Cygnature is a blockchain enabled document signing and authentication solution that is easy to use and is more secure than other e-sign solutions in the market. It has a multi-level security that allows a robust mechanism to permit access with different security clearances such as E-signature hardware key, biometrics, video/image proof, Aadhar KYC and/or OTP authentication, etc.
It has a multilayered secured signing process to maintain the document integrity. It replaces the manual signing process and paperwork to sign and notarize the legal and other documents thus reducing the cost and time. With the third-party tools integrated, the user can observe/witness the entire signing process online without having to be physically present for being a witness. It is a multi-tenant application that enables the client admin of the tenant to manage users, user privileges, manage roles, view logs and configure advanced settings.
Cygnature can be used anywhere to has to sign a document, which can any document from school certificates to contracts, HR documents, Legal documents etc.
The objective was to build a blockchain based, secure and easy to use and feature rich signing solution. The sole purpose behind building the application is to reduce the cost and time by reducing the manual paperwork and signing process. Since it is a blockchain enabled solution it is more secure since blockchain restricts tampering or deleting the signatures even if the system is offline.
Cygnature is a solution where a user gets various options on signing like Electronic, Digital or Bio-metric Signatures.
The objective was to build a blockchain based, secure and easy to use and feature rich signing solution.The solution would not only provide an interface for digital verifications, but also multiple verifications can be done such as hardware key verification, Biometric,Aadhar KYC, 2- level authentication, face, voice and retina recognition. For end to end document traceability. The entire signing process can be witnessed with the third-party toolintegration. The end user can download the recording of the entire verification process
thus making it more secure and transparent.
- Blockchain enabled secured digital signing process
- Cygnature has multi-layered secure signing process to maintain the document integrity.
- Cygnature uses one way process for digital signature
- Consolidated traceability files sealed in a blockchain
- Each document has a digital audit trail that records geo coordinates, browser/device, timestamp, etc.
- Provision for reverse verification, to validate whether the document was digitally verified or not.
- Cygnature utilizes world-class cryptographic algorithms to maintain the integrity and robustness of data.
- Comprehensive dashboard for a bird eye view of all the documents in the system along with their status.
- Cygnature becomes one solution for all signatures like Electronic, Digital or Bio-metric.
Any business owners or any sector of businesses which require authentication and transaction online with high level of security as well as tamper proof legalise signature can use this product profoundly.
The Finance, HR, Legal, Sales departments of organizations who are involved in paper signing can use Cygnature as a option to Paper signing.
• Enables signing contracts, invoices, work order, approvals and almost any paperwork in minutes.
• Blockchain enablement in the solution maintains highest standards in security and legality that you can trust.
• Best suited for simple and advanced workflows – selfsigning, in-person signing, or remote signing.
• Customizable with smart APIs to seamlessly integrate with your preferred email, cloud storage and business apps.
Login and Register
• Then login into the application using credentials.
• Upload your document that needs to be signed and you can also select the timeline of signature.
• Select your contacts as signers or just observers.
• Select your verification methods.(E-signature, hardware key, biometrics, video/image proof, Aadhar KYC and/or OTP authentication).
• Choose the area where you want the signature.
• Click on next and review the docs.
• That’s it,your signers will be notified and you can easily download the document when signers have signed the document.
A one-time password or pin (OTP) is a password that is valid for only one login session or transaction,on a computer system or other digital device.The most important advantage that is addressed by OTPs is that, in contrast to static passwords,they are not vulnerable to replay attacks(valid data transmission is maliciously or fraudulently repeated or delayed). Cygnature uses OTP for first factor authentication which is sent on you registered Mobile number.
Due to high level of security measures are kept in mind and confidentiality of your highly sensitive data,both type of verification is must.
-Cygnature is a multi tenant application, the client Admin of the tenant is a person who will Manage Users, user privileges, manage roles, view logs and configure advanced settings.
• Document Owner
-The document owner is the person who will upload the documents to be verified and signed by the signers and authorized by observer.
-The Signer will verify the uploaded document and provides signature with all the mandatory and additional verifications required on the uploaded document by the document owner. Signers of a document can be multiple.
-The observer will review/witness the entire signing process to keep a check on all updates happening during the signing process.
It displays the total count of unsigned documents uploaded by the logged in user.It includes the documents uploaded by user and also unsigned by him.On click will redirect to the list of documents under the status ‘Unsigned’.
It displays the total count of documents signed by some of the assigned users, but remaining by others. On click will redirect to the document listing screen under the status ‘Waiting for Others’.
It displays the total count of documents signed by all the assigned users. On click will redirect user to the document listing screen of documents under the status ‘Signed’.
As a document owner uploads a document he/she sets a due date of signing for that document. It displays the documents which are dated to be signed by all the assigned users and forthcoming document end date. On click will redirect user to the document listing screen of documents under the status ‘Expire Soon’.
