Every company operating in the EU and in many other regions needs some Qualified Electronic Signatures (QES) if they want to become fully digital. In most countries contracts like employment contract, employment contract termination, warranties, IP transfer or many other types need QES to be valid. Usually these documents are handled on paper but who wants to have some documents on paper and some digitally on the cloud?

If you are helping these companies create electronic signatures and you are not able to create to create electronic signatures that fully satisfy “Written form” requirements then your business must be really tough and is going even tougher as soon all your competitors can do QES with all the local and popular signatures methods that people already have set up.

Let’s examine the minimum setup here that gives you access to a lot of different local and popular qualified trust service providers through eID Easy identity based signature marketplace. There are also other options where the user experience is fully under control and signature requires only document SHA256 hash. In this case lets talk and we can guide you further if you book a meeting in here https://meetings.hubspot.com/joao-rei

There are 3 basic steps to get everything done

  1. Prepare signature by sending the file to be signed to eID Easy over the API
  2. Show the signature creation view hosted by eID Easy and let the user sign the document
  3. Listen to the webhook about signature completion and download the signed file

Test environment information is listed here https://eideasy-docs.netlify.app/electronic-signatures/. It is recommended to use Smart-ID test accounts during testing. If you get signatures working with one method then eID Easy will guarantee that all other signature methods will work as well.

This is all very simple but there are a few more details to consider.

Configuration

eID Easy has very transparent pricing with prices similar to the cost of direct integration of the Qualified Trust Service Provider  (QTSP). You need to charge customers the cost of signatures and it might mean complex billing system change which we want to avoid. In the beginning our recommended way is to keep your pricing as it is per user or per envelope so no change is needed there.

This can be done if you ask your users to sign up at the eID Easy and register their credentials in the configuration page.

Development needs: Add 2 form fields and 2 new database fields where the user client_id and secret can be saved at the user general configuration page.

Estimated work effort: 1h.

Requesting signatures

If your Signature Portal does not have any Qualified Electronic Signature support at all then it is very likely that you are modifying the original PDF and adding an additional audit trail page to the end of the document. With Qualified Electronic Signatures it is not possible anymore because signer must see the final document without any further modifications. If one signature is applied then the only change you can do is applying more signatures.

It is possible to mix different levels of signatures on one document but at first it is recommended to let the signature requester choose if the document should have only certificate based Qualified and Advanced signatures or use your existing Simple Electronic Signature process. Qualified Electronic Signature does not need any audit trail so you can skip modifying the signed PDF in the later phases.

Development needed: Create 1 database field and add toggle button to the signature request page for selecting if signature needs to be qualified or simple.

Estimated work effort: 1h

Signing the document

Next change comes to the signature page. Based on the previous SES/QES choice either nothing changes or you show a button that initiates QES signing using eID Easy.

If the user clicks on the sign button then you need to make a POST query {{url}}/api/signatures/prepare-files-for-signing to get everything ready for QES signing and get in return the doc_id. Use your internal transaction ID and set it as the URL parameter in the signature_redirect URL. When the user comes back from signing then you know what transaction is this about.

Use the returned doc_id and previously saved client_id to open in a popup page or redirect user with following URL template https://id.eideasy.com/sign_contract_external?client_id=CLIENT_ID&doc_id=DOC_ID. On this page eID Easy will show the user the preview of the document to be signed and allows users to choose the QTSP and signature solution to create the signature. If the signature has been completed then the user can be redirected back or the popup closed. eID Easy will also send server to server webhook notifying about signature completion.

Development needed: Show QES signing button based if needed, make one API call and open popup or redirect user to the signature page.

Estimated work effort: 2h

Finishing signature process

Once the signature is completed then you need to download the signed file. You can use a webhook that sends back the notification_state value that you set in the “prepare-files-for-signing” API call that tells you what document was signed.

You can listen to the webhooks as described here https://eideasy-docs.netlify.app/electronic-signatures/signature-webhooks. Once you learn that the signature has been completed then download the final file and save it next to all your other signed documents. API call for that is {{url}}/api/signatures/download-signed-file

Development needed: develop one API call that listens to incoming webhook, call one API in that listener.

Estimated work effort: 2h

With this you have Qualified Electronic Signatures integrated to your signature portal with one good engineer in less than a day.

Once you go live with the MVP then you are already much more competitive and after you see QES volumes growing then you can set up a planning call with the eID Easy team to help you prepare the best plan for further developments. Book a meeting for that in here https://meetings.hubspot.com/joao-rei

Categories: