive the invitation in parallel, in sequence, or a combination of these.
3.1.4 Role
Define if the Party should be Signatory or Viewer.
3.1.5 Invitation method
Select how the Party shall receive the invitation to participate in the Workflow Session. The delivery methods available are a) email, b) SMS, c) email and SMS and d) in-person delivery or e) API.
|
An email invitation is sent including a link to the Sign View. |
---|---|
SMS |
An SMS is sent including a link to the Sign View. |
Email and SMS |
Both email and SMS delivery as described above. |
In-person |
No invitation is sent. The Initiator can give the Party access to the Sign View, by personally presenting it on a device selected by Initiator. |
API |
No invitation is sent. The Initiator can select to give access to the Sign View by sharing the URL or an Author can set up a workflow where the Party is redirected from a webpage hosted by the Author to the Sign View. |
3.1.6 Authentication to view
Select what authentication should be required from a Signatory before accessing the Workflow Session to view the document. The alternatives are a) Swedish BankID, b) Norwegian BankID, c) Danish NemID or d) no additional authentication method.
3.1.7 Authentication to sign
Select what authentication method should be required from a Signatory. The alternatives are a) Swedish BankID, b) PIN verification by SMS or c) no additional authentication method.
3.1.8 Confirmation method
Select how the Party shall receive the confirmation that the document has been signed by all Parties and get access to the Evidence Package. The confirmation methods available are a) email, b) SMS, c) email and SMS and d) no delivery.
3.2 Place fields
3.2.1 Main Document upload
Upload the Main Document. Only PDFs are accepted for upload.
3.2.2 Main Document removal
Remove the Main Document.
3.2.3 Text field
Drag and drop text fields into the document. Define the name of the text field (i.e. address, mobile and more) or select a predefined field, and define if it is a) mandatory for the Initiator, b) mandatory for Party completing the Workflow Session or c) optional. If left empty or editable during Workflow Execution, define what party can (if optional) or must (if mandatory) complete the text field during their Workflow Session. All information put into a text field will be printed onto the document. You can set the font size of the text field to a) small, b) normal, c) large or d) huge.
3.2.4 Checkbox
Drag and drop checkboxes into the document. Define the name of the checkbox (for traceability purposes), choose a checkbox size, and define if it is a) mandatory for the Initiator, b) mandatory for Party completing the Workflow Session or c) optional. If left empty or editable during Workflow Execution define what party can (if optional) or must (if mandatory) check the checkbox during their Workflow Session. The checkbox, empty or checked, will be printed onto the document.
3.2.5 Signature box
Drag and drop signature boxes into the document. Define the name of the signature box (for traceability purposes) and define if it is a) mandatory for the Party completing the Workflow Session or b) optional. If left empty or editable during Workflow Execution define what party can (if optional) or must (if mandatory) draw their signature during their Workflow Session. For some old browsers where JavaScript drawing doesn’t work, the Signatory can use their keyboard to type their signature with a name instead and a handwritten font will be used. The drawn or typed signature will be printed onto the document.
3.2.5 Radio buttons
Drag and drop radio button groups into the document. Define the name of the radio button group and the names of individual radio buttons (for traceability purposes), and choose a size for the radio buttons within the radio button group. It is mandatory for signing parties to select one of the radio button group options. The radio buttons, selected or not, will be printed onto the document.
3.3 Other settings
3.3.1 Add Attachment
The Author can upload documents to add as Attachments to the Main Document or delete previously uploaded Attachments. Only PDFs are accepted. The Author selects if the Attachment should be optional or mandatory to review. The Author selects if the Attachment should be merged with the main file or not.
3.3.2 Request Attachment
The Author can request that Parties are asked to upload documents during a Workflow Session, to add the documents as Attachments to the Main Document. The request is set per Party and an instruction text is required explaining what document is requested, requests can be made optional in which case the Party is not required to upload a document.
3.3.3 Main Document name
Name the Main Document. This is the name that will be communicated with the Parties throughout each Workflow Session. This will be the name of the Main Document in the Evidence Package.
3.3.4 Workflow Session language
Select in what language the Parties shall be guided throughout each Workflow Session. This will be the language of the text printed in the Verification Page.
3.3.5 Due date
Select the due date for the Signatories to sign. After the due date has passed the Signatories can no longer sign.
3.3.6 Automatic reminder
Select at what date an automatic reminder to sign shall be sent to the Signatories that haven’t yet signed.
3.3.7 Personal invitation message
Write a personal message that the Parties will receive when invited via email to participate in the Workflow Execution.
3.3.8 Personal confirmation message
Write a personal message that the Parties will receive via email when the document has been signed.
3.3.9 Edit Sign View UI
Adjust the UI in the Sign View. The following UI features can be added or removed a) header including logo and contact details, b) download PDF c) the button used in the Sign View to reject to sign, d) option to reply with a message, and e) footer.
3.4 Save as template workflow
The Workflow Settings in Design View can be saved as a Template Workflow for later Workflow Execution a single time (save as draft) or multiple times (save as template).
3.5 Settings available via API only
3.5.1 Set highlighting
It is possible, via the API, to enable highlighting in the Sign View for selected Signatories. Highlighting is the digital equivalent of a yellow mark on paper to emphasize something on the document. Highlights can be made by the selected Signatories, and cleared page-by-page, until they have signed the document, after which no more changes can be made.
4. Initiate the workflow (Initiator)
A Workflow Execution needs to be started by an Initiator. This section describes the features which the Initiator can use to initiate the Workflow Execution. The Initiator may initiate the Workflow Execution in any of the following ways:
- start as Author and define the Workflow Settings in the graphic user interface of the Design View or an Integrated System, or programmatically through the Scrive API, and then initiate the Workflow Execution, or
- start as Initiator only and select a Template Workflow to initiate the Workflow Execution, or
- start as Author and select a Template Workflow to edit by any of the procedures for defining the Workflow Settings described in bullet a and then, after editing as Author, initiate the Workflow Execution.
4.1 Initiate Workflow Execution from Design View
After a Main Document has been uploaded and no mandatory information is missing it is possible to initiate Workflow Execution by clicking a button to start. When having clicked the button a modal is displayed and depending on the Workflow Settings different activities will be required from the Initiator to initiate Workflow Execution.
Initiator role |
Sign order |
Instruction in modal |
---|---|---|
Signatory |
Sign first |
Prompts to sign first before inviting others |
Signatory |
Sign second or later |
Prompts to invite others |
Viewer |
- |
Prompts to invite others |
4.2 Initiate Workflow Execution from Template Workflow
Template Workflows can be accessed either via the Scrive eSign graphic user interface or via API. The following sections will describe how access can be done via the graphic user interface of Scrive eSign. In principle the same actions can be performed via the API.
