IDnomic Sign

Electronic signature verification and creation

How can you create electronic signatures, verify them, and guarantee document integrity?

In environments that require a high level of trust, such as government, finance or healthcare sectors, advanced or qualified electronic signatures are highly advised.

In a context where organizations are moving to paperless transactions, it is necessary to electronically sign documents,guarantee their integrity and produce proof of acceptance by the signer. The signature must be strictly verified in order to detect any possible cause for invalidity. Atos, a European leader in IS security, provides IDnomic Sign, a complete solution for creating and verifying electronic signatures.

NEW !
Metasign becomes IDnomic Sign, to continue to keep control over the security of your electronic signatures

Follow or contact us:
Linkedin | Twitter

Immediate verification (and augmentation)

IDnomic Sign verifies cryptographic signatures following their creation and adds the necessary information to maintain their long-term validity with report generation.

Signature formats

IDnomic Sign supports advanced electronic signatures that conform with the CMS, CAdES, XAdES and PAdES technical specifications, as defined by ETSI.

Expertise

As a European security leader, Atos has developed unique expertise in securing information systems, delivering consultancy, integration and expertise services in trust technologies.

eIDAS regulation

The eIDAS regulation allows the European Union to provide a legal framework for transnational digital transactions. Its goal is to enhance trust in electronic exchanges by establishing a framework for electronic identification and trust services, including electronic signatures. Thus, the eIDAS regulation enhances the transparency and reliability of transactions.

Discover how Atos solutions can help you become compliant with eIDAS.

More information

Use case: Digital signatures for healthcare organizations

How can you improve the paperwork productivity in your hospital?

Healthcare organizations can struggle with administrative costs, often due to a reliance on paper-based processes. In their journey to reduce paper, hospitals can adopt digital signatures or expand them to more departments in order to:

  • Ensure the integrity of signed documents and verify the identity of the signer (patient, doctor or administrator) to ensure they are only working with trusted actors
  • Benefit from timestamping to be able to verify signatures in a long-term perspective >>
  • Simplify archiving, save money on printing and scanning, and reduce the time spent on paper processing
More information

Enhance paperwork process efficiency and reliability with digital signatures.

Norms and standards

Certificate format compliance with ITU-T X.509v3, RFC 5280 and RFC 3739

XAdES: XML Advanced Electronic Signature ETSI TS 101 903

CAdES: CMS Advanced Electronic Signature ETSI TS 101 733

PAdES: PDF Advanced Electronic Signature ETSI TS 102 778 including LTV format (part 4) and visual of signature (part6)

XML signature policy ETSI TR 102 038

RFC 3161: Time Stamp Protocol

Authentification Open ID Connect for the API REST

PKCS#11 for interfacing with a Hardware Security Module (HSM)

Local credentials

Compliance

Compliant with European directive 1999/93/CE

Compliant with eIDAS regulation

System requirements

IDnomic Sign work with Java 8 runtime

The IDnomic Sign iplementation of norms and standards is validated through frequent participation in ETSI interoperability plugtests

Server solutions IDnomic Sign is running on Linux platforms (Red Hat or SUSE). These solutions are fully integrated and delivered with open source international components Apache, PostgreSQL, Tomcat, Keycloak(IDP) and Ansible (install script).

Electronic signatures guarantee the integrity of documents and identify the signers. Once a signer has produced a signature and the signature has been verified, the signature is secure and may no longer be repudiated.

Each signer (e.g. a user or an application) uses a signature key pair (a public key and a private key) and a public key certificate generated by a Certification Authority. IDnomic Sign can use signature certificates generated by the IDnomic PKI solution or other PKI products.

The server can be used to sign in the name of an entity (seal signature) or to sign in the name of a physical person with a secured management of the signer’s bi-keys.

The signers can use signature certificates stored in a smart card they hold, or certificates centrally located at the IDnomic Sign server.

IDnomic Sign creates and verifies electronic signatures using the following formats: CMS, CAdES, XAdES or PAdES, and in conformance with declared signature policies. IDnomic Sign supports time-stamping tokens generated by Atos Metatime or by other time-stamping solutions.

IDnomic Sign supports the following functions:

  • Signature creation: creation with the requested format using the signature policy and the configured cryptographic token; multiple signatures and co-signatures are supported
  • Immediate verification (and augmentation): cryptographic signature verification following its creation and adding the necessary information to maintain its long-term validity with report generation
  • Subsequent verification: verification by relying parties and generation of a report

Related resources

Atos cybersecurity electronic signature Metasign

Factsheet

IDnomic Sign: A reliable signature creating and verifying secure transactions

As organizations move to paperless transactions, it is necessary to electronically sign documents to guarantee their integrity and produce proof of acceptance by the signer. The signature must be verified strictly so as to detect any possible cause for invalidity.

Atos cybersecurity Digital signature infographic 2

Infographic

Four steps to deploy your digital signature project

In environments that require high levels of trust, advanced electronic signatures are highly advised. But where to begin?

This infographic shows how to manage your project, from the identification of your security needs to the implementation and launch itself.

Atos Cybersecurity IDnomic Digital Signatures Security

Expert advice

Digital signatures: A security imperative for today’s open and fast-paced world

Pierre-Jean Aubourg, Director of Professional Services in the Atos IoT Security department, demonstrates how digital signatures improve the user experience while enhancing security, and shares best practices for implementing a digital signature solution.

Atos cybersecurite Time stamping Metatime

Factsheet

Metatime: A time-stamping service

Organisations moving to paperless exchanges, whether for internal communications or for relationships with partners or customers, may be required to demonstrate that certain transactions or actions occurred before a given date and time…

More information >>

Interested in our IDnomic Sign solution?