You need to add contacts to show some contacts.You can add contacts by either manually clicking on ‘+’ sign button or you can bulk
import the contacts from outlook/Gmail using the given xls format.One need to register on Cygnature to be visible on contact list.
You can upload your documents under ‘Upload your documents’ section.You can upload via drag and drop or you can select file from your computer/Google drive or Dropbox.
In this option,you can schedule a live video recording of every signers or observers which will be involving signing the documents. In a LIVE video, Cygnature will record the signing process LIVE using a Webcam and Microphone. Additionally Cygnature will also record the screen on which the Signing process is done.
The Signer will verify the uploaded document and provide his signature with all the mandatory and additional verification’s required on the uploaded document by the document owner. Signers of a document can be multiple.
Yes the Signatures in Cygnature are LTV enabled, the sign-time is captured inside the PDF Document and the PDF Viewer will validate the signature using all the proof that are contains directly inside the PDF.
Yes, it is necessary to register for both observer and signer.One can send invite link to respective signers to on board for signing the document.
We are using blockchain in backend which provides maximum level of security by encrypting your file as well as encrypting your signature with generation of unique hash code. The blockchain enablement helps the document in being tamper proof and hence offering no changes in the document or the signing process.
• Authentication – Proving who created or changed the document.
• Non-repudiation – Not allowing someone to deny that they created or changed the document, as long as each iteration is stored in the blockchain.
A Blockchain certificate records the signing process by keeping track of Signers following parameters
- IP Address of Signers
- Time and Date of Singing’
- Geo Location
- Latitude Longitude
There are typically three algorithms involved with the digital signature process:
• Key generation – This algorithm provides a private key along with its corresponding public key.
• Signing – This algorithm produces a signature upon receiving a private key and the message that is being signed.
• Verification – This algorithm checks for the authenticity of the message by verifying it along with the signature and public key.
The IT Act recognizes thefollowing two types of signatures:
(1) E-signatures that combine an Aadhaar with an eKYC service
Users with an Aadhaar ID, the unique identification number issued by the Indian government to all Indian residents, are free to use an online e-signature service to securely sign documents online. In this case, the online e-signature service integrates with an Application Service Provider (ASP) to provide users with a mobile or web app interface that they can interact with.
(2) Digital signatures that are generated by an asymmetric crypto-system and hash function
An ‘asymmetric crypto system’ refers to a secure pair of keys: a private key and a public key. Both are unique to each user and can be leveraged to verify and create an e-signature.
Here are the 5 criteria that e-signatures need to satisfy in order to be valid as per the IT Act:
(1) E-signatures must be uniquely linked to the person signing the document. This condition is often met by issuing a digital-certificate-based digital ID.
(2) At the time of signing, the signer must have total control over the data used to generate the e-signature. Most online e-signature service providers allow signers to directly affix their e-signature to the document in order to meet this requirement.
(3) Any alteration to the affixed e-signature, or the document to which the signature is affixed, must be detectable. This is often met by encrypting the document with a tamper-evident seal.
(4) There should be an audit trail of steps taken during the signing process.
(5) The digital signature certificate must be issued by a Certifying Authority (CA) recognised by the Controller of Certifying Authorities (CCA) appointed under the IT Act.
No. Certain documents that require a notarial process or must be registered with a Registrar or Sub-Registrar, can only be executed using handwritten signatures to be legally enforceable. These primarily include:
(1) Negotiable instruments such as a promissory note or a bill of exchange other than a cheque
(2) Powers of attorney
(3) Trust deeds
(4) Wills and any other testamentary disposition
(5) Real estate contracts such as leases or sales agreements
Yes, it states that “All electronic signatures must meet the ESIGN, UETA and GPEA definition of electronic signature, or the basic definition of an electronic signature as required by other national and local legislation.”
Following are the parameters –
• Intent to sign
• Consent to do business electronically –
Electronic records may be used in transactions with consumers only when the consumer has:
Received UETA Consumer Consent Disclosures
Affirmatively agreed to use electronic records for the transaction
Has not withdrawn such consent
• Association of signature with the record – In order to qualify as an electronic signature under the ESIGN Act and UETA, the system used to capture the transaction must keep an associated record that reflects the process by which the signature was created, or generate a textual or graphic statement (which is added to the signed record) proving that it was executed with an electronic signature.
• Record retention
• Opt Out Clause
• Providing Signed Copies
• The ESIGN Act is a federal law passed in 2000. It grants legal recognition to electronic signatures and records if all parties to a contract choose to use electronic documents and to sign them electronically.
• UETA(Uniform Electronic Transactions Act ), a precursor to the ESIGN Act, was introduced in 1999 and has been adopted by 47 U.S. states, as well as the District of Columbia and the U.S. Virgin Islands.
• Among other things, UETA provides that when a law requires either a writing or a signature, an electronic record or an electronic signature can satisfy that requirement when the parties to the transaction have agreed to proceed electronically.