4.2.1 List of Template Workflows
By logging in to his Scrive eSign account the Initiator can access a list of Template workflows from where it can initiate Workflow Execution. In the list of Template Workflows each Template Workflow is displayed in a list including name of the Template Workflow, time of latest change to Template Workflow, Delivery Method(s) and sharing status. In the template list view it is possible to do free text search on metadata to find Template Workflows.
4.2.2 Select to edit Template Workflow or directly initiate Workflow Execution
By clicking the name of a draft or template in the list of Template Workflows, different options will be made available depending on the Workflow Settings of the Template Workflow.
Author/Not Author |
Locked from editing |
In-person delivery |
Options for next step |
---|---|---|---|
Author |
Yes/No |
Yes |
Option to a) edit Workflow Settings or b) initiate signing on the device directly. |
Author |
Yes/No |
No |
Option to a) edit Workflow Settings or b) send for signature directly. |
Not Author |
Yes |
Yes |
Option to initiate signing on the device directly. |
Not Author |
No |
Yes |
Option to a) edit Workflow Settings or b) initiate signing on the device directly. |
Not Author |
Yes |
No |
Option to send for signature directly. |
5. Administer the Workflow Execution (User)
The document view is the administrative counterpart of the Sign View. Here the User can review the Main Document, Attachments, Parties and progress history and also administer the Workflow Execution.
5.1 Progress history
The Workflow Session progress of each Signatory can be tracked in the progress history section. Each important event is listed with a status icon, time, Party and an explanatory text. Below is a list of the statuses used.
Progress status |
Explanation |
---|---|
Initiated signing |
The Initiator initiated the signing process. |
Email sent |
The invitation to access Sign View was sent via email. |
SMS sent |
The invitation to access Sign View was sent via SMS. |
Undelivered |
The external email or SMS system has reported that it could not deliver the email or SMS. |
Delivered |
The external email or SMS system has reported that it has delivered the email or SMS. |
Email opened |
The external email system has reported that the email has been opened. |
Accessed view to authenticate |
The party opened the view to verify their identity before viewing the document. |
Authentication success |
The Party verified their identity with [AUTHENTICATION METHOD] to access the document. |
Reviewed online |
Opened the document online. |
Signed |
The button to complete signing was clicked in the Signature Confirmation Section or, if BankID was required to sign, the signing process was completed successfully in the BankID application. |
Rejected |
The button to reject signing was clicked in the final rejection section. |
Timed-out |
The due date for signing as set in the Workflow Settings passed and the document can’t be signed. |
Due date prolonged |
The Initiator prolonged the signing due date. |
Process cancelled |
The Initiator cancelled the signing process, the document can no longer be signed. |
Process edited |
The Workflow Process was edited in the Design View. |
Sealed |
Scrive eSign sealed the document with a digital signature. |
Resealed |
Scrive eSign sealed the document with a keyless digital signature. |
5.2 Withdraw invitation
To withdraw an invitation to sign an Initiated Workflow, press the button to withdraw. The invitation to sign the selected Initiated Workflow will be withdrawn and they will no longer be possible to sign. If a Signatory clicks an invitation link to a withdrawn document they will land in a landing page with an instruction that the Workflow Execution has been cancelled.
5.3 Extend due date
If the due date to sign passed without all Signatories having signed the Initiator can extend the due date by pressing “extend due date”. The date is extended by as many days as are determined by the Initiator.
5.4 Restart document
If the document was cancelled or the due date passed the Initiator can select to restart the Workflow Execution by pressing the button to restart the Workflow Execution. The Initiator is then redirected to the Design View where he can edit the Workflow Settings and initiate Workflow Execution again.
5.5 Start signing
If Delivery Method was set to in-person or API, then there is an option for the Initiator to initiate the next in-person Workflow Session directly from this view. By selecting “start signing” the Initiator will be redirected to the Sign View.
5.6 Download document
If the document has been signed it can be downloaded by the Initiator by pressing the button to download the document.
5.7 Send reminder
To remind a Signatory to sign, press the button to send reminder. A reminder will be sent to the Signatory using the initial invitation Delivery Method selected by the Author.
5.8 Send document again
To send a completed Evidence Package again to a Party, press the button to send the document again which is next to the Party’s information. A message including the document, will be sent to the Signatory using the initial confirmation Delivery Method selected by the Author.
5.9 Change of authentication to view and authentication to sign methods
As long as the recipient hasn’t signed the Initiator can change the authentication to view and the authentication to sign methods.
5.10 Bounce management
If the email or SMS could not be delivered, the Initiator is informed of the problem via an email with a link to the Document View where the Initiator can edit the email or mobile number. A bounce can occur for multiple reasons, typically due to a) entering the wrong email or mobile number, b) SPAM filter settings of the receiving system or c) the recipient’s systems are down.
5.11 Review Attachments
Below the displayed document there is a section with all attached Attachments. The user can view or download Attachments.
5.12 Review evidence attachments
Below the Attachments section there is a section with all evidence attachments. The user can review or download the evidence attachments.
6. Follow the workflow (Party)
Smooth Workflow Execution is dependent on a series of events as executed by the Parties in close interaction with Scrive eSign. This section will describe the different components enabling the Workflow Execution. The features are listed in the order as they appear to the Signatory either chronologically or in the graphic user interface from the top and going down. What features appear to the Signatory depend on the Workflow Settings.
6.1 Overview of Workflow Execution
Before we look at the components of the Workflow Execution it might be useful to get an overview of the different steps of Workflow Execution as experienced by the Signatories and the Viewers.
- Accessing the Sign View: the Party either a) receives an email or SMS with an invitation to sign electronically and a link to the Sign View or, b) accesses a device (tablet, desktop computer, smartphone or other) with the Sign View already opened or c) is redirected from an Integrated System to the Sign View.
- If set by the Author, the Signatory is asked to authenticate before they can proceed.
- Reviewing the Sign Material: the Party views the displayed Sign View and a) can read instructions at the top to follow the guiding arrow, b) depending on the Workflow Settings enter or not enter Field Data into the document (such as text, signatures, checks in checkboxes, choosing a radio button group option) and view/append required and optional attachments and c) scroll through all document pages to reach the sign or reject section.
- When enabled for the current signatory, the Initiator can highlight anything within the document being signed in real-time.
