Often people ask, “How do you know who signed?” when using the DocuSign e-signature system. By using one or more authentication tools available to all senders, you can verify and have a record of the identity of your signers!
The authentication checks applied for a Recipient are logged in the Envelope’s Certificate of Completion, offering evidence of the measures the Recipient passed for access to the Envelope. When an external service is used, such as ID Check, STAN and Phone Authentication, an identifier from the external system is included in the evidence to enable cross-reference to those systems for additional details.
Additionally, each passing or failing authentication attempt is included in the Envelope’s audit trail.
In the case of Embedded Signing, where the Recipient navigates into the DocuSign Envelope via a web portal (such as a browser), the authentication performed is also logged into the Certification of Completion.
Several other features relate to User authentication before allowing access to Envelopes. A Sending Account administrator configures these features.
In-Person Credentials
When using the DocuSign In-Person signing process, the administrator can define the credentials the signing witness must collect prior to witnessing the signature. This can be any form of authentication, such as Drivers License, Social Security number, account number, etc. The system then stores this information into the audit trail. This feature is specific to In-Person Recipients.
Integrated Authentication
When integrating DocuSign into host applications using embedded signing, DocuSign can leverage any authentications provided by the host system, such as login or other forms that were required to reach the embedded signing session.
Multi-Layer Authentication
DocuSign can also be configured to request multiple layers of authentication for signers. This means they must pass more than one level to access and sign their documents. This is often used when dealing with financial transactions that require a high degree of certainty. Multi-Layer authentication is required by the Federal Financial Institutions Examination Council (FFIEC) for example.
Security Workflows
The DocuSign system enables the creation of hierarchical workflows that will adapt the authentication features based on whether the Recipient passed/failed previous authentication checks. For example, the Recipient will go through ID Check. If they pass ID Check, they can continue. If they fail ID Check, the Recipient would go through Phone Authentication.
Recipient-based Authentication
The Authentication options described above are tied to a Recipient on an Envelope. For Envelopes with multiple Recipients, you can apply different options to each Recipient.
Login Requirements
Three options can describe how Recipients should log into the DocuSign system prior to accessing Envelopes. They relate specifically to Registered DocuSign Users, who have created a DocuSign password.
Login Requirements do not apply to Embedded Signers.
You can set the length of time a successful authentication will be valid, so that even if you set an authentication for the signer, if they have previously passed authentication inside the time window set (a week, month, etc.), they will not have to re-authenticate.
Another setting can ensure that not only do signers have to authenticate the first time they access an envelope, but also they must pass this authentication EVERY TIME from then on. They can still log into their console, but to view the contents of the envelope, they must pass whatever authentication was set. This should only be used with highly sensitive documents, and using authentication methods that make sense for repeat accesses like Access Code or perhaps Phone Authentication.
I also wanted to know the same point. Thanks for explaining all the authentication options. My friends are also looking for this detail, I will do share the detail with them.
ReplyDeletee signatures