• UETA and the ESIGN Act solidified the legal landscape for use of electronic records and electronic signatures in commerce by confirming that electronic records and signatures carry the same weight and have the same legal effect as traditional paper documents and wet ink signatures.
Both laws provide the following:
• No contract, signature, or record shall be denied legal effect solely because it is in electronic form.
• A contract relating to a transaction cannot be denied legal effect solely because an electronic signature or record was used in its formation.
• If a law requires a record in writing,an electronic record satisfies the law.
• If a law requires a signature,an electronic signature satisfies the law.
• Does not apply to birth,death,wedding,wills,etc. are exempted.
The state of Illinois has not adopted UETA.However, in 1999, Illinois enacted electronic signature law which favors some types of electronic signature as more trustworthy than others.Under the law,the most secure type of electronic signature is the “secure electronic signature”.Secure electronic signatures are presumed valid under the law unless there is evidence to the contrary. Under the law, it is deemed “secure” if :
• It is created in a manner that can be considered commercially reasonable under the circumstances
• It is applied by all parties sin a trustworthy manner that can be verified.
• It can be reasonably and in good faith relied upon by all parties.
• Both parties agree that the signature is “secure”.
• It is created using an asymmetric algorithm certified by the Secretary of State.
• It is created using a valid certificate issued by a CA in accordance with standards set by Secretary of State within the scope specified in the valid certificate, and can be verified via the valid certificate public key.
The state of New York(NY) has not adopted UETA.However, since 2000,electronic signatures have been legally binding in New York under the Electronic Signatures and Records Act(ESRA). This law broadly established the legal equivalence of electronic and handwritten signatures.
• This law broadly established legal equivalence of electronic and handwritten signatures.
• ESRA also created the role of the “electronic facilitator” within the NY Office of Information Technology Services.
• In New York,electronic signatures have the same legal validity as handwritten signatures.
The state of Washington has not adopted UETA.However,Washington did enact the Washington Electronic Authentication Act to facilitate e-commerce and minimize fraud,as well as to ensure the security and integrity of “e-messages”.
• It includes wording to ensure that electronic signatures are not refused legal recognition and regulates CAs.
• In Washingtonthe Secretary of State licenses and regulates CAs and oversees the rules and policies around using them.
• In order to be considered for government useCAs must pass specific requirements and prove that they have a trustworthy system.
• The Secretary of State conducts periodic compliance audits of CAs and can even CAs in violation.
South Africa generally follows the EU Directive on Electronic Signatures. It is considered a two-tier jurisdiction because it gives digital signatures the same status as handwritten signatures but also recognizes simple electronic signatures as legal and enforceable.
• Countries that follow this model give companies the opportunity to select different forms of signatures and customize their business processes based on the form that is most convenient and appropriate for each use case.
• Consent is the prerequisite for allowing electronic signatures. However, according to Section 13(5) of the Electronic Communications and Transactions Act,if the parties have not agreed on a specific type of electronic signatureas long as there is
• A method to identify the person and to indicate the person’s approval of the information communicated.
• The method is reliable and appropriate for the purpose for which the information was communicated, electronic signatures are also legal, admissible and enforceable in South Africa.
Under UAE law, a written signature is not necessarily required for a valid contract – contracts are generally valid if legally competent parties reach an agreement, whether they agree verbally, electronically or in a physical paper document. To prove a valid contract, parties sometimes have to present evidence in court.
• Leading digital transaction management solutions can provide electronic records that are admissible in evidence, under UAE laws, to support the existence, authenticity and valid acceptance of a contract.
eIDAS(electronic IDentification, Authentication and trust Services) sets outs two types of electronic signature, ‘Advanced’ and ‘Qualified’.
• ‘Advanced Electronic Signature’ is defined in Article 26:
1. it is uniquely linked to the signatory;
2. it is capable of identifying the signatory;
3. It is created using electronic signature creation data that the signatory can, with a high level of confidence, use under his sole control; and
4. It is linked to the data signed therewith in such a way that any subsequent change in the data is detectable.”
• Legalesign offers ‘Advanced Electronic Signature’.
• ‘Qualified’ signatures are based on ‘public-key infrastructure’ technology (PKI) and, together with a set of regulations on issuance and trust, provide a framework to add a strong level of authentication and encryption.
• eIDAS also entrenches past commitments that underpin electronic signature, for example, the provision that an electronic signature “shall not be denied legal effect and admissibility in legal proceeding soley on the ground that is it an electronic form or that it does not meet the requirements for qualified signature”. (Article 25.1)
• In the UK, Qualified Certificates are largely unused because there is no practical way to access and apply them. They are better understood in EU countries where there is a national ID scheme, for example in Spain and Estonia. Citizen IDs can become a ‘qualified certificate’ and thereby provide an avenue for Qualified Signatures to be rolled out and adopted across a whole population.