- Signing the Sign Material: the Signatory presses the next button to proceed to the next step and, depending on the Workflow Settings, one of these four scenarios follow;
- If the Signatory has not yet drawn their signature inside the document a section appears with instructions to confirm their intent by clicking a button with the text “Sign”, or
- If the Signatory has not yet drawn their signature inside the document a section appears with instructions that they will finalise the signing process by clicking the button with the text “Finish”, or
- If the Signatory is required to authenticate with PIN by SMS before they can sign they a) type or view their mobile number, b) receive an SMS with a PIN, c) type the PIN into a input field and d) confirm their intent by clicking a button with the text “sign”, or
- If the Signatory is required to sign with Swedish BankID they sign using the Swedish BankID app on the device they chose to sign with.
- Receiving confirmation after signing: after having completed one of the above signing scenarios a confirmation message is displayed to the Signatory that the Sign Material has been signed. Depending on the Workflow Settings, each Party either receives or doesn’t receive a confirmation message. If it was set for the Party to receive a confirmation message it is sent either a) by email and including the Evidence Package, b) by SMS and including a URL-link to access the document on the web in Scrive eSign, or c) both by email and SMS as described above.
The following sections are more detailed descriptions of the features enabling the workflow in the summary above.
6.2 Accessing the Sign View
This is the workflow guiding the Parties to access the Sign Material in the Sign View.
6.2.1 Invitation message
Scrive eSign will send an invitation email and/or SMS to the Party, in the order as defined by the Workflow Settings. The email and/or SMS will include a URL-link to a Sign View specific to that Workflow Session.
6.2.2 List of Initiated Workflows
Initiated Workflows with Workflow Sessions available for signing directly on the device are listed in a list accessible to Users. Each Initiated Workflow is displayed in a list with document name, last event, name of Initiator and names of all Parties. An icon determines if the Party is the Initiator of the Initiated Workflow or has been invited by another Initiator to participate. By selecting an Initiated Workflow from the list the User will initiate a Workflow Session and access the Sign View.
6.3 Authenticate to view
This is the part where the Signatory is required to authenticate themselves before they can proceed to view the Sign Material.
6.3.1 Authentication to view
The name of the Author and the document is displayed. Personal information that is required to understand who should authenticate their identity is presented. The Signatory initiates the authentication process. If the authentication is successful the Signatory is redirected to the Sign View to view the Sign Material.
6.4 Reviewing the Sign Material
This is the workflow guiding the Signatory when they are reviewing the Sign Material before signing.
6.4.1 Contact information
In the header the Initiators name and mobile (if available) is displayed for contact purposes.
6.4.2 Branded header
Adjustments can be made to a) company logotype, b) background color of header, c) text font, and d) text color. If no branding has been selected, the default is the Scrive logotype and colors. Author can remove the header and footer in the Design View before initiating Workflow Execution.
6.4.3 Other branded Sign View components
Components of the Sign View that can be branded are a) text font type of all text, b) color of the guiding arrow, c) color and text font of text in the guiding arrows, d) color of buttons, and e) color and text font of the text in the buttons. In the Sign View, confirmation page after signing, the signing invitation email and confirmation email there is a discrete ”Powered by Scrive” text.
6.4.4 Signing header
This header stays at the top of the SIgn View as the signatory scrolls through the Main Document to sign. The header includes a) the name of the document, b) a button to activate highlighting (learn more below), c) a button to zoom in the Main Document and d) a button to zoom out the Main Document. By clicking the highlight button, the highlighting functionality is enabled and the scrolling functionality is disabled. Thus, instead of scrolling when touching the screen the touch will result in a yellow highlighting color being painted to the Main Document where the finger points. Highlighting starts when a finger is put to, or a mouse is clicked above, the Main Document. Highlighting stops when the finger is lifted or the mouse is released. To initiate highlighting again the highlighting button in the header has to be pressed again. If the highlighting functionality has been applied to the Main Document in the current Workflow Session, a clear button will also be available in the signing header. The clear button will allow highlighting to be cleared from one document page at a time, and “clear mode” will be enabled until any highlighting has been cleared, or until the cancel button is clicked to cancel clear mode.
6.4.5 Review instruction
Below the header there is a) the person’s name and b) a brief instruction on how to proceed to sign the document. The purpose of the name is to decrease the risk that a person mistakenly signs in another Signatory’s name. If the name was not supplied before Initiator initiated Workflow Execution, then only the brief instruction is displayed.
6.4.6 Mandatory/optional explanation
Explanation of the difference in instruction color between actions that are mandatory and actions that are optional. This appears if the Workflow Session includes optional and mandatory actions.
6.4.7 Download PDF
Option to download the Main Document and Attachments as PDF. This option is either displayed or not depending on if the Author defined that it should be displayed during the Workflow Session.
6.4.8 Document display
PNGs of the Main Document are displayed in up to 1040 px width.
6.4.9 Guiding arrow
The guiding arrow will guide the Party through the steps set as mandatory by the Author. The arrow will guide the Party by pointing at the next mandatory step and blink.
6.4.10 Text fields
There can be empty text fields that are mandatory or optional to complete for the Party and pre-filled fields that can be editable.
6.4.11 Checkboxes
There can be unchecked checkboxes that are mandatory or optional for the Party and pre-checked checkboxes that can be de-checked. Checkboxes can be small, medium, or large, at the discretion of the author.
6.4.12 Radio buttons
There can be radio button groups comprising of two or more radio button options. The Party must select one of the radio buttons for each radio button group. Each radio button group can be small, medium, or large, at the discretion of the author.
6.4.13 Signature box
If signatures are requested from the Signatory then signature boxes are displayed as colored areas on top of the document. If the Author has defined the signature as mandatory, then the guiding arrow will point to the colored area after previous mandatory fields have been completed. When clicking a signature box a signing workflow is initiated. Read more about the signing workflow in section “6.6 Signing the Sign Material”.
6.4.14 About you section
If there are input fields that are mandatory to include in the transaction but have not been placed on top of the document by the Author they are displayed in the about you section. This section is not visible if there is no mandatory information that has not been placed on top of the document for input.
6.4.15 Attachments section
For each attachment that has been added to the document by the Author a section is displayed including the title of the attachment and a button to show the attachment. The attachment can be viewed by clicking the button to show the attachment, then the section expands and displays the attachment in full to the Signatory. If an attachment was selected by the Author to be mandatory to review in the Workflow Settings then a) a checkbox is available next to the title of the attachment and b) a text stating that the signatory confirms that they have read and understood the content of the attachment is available next to the checkbox. The checkbox with the instruction to confirm that the Signatory has read and understood the content of the attachment must be checked before the Signatory can sign.
6.4.16 Requested attachments section
This is where, if requested, the signatory is instructed to upload additional documents as attachments. The signatory can choose not to upload an optional attachment by checking a checkbox. If attachments have been added by previous signatories in the same process, those are visible to the current signatory for review. This section is not visible if there are no requests for attachments from the signatory.
6.4.17 Signatories section
This section includes a list of the Signatories, their signing progress and a) Full name,, and b) if applicable information about the Signatory is displayed such as organisation, organisation number, ID number, mobile number and email.
6.4.18 Reject or sign section
This is the last section in the Sign View. This section includes a reject button and a next button. By clicking the reject button the Signatory will initiate the rejection workflow and by clicking the next button the Signatory will initiate the signing workflow. If the Author has determined in the Sign View Settings that the reject button shall not be displayed to the Signatory, only the next button will be displayed.
6.5 Rejecting to sign the Sign Material
This is the workflow guiding the Signatory when they are rejecting to sign the Sign Material.
6.5.1 Reject button
At the bottom of the Sign View the signatory can reject the signing via clicking on a reject button. This button is visible if the Author has not disabled it in the Workflow Settings.
6.5.2 Rejection section
If the option to allow a rejection message was chosen in the Workflow Settings, upon clicking the button to reject the Signatory will enter a section where the Signatory can reject and, if so desired, write a rejection message to the Initiator. If a rejection message is not allowed, the Signatory will be asked to confirm the rejection directly, without the possibility of writing a rejection message. If the Signatory confirms the rejection, the Workflow Execution is cancelled and the Main Document can no longer be signed by any other Signatory.
6.5.3 Rejection confirmation page
After a rejection the Signatory is redirected to a page confirming that the signing was rejected and, if a rejection message was created, that the rejection message was sent to the Initiator.
6.6 Signing the Sign Material
The signing workflow is the workflow guiding the Signatory when they are signing the Sign Material.
6.6.1 Signature Drawing Modal
After the signature box has been clicked by the Signatory, the Signature Drawing Modal is opened and the Signatory is instructed to sign. The Signatory can draw their signature on a touchscreen or with a mouse. Once the Signatory has drawn their signature in the Signature Drawing Modal, they can click a button to proceed. Once they have clicked the button to go to the next step the modal closes and the signatory is scrolled to the next step defined by the Workflow Settings.
6.6.2 PIN by SMS authentication and Signature Confirmation Section
If the authentication was set to PIN by SMS, the Signatory is either a) prompted to type the mobile number they want to use for authentication or b) if the mobile number was prefilled by the Initiator they can only view the mobile number. After the signatory has filled their mobile mobile number or reviewed the one that was prefilled by the Initiator and clicked to send the SMS, the Signature Confirmation Section appears with a) an input field for the PIN, b) a text if they wish to sign and let Scrive eSign register their signature and c) a button to confirm the PIN and complete the signing process. After the correct PIN has been supplied and the Signatory has confirmed that they wish to sign , the signature is registered and the Signature Registration Section is displayed.
6.6.3 Swedish BankID authentication and Signature Confirmation Section
If the authentication was set to Swedish BankID, the Signatory is either a) prompted to type the ID number they want to use for authentication, or b) if the ID number was prefilled by the Initiator this is already prefilled and not editable. After the signatory has a) filled their ID number or reviewed the one that was prefilled by the Initiator and b) clicked to initiate the authentication with Swedish BankID, the Signatory authenticates within the Swedish BankID application. When the authentication is completed in the Swedish BankID application, Scrive eSign registers the signature.
6.6.4 Signature Confirmation Section
If the authentication was neither set to Swedish BankID nor PIN by SMS then the Signature Confirmation Section asks the Signatory if they wish to either “sign” (if no signature was drawn in the document using the Signature Drawing Modal) or “finish” (if a signature was drawn in the document using the Signature Drawing Modal) and let Scrive eSign register their signature. Once the Signatory has confirmed that they wish to sign or finish the signing process, the signature is registered and the Signature Registration Section is displayed.
6.7 Receiving the confirmation after signing
This is the workflow guiding the Signatory after they have signed the Sign Material.
6.7.1 Signature Registration Section
After the Signatory has confirmed their signature in the Signature Confirmation Section, the Signatory is redirected to the Signature Registration Section. The Signature Registration Section instructs the Signatory that their signature is being registered by Scrive eSign.
6.7.2 Signature confirmation page
After Scrive eSign has completed registering the signature of the Signatory, the Signatory is either redirected to:
- a custom confirmation page. Scrive does not regulate the custom confirmation page other than requiring that the confirmation page should not be misleading to the Signatory, thus it can include any information.
- the Scrive eSign standard confirmation page. The standard confirmation page includes information that the Signatory’s signature has been registered. If the Author had set that Scrive eSign should send an outgoing confirmation message, then the Signatory is also informed that an outgoing confirmation message was sent to the Signatory or that, if there are more Signatories to sign the document, an outgoing confirmation message will be sent to the Signatory after all Signatories have signed.
- the Signing Handover Interface, where a button is displayed leading to the Workflow Session for that next Signatory. This happens if there are other Signatories in line to sign after the Signatory that just signed, and the Delivery Method was set to in-person for any of those Signatories.
6.7.3 Signature confirmation message
If Author set that an outgoing confirmation message should be sent to the Signatory, a confirmation message is sent either via SMS, email or both. The confirmation message includes information that the document has now been signed by all Signatories. The email also includes an original of the Evidence Package and the SMS includes a link to access the Evidence Package online. If the Evidence Package is over 10MB Scrive eSign will not include the Evidence Package in the confirmation email and instead an instruction and a link to access the document will be supplied. If the Author set that a custom confirmation message shall be included in the outgoing confirmation message, the custom confirmation message set by the Author is included after the standard confirmation message texts.
7. Evidence collection
During the Workflow Execution Scrive eSign is collecting evidence to include into the Evidence Package.
7.1 Collecting missing Sign Material
At any time during the Workflow Execution, Scrive eSign presents the Sign Material in its current state in the Sign View meaning that it displays a) images of each page of the Main Document, b) links to all Attachments and c) renders all currently defined Field Data on the pages of the Main Document using the placements specified by the Author. As the process advances, the Sign Material is collected and produced through the following process:
- The Author uploads the initial Sign Material into Scrive eSign, consisting of the Main document, Author Attachments and initial Field Data.
- The Signatories will perform a review of the Sign Material in the Sign View. Depending on the Workflow Settings the Signatory can be asked to upload Signatory Attachments and add more Field Data, so that the Sign Material is completed. This step is reiterated until all Signatories have signed.
- When the last Signatory has signed, the Sign Material has become fully completed and is locked from further modifications.
7.2 Producing the Transaction Logs
Scrive eSign executes the following activities to produce the Transaction Logs:
- Record as many as possible of the Signatories’ activities in Scrive eSign during Workflow Execution
- Record screenshots of the confirmation after the Signatories have signed through Scrive eSign
- Record system information of the Signatories’ client system
- Record system time of the Signatories’ activities in Scrive eSign
This section will explain the different procedures for recording the Transaction Logs as listed above.
7.2.1 Recording Signatories’ activities in Scrive eSign
Scrive eSign records events when the Signatory has interacted with Scrive eSign during Workflow Execution. The activities in Scrive eSign that are recorded are listed below. Coordinates X=0, Y=0 is the top-left corner of the page, X=1, Y=1 is the bottom-right corner.
Sample event (as printed in the Evidence Log) |
Event explanation |
---|---|
Scrive eSign sealed the Evidence Package (as defined in the Service Description) with a keyless digital signature. |
See section 8.1.8. |
Scrive eSign sealed the final PDF with a digital signature. |
See section 8.1.7. |
Scrive eSign prepared the final PDF, including evidence collected by Scrive eSign, before sealing with a digital signature. |
See sections 8.1.1 – 8.1.6 |
The party [NAME OF PERSON] ([UNIQUE IDENTIFIER]) verified their identity with [AUTHENTICATION METHOD] to access the document.
|
See section 6.3.1. |
Scrive eSign sent an automatic reminder to sign using [DELIVERY METHOD] to [EMAIL@EXAMPLE.COM and 012-34 56 78] at the request of the user [NAME OF USER] ([UNIQUE IDENTIFIER]). |
See section 3.3.6. |
The user [NAME OF USER] ([UNIQUE IDENTIFIER]) withdrew the invitation to sign and Scrive eSign disabled the possibility to sign for all parties. |
See sections 5.2. |
The user [NAME OF USER ([UNIQUE IDENTIFIER]] changed authentication for [NAME OF PARTY (UNIQUE IDENTIFIER)] from [OLD AUTHENTICATION METHOD] to [NEW AUTHENTICATION METHOD]. |
See section 5.9. |
The user [NAME OF USER] ([UNIQUE IDENTIFIER]) changed the email address for the party from [BAD@EXAMPLE.COM] to [GOOD@EXAMPLE.COM]. |
See section 5.10. |
The user [NAME OF USER] ([UNIQUE IDENTIFIER]) changed the mobile number for the party from [BAD-12 34 56] to [GOOD-12 34 56]. |
See section 5.10. |
Scrive eSign locked the document from further modifications by the parties. |
See section 7.1 step 3. |
The signatory [NAME OF SIGNATORY] checked the checkbox “[EXAMPLE ATTACHMENT NAME]”. The text next to the checkbox was “[ACCEPT ATTACHMENT CONDITIONS TEXT]”. |
See sections 3.3.1 and 6.4.15. [ACCEPT ATTACHMENT CONDITIONS TEXT] is the text that was visible to the signatory and depends on the document’s language setting. In English it is "I have read and accepted the content of the attachment [EXAMPLE ATTACHMENT NAME]". |
The party [NAME OF PARTY] ([UNIQUE IDENTIFIER]) deleted the attachment [ATTACHMENT NAME] previously uploaded by the party [NAME OF PARTY] ([UNIQUE IDENTIFIER]). |
See sections 3.3.2 and 6.4.16. |
Due to a system error Scrive eSign failed to finalise the Evidence Package (as defined in the Service Description) before sealing with a digital signature. |
Sometimes the system may fail to produce the Evidence Package as described in sections 8.1 – 8.3. This event is extremely rare. |
Scrive eSign’s external email delivery system reported that the invitation to [sign/review] the document sent via email to [PARTY@EXAMPLE.COM] was delivered. |
See sections 3.1.4 and 5.1. |
Scrive eSign’s external SMS delivery system reported that the invitation to [sign/review] the document sent via SMS to [012-34 56 78] was delivered. |
See sections 3.1.4 and 5.1. |
Scrive eSign sent an invitation to [sign/review] the document via [delivery method] to [PARTY@EXAMPLE.COM and/or 012-34 56 78]. The invitation included a link that when clicked lead to Scrive eSign’s online interface to [sign/review] documents. The invitation contained the following message: <BR/> <i>This is an example message text.</i> |
See sections 3.1.4, 3.3.7 and 5.1. |
Scrive eSign’s external email delivery system reported that the invitation sent via email to [PARTY@EXAMPLE.COM] could not be delivered and continued attempts were cancelled. |
See section 5.1. |
Scrive eSign’s external SMS delivery system reported that the invitation sent via SMS to [012-34 56 78] could not be delivered and continued attempts were cancelled. |
See section 5.1. |
Scrive eSign’s external email delivery system reported that the invitation sent to [PARTY@EXAMPLE.COM] was opened. |
See section 5.1. |
The initiator [NAME OF INITIATOR] ([UNIQUE IDENTIFIER]) initiated the signing workflow and Scrive eSign a) locked the signing workflow from further editing, b) set the signing workflow language to [EXAMPLE LANGUAGE: ENGLISH], c) set the signing due date to [EXAMPLE DATE: 2013-01-01 00:00:00 UTC], d) set the time zone to [EXAMPLE TIME ZONE: CET] and e) initiated the signing workflow. |
See section 4. |
The user [NAME OF USER] ([UNIQUE IDENTIFIER]) prolonged the signing due date. |
See section 5.3. |
The signatory [NAME OF SIGNATORY] ([UNIQUE IDENTIFIER]) rejected the invitation to sign and Scrive eSign disabled the possibility to sign for all parties. The rejection message from the signatory [NAME OF SIGNATORY] ([UNIQUE IDENTIFIER]) was: <BR/> <i>This is an example message text.</i> |
See section 6.5.2. |
Scrive eSign sent a reminder to [review/sign] via [delivery method] to [SIGNATORY@EXAMPLE.COM and/or MOBILE NUMBER] at the request of the user [NAME OF USER] ([UNIQUE IDENTIFIER]). The reminder message from the user [NAME OF USER] ([UNIQUE IDENTIFIER]) was: <BR/> <i>This is an example message text.</i> |
See sections 9.1.4 and 5.7. |
Scrive eSign’s administrator ([ADMIN@EXAMPLE.COM]), a person authorised to administer Scrive eSign, requested preparation of the Evidence Package. |
In the rare event of failure there is a safety feature in Scrive eSign where an authorised person at Scrive can ask the system to try to reseal the Evidence Package. |
The user [NAME OF USER] ([UNIQUE IDENTIFIER]) edited the signing workflow in Scrive eSign’s interface to design signing workflows. |
See section 5.4. |
The SMS with the PIN was delivered to [MOBILE NUMBER] for the signatory [NAME OF SIGNATORY (UNIQUE IDENTIFIER)] to use for authentication. |
See section 6.6.2. |
An SMS with a PIN was sent to [MOBILE NUMBER] for the signatory [NAME OF SIGNATORY (UNIQUE IDENTIFIER)] to use for authentication. |
See section 6.6.2. |
The signatory [NAME OF SIGNATORY] ([UNIQUE IDENTIFIER]) uploaded the attachment [EXAMPLE ATTACHMENT NAME] requested by the workflow author. The request had the following description: <BR/> <i>This is an example description.</i> |
See sections 3.3.2 and 6.4.16. |
The signatory [NAME OF SIGNATORY] checked the checkbox “[EXAMPLE ATTACHMENT NAME]”. The text next to the checkbox was “[NOTHING TO UPLOAD TEXT]”. |
See sections 3.3.2 and 6.4.16. [NOTHING TO UPLOAD TEXT] is the text that was visible to the signatory and depends on the document’s language setting. In English it is "Nothing to upload". |
The signatory [NAME OF SIGNATORY ([UNIQUE IDENTIFIER]) signed the document using PIN by SMS as authentication method. The PIN was sent to [MOBILE NUMBER]. |
See section 6.6.2. |
The document was signed by [NAME OF SIGNATORY ([UNIQUE IDENTIFIER]) using [AUTHENTICATION METHOD] as authentication method.
$signed_text$ Data returned from the [AUTHENTICATION METHOD]:
Name: [NAMED RETURNED] ID number: [ID NUMBER RETURNED] Signature: [SIGNATURE RETURNED] Online Certificate Status Protocol (OCSP) Response: [OCSP RETURNED] |
See section 6.6.3. |
The signatory [NAME OF SIGNATORY ([UNIQUE IDENTIFIER]) signed the document. |
See section 6.7.1. |
The due date for signing the document passed. Scrive eSign disabled the possibility to sign for all parties. |
See section 3.3.5. |
The signatory [NAME OF PERSON] ([UNIQUE IDENTIFIER]) [CHECKED or UNCHECKED] the checkbox [NAME OF CHECKBOX]. The checkbox's placement in the Main Document: Page X Y 1 0.123 0.420 |
See sections 3.2.4 and 6.4.10. |
The signatory [NAME OF PERSON] ([UNIQUE IDENTIFIER]) selected the radio button "[NAME OF RADIO BUTTON]" in radio group "[NAME OF RADIO GROUP]". Possible options were: [LIST OF ALL RADIO BUTTON NAMES IN RADIO GROUP]. The radio buttons placement in the Main Document: Page X Y 1 0.123 0.128 1 0.123 0.142 |
See sections 3.2.5 and 6.4.12. |
The signatory [NAME OF PERSON] ([UNIQUE IDENTIFIER]) signed in the signature box [NAME OF BOX]. The box's placement in the Main Document: Page X Y 1 0.123 0.420 |
See sections 3.2.5, 6.4.13 (or 6.4.18 if signature box was not placed) and 6.5.11. |
The signatory [NAME OF PERSON] ([UNIQUE IDENTIFIER]) changed the text in the text field [NAME OF FIELD] from [PREVIOUS VALUE] to [NEW VALUE]. The field's placement in the Main Document: Page X Y 1 0.123 0.420 |
See sections 3.2.3 and 6.4.9 (or 6.4.14 if text field was not placed). |
The party [NAME OF PERSON] ([UNIQUE IDENTIFIER]) opened the view to verify their identity before viewing the document. |
See section 6.3.1. |
The party [NAME OF PERSON] ([UNIQUE IDENTIFIER]) opened the document in Scrive eSign’s online interface to [review/sign] documents. |
See section 6.2.1. |
Highlighting was added to page 3 while [NAME OF PERSON] was viewing. |
See sections 3.5.1 and 6.4.4. |
Highlighting was removed from page 3 while [NAME OF PERSON] was viewing. |
See sections 3.5.1 and 6.4.4. |
7.2.2 Generating images of the confirmation after Signatories signed
To sign through Scrive eSign the Signatory is asked to confirm the signature and after the Signatory has confirmed their signature a confirmation message is displayed. Scrive eSign will generate an image of the Signatories’ browser environment including the confirmation message in the foreground and the Main Document and Field Data in the background.
The technology for generating an image of the Signatories’ browser environment is not perfect. Therefore, as a safeguard in the event that the image of the Signatories’ browser cannot be generated correctly, Scrive eSign will at each Planned Production Upgrade, generate images of a reference browser environment including the confirmation message in the foreground and a demo Main Document and Field Data in the background. The purpose of the images is to serve as a reference to display how the images of the Signatories’ browser environment should have looked like if the image generation would have been generated correctly.
7.2.3 Recording Signatories’ system information
Scrive eSign records information of the system that the Signatories use at each system event generated by the Signatory. The information that is recorded is:
- IP address
7.2.4 Record the time of each event in Scrive eSign relating to a Signatory’s activity
At the time of an event triggered by a Signatories’ interaction with Scrive eSign, Scrive eSign will log the following information:
- The time of Scrive eSign servers at the time of the Signatories’ activity
- The time of the latest Clock Error Sample
- The clock error at the latest Clock Error Sample
7.3 Recording clock error
The time of Scrive eSign servers is controlled using NTP and the servers communicate indirectly with servers equipped with reference clocks whose purpose is to define reference time. Each hour Scrive eSign estimates the error of the clocks of its servers compared to reference time and the estimated error is measured in milliseconds (the “Clock Error Sample” or “CES”). The purpose of the Clock Error Sample is to produce data that can be used in a statistical model to evaluate the accuracy of Scrive eSign servers’ clock at the point of each logged event.
More about the Clock Error Sample and measurement of time in Scrive eSign is explained in the Appendix 4 Evidence of Time.
8. Evidence Package generation
8.1 Preparing the Evidence Package
Once all Signatories have signed electronically, Scrive eSign will execute the following actions to produce the Evidence Material:
- Prepare the Final PDF.
- Append the Verification Page as an additional page to the Final PDF.
- Append the Evidence Quality of Scrive E-signed Documents as an attachments inside the Final PDF.
- Append the Evidence Quality Framework as an attachment inside the Final PDF.
- Append the Service Description as an attachment inside the Final PDF.
- Append the Evidence Log as an attachment inside the Final PDF.
- Append the Evidence of Time as an attachment inside the Final PDF.
- Append the Evidence of Intent as an attachment inside the Final PDF.
- Append the Digital Signature Documentation as an attachment inside the Final PDF.
Once the Evidence Material has been produced Scrive eSign will execute the following actions to secure the integrity of the Evidence Material and thereby produce the final Evidence Package:
- Seal the material in steps 1-10 with a digital signature.
- Seal the material in steps 1-11 with a keyless digital signature.
A detailed description of the steps 1-11 follows below.
8.1.1 Prepare a Final PDF (step 1)
The Final PDF is prepared by inserting all the pages from the original Main Document, and subsequently all the Field Data is rendered using the placements defined by the Author in the Workflow Settings. If the Author defined that Attachments should be Merged with the Main Document they are added as pages to the Main Document. If the Author defined that Attachments should not be Merged with the Main Document the attachment is hashed using SHA-256. The hash can be found in the Evidence Log. Attachments that are not merged with the Main Documents are not digitally sealed. By comparing the computed hash (the output from execution of the algorithm SHA-256) to a known and expected hash value (the value in the Evidence Log), it’s possible to determine the Attachments’ integrity.
8.1.2 Append the Verification Page (step 2)
The Verification Page is one or several pages appended at the end of the Final PDF and it contains the following information:
- Transaction ID intended for support purposes.
- Information about the Main Document including name, number of pages and by whom it was submitted.
- Information about the each Attachment, including name, number of pages, if it was merged with the Main Document or not and by whom it was submitted.
- Information about the Initiator and each Signatory.
- Activity history of each Signatory in Scrive eSign during Workflow Execution, including a brief description of the activity, the time of the activity and the IP address.
- A Scrive seal.
At the end of the Verification Page there is brief documentation describing what the Verification Page is. The documentation is intended to give the reader all the information necessary in order to understand:
- The nature of the document (an Evidence Package issued by Scrive).
- That additional documentation about the Evidence Package can be found in the Attachments.
- Where to verify the integrity of the document (https://www.scrive.com/verify).
The purpose of the Verification Page is to make the most important metadata about the Workflow Execution easily accessible.
8.1.3 Append the Evidence Quality of Scrive E-signed Documents (step 3)
The Evidence Quality of Scrive E-signed Documents is a brief introduction to the Evidence Package. The purpose of the document is to serve as an executive summary and help with the understanding of the Evidence Package without having to read through all the documentation.
8.1.4 Append the Evidence Quality Framework (step 4)
The Evidence Quality Framework explains the legal aspects of digital evidence quality. The purpose of this document is to set a framework for the understanding of digital evidence quality and explain how the Evidence Package relates to such framework.
8.1.5 Append the Service Description (step 5)
The Service Description is this document and is a complete functional specification of Scrive eSign. The Scrive team maintains the following process to keep the Service Description up to date:
- A new version of Scrive eSign has been developed and the staging environment has been updated with the new version. The staging environment is the servers where the final testing of a new version of Scrive eSign is conducted before it is released to all customers. If the new version of Scrive eSign includes new features or substantial adjustments to existing features the Service Description is updated by the Scrive eSign product owner to include the changes made. The Scrive eSign product owner is the person that plans and manages the development of Scrive eSign.
- While on staging the changes to the Service Description is reviewed and corrected by the Scrive legal counsel in dialogue with the Scrive eSign product owner.
- Once all text changes have been agreed by the Scrive eSign product owner and the Scrive legal counsel, the updated Service Description is to be included with the next updates to Scrive eSign.
The purpose of the document is to serve as a reference for anyone trying to understand the Evidence Package and its different components.
8.1.6 Append the Evidence Log (step 6)
The Evidence Log includes all Transaction Logs printed in human readable text including a) the Signatories’ activities in Scrive eSign during Workflow Execution, b) all system information of the Signatories, and c) the UTC timestamp created at the moment of each Signatories’ activity.
The purpose of the Evidence Log is to make all collected metadata about the Workflow Execution accessible outside of Scrive eSign and thus independently of Scrive.
8.1.7 Append the Evidence of Time (step 7)
The Evidence of Time includes a detailed documentation about a) how the time of the servers of Scrive eSign is measured and synchronised with trusted sources of time, b) a mathematical algorithm to calculate the probability of time deviation above certain time intervals and c) the measurements required to insert into the mathematical algorithm, including the last 1000 samples of the servers time deviation and their distribution.
The purpose of the Evidence of Time is to explain how Scrive eSign measures time and
provide a mathematical algorithm by which it is possible to calculate the probability of
the error of the time stamps recorded by Scrive eSign.
8.1.8 Append the Evidence of Intent (step 8)
The Evidence of Intent includes the images of the Signatories browser environment generated by Scrive eSign when the Signatory has signed and is displayed with a confirmation thereof. Additionally the Evidence of Intent also includes the reference images generated by Scrive eSign at each Planned Production Upgrade.
The purpose of the Evidence of Intent is to secure a) evidence of intent to sign and b) evidence of what Sign Material there was intent to sign, to avoid such rhetoric as exemplified by the example with the blue elephant and the pink sheep.
8.1.9 Append the Digital Signature Documentation (step 9)
The Digital Signature Documentation contains an algorithm for how to prove the document’s integrity mathematically. The document integrity can be tested mathematically with the help of a) the Digital Signature Documentation, b) a code published in the Financial Times after the date of sealing the document with the digital signature (step 10) and c) a keyless digital signature has been applied to the document after the date of publishing the code in the Financial Times (step 11). This document does require technical knowledge to be useful.
The purpose of the Digital Signature Documentation is to explain how the integrity of the Evidence Package can be verified independently of Scrive or any other third party. Note that the Digital Signature Documentation is not intended as the primary method for proving the document’s integrity. The use of the Digital Signature Documentation is intended as a last resort after which all other methods of verifying the integrity have failed. To clarify, the intended order for verifying the integrity of a document is:
- Scrive provides the primary method for verifying the integrity of a signature at https://www.scrive.com/verify. Here the document owner can upload the document and get an automated validation of the document integrity. This method does not require any technical knowledge to be useful.
- If this primary method for some reason fails to perform the verification of integrity then the digital signature provider, Guardtime (http://www.guardtime.com), can be contacted directly for verification. This second method also does not require any technical knowledge to be useful.
- Finally, if both previous methods have failed, the Digital Signature Documentation can be used to mathematically verify the document integrity.
8.1.10 Append the Digital Signature (step 10)
When the steps 1-9 have been performed the document is sealed with an industry standard digital signature from Guardtime to produce the complete Evidence Package (steps 1-10).
The purpose of the Digital Signature is to be able to prove the integrity of the Evidence Package with the help of public key infrastructure (“PKI”) and a certificate made public by Guardtime. Additionally the digital signature also has a function of a strong timestamp useful as evidence of time at the point of sealing the document. Learn more about this in the Digital Signature Documentation.
8.1.11 Append the Keyless Digital Signature (step 11)
Around the 20th each month Guardtime will make an updated Keyless Digital Signature available. Scrive eSign will apply the updated Keyless Digital Signatures on Evidence Packages that were produced by Scrive eSign before the 15th that month. For Evidence Packages produced by Scrive eSign on the 15th or later, Scrive eSign will instead apply Keyless Digital Signatures the next month.
The purpose of the Keyless Digital Signature, is that the integrity of the Evidence Package can be verified mathematically and independently of Scrive, Guardtime or any other third party, only relying on public information. Additionally, the verification will provide irrefutable evidence about when the timestamp in step 10 was generated. Learn more about this in the Digital Signature Documentation.
9. Document administration
Scrive eSign has a basic document management system. This system is described in this section.
9.1 Document list
9.1.1 List view
Initiated Workflows and Evidence Packages from completed workflows are displayed in a list with progress status, time of latest event, name of Initiated Workflow, Initiator, Parties and Delivery Method(s).
9.1.2 Learn more and manage workflow
By clicking the name of an Initiated Workflow, the User is redirected to the Document View where there is more information about the workflow progress and options to manage the workflow.
9.1.3 Mass-withdraw invitations
To withdraw an invitation to sign an Initiated Workflow, select Initiated Workflows by checking the checkboxes on the side and press “withdraw”. The invitation to sign the selected Initiated Workflows will be withdrawn and they will no longer be possible to sign. If a Signatory clicks an invitation link to a withdrawn document they will land in a landing page with an instruction that the Workflow Execution has been cancelled.
9.1.4 Send mass-reminder
To remind Signatories of an Initiated Workflow to sign, select by checking the checkboxes on the side and press “send reminder”. The reminder to sign the selected Initiated Workflows will be sent to all the Signatories that haven’t signed using the Delivery Method as initially selected by the Author. If a specific sign order has been defined the reminder will only be sent to the next Signatory in line for signing.
9.1.5 Delete
To delete an Initiated Workflow or Evidence Package from the list view, select by checking the checkboxes on the side and press delete. Initiated Workflows that are deleted will also automatically be withdrawn.
9.1.6 Filter and search
Filter documents based on workflow progress status, initiator and/or date. Search the list of Template Workflows with free text search. Matches will be provided for all free text data.
9.1.7 Download all documents
Select what documents to download and download a zip-file including the PDFs of the selected documents. The Main Document from Initiated Workflows will be downloaded in its current state and finalised documents will be downloaded as completed Evidence Packages.
9.1.8 Download metadata as CSV
By selecting this option metadata from all transactions will be downloaded as CSV. The metadata includes information about each Party and the most important activities of the Party during Workflow Execution.
9.2 Template Workflow editing list
9.2.1 List view
Template Workflows are displayed in a list time of latest change, name of Template Workflow, Initiator, Parties and Delivery Method(s). Deleted Template Workflows are deleted instantaneously.
9.2.2 Filter and search
Search the list of Template Workflows with free text search.
9.2.3 Delete
To delete a Template Workflow from the list view, select one or multiple templates by checking the checkboxes on the side and press delete.
9.2.4 Share
To share a Template Workflow in the list view with other Users in the same organisation, select one or multiple Template Workflows by checking the checkboxes on the side and press share.
9.3 Trash list
9.3.1 List view
Deleted Initiated Workflows, Template Workflows and Evidence Packages are displayed in a list with progress status, time of latest event, name of Initiated Workflow, Initiator, Parties and Delivery Method(s). Deleted documents stay in the list for one month before Scrive eSign deletes them permanently from the system.
9.3.2 Filter and search
Filter documents based on workflow progress status, initiator and/or date. Search the list of Template Workflows with free text search. Matches will be provided for all free text data.
9.3.3 Restore
To restore a document back to the documents list, select by checking the checkboxes on the side and press restore.
9.4 Auto-deletion of documents and personal data
This is a setting that will instruct Scrive eSign to auto-delete documents and personal data after a number of days as defined by the account administrator. This applies to all documents except templates and documents pending signing. Upon deletion the documents are moved to Trash.
10. Account administration
10.1 Organisation administration
Accounts in Scrive eSign are organised in organisations. Each User belongs to an organisation. The organisation settings will be used in the Users interactions with Parties when using the system.
10.1.1 Organisation details
In the account section it is possible to edit the organisation details. The organisation details include name, organisation number and address. The name and organisation number will be displayed whenever the User is displayed as Party to a Workflow Execution, including places such as the Sign View and the Verification Page. The organisation address and mobile number of the organisation’s administrators will be used for billing and support purposes.
10.1.2 White-label branding
There are two types of white-label branding in Scrive eSign: the Workflow Session branding and the complete white-label branding. In the account section it is possible to white-label the Workflow Sessions with the company brand profile, including a) the Sign View, b) the emails, c) SMS’ d) the logged in part (such as the Design View), e) the favicon, f) the browser title. The complete white-label branding can only be set by a Scrive administrator and additionally to the Workflow Session branding includes white-labeling of a) the login and signup views, b) party colors and c) document status icons.
10.2 User administration
10.2.1 User privileges
There are two levels of user privileges: standard and admin. The standard User can do everything as specified in the previous sections of this specification document. The admin User has the additional privileges as specified below.
Privilege |
Explanation |
---|---|
Edit company details |
Can edit the details of the organisation’s Scrive eSign account. |
Add user |
Can add users to the organisation’s Scrive eSign account. |
Remove user |
Can remove users from the organisation’s Scrive eSign account. |
White-label branding |
Can do Workflow Session branding for all users of the organisation’s Scrive eSign account. |
Access all documents |
Can access all documents of all Users in the organisation’s Scrive account. |
Manage all documents |
Can manage all documents of all Users in the organisation’s Scrive account. |
10.2.2 User management
In the account section the admin User can add Users by typing name and email address. The person will then be invited to have an account as part of the organisation of the inviting admin User. The Users of the organisation are displayed in a list and can be removed from the organisation by selecting the User and deleting it. All documents of that User will stay the property of the organisation.
Comments
0 comments
Please sign in to leave a comment.