Natural Person & Legal Person
A natural person or employee would like to sign a contract or any form of document. The personal signature is suitable for this purpose.
A legal person needs a large number of electronic signatures for different types of file such as invoices, contracts etc. The seal is available for this purpose.
Identify once - sign multiple
In order to use the Signature Service, the natural person or the representative of a legal person must be identified once by an identification application. The identification is carried out via our Smart Registration Service (SRS), e.g. by using the free of charge Registration Authority App (RA App), SRS video or SRS bank or any other existing and approved (KYC) process. The RA App in SRS Direct offers everyone the opportunity to become a delegated registration authority by Swisscom and, as an RA agent, to perform the face2face identification of colleagues, customers or partners in your own comapany. Registers are additionally used to check organisation entries in the case of seals.
A declaration of intent is requested for each personal signature. The declaration of intent is carried out with the authentication method defined during the course of the identification. As standard practice, Swisscom offers for verification of the signature the Mobile ID, Mobile ID authenticator app with fingerprint/ face recognition or a combination of password and one-time code via SMS. For seals, access certificates created by the organisation are used as a means of authentication in order to permit mass signatures.
Request of a signature or seal
A signature application, e.g. of a Swisscom partner or a self-created application, requests a signature from Swisscom. The application creates a document hash and transmits it to Swisscom.
After authentication and declaration of intent to sign, a one-time, short-term signature certificate is issued in the case of personal signatures. As a result, it is not necessary to provide a process for revocation of certificates. Only organisation seal certificates for seals are longterm certificates (e.g. 2 years).
In addition to the signature, a time stamp can be used. The time stamp serves to verify that a signature was valid at a particular point in time and allows long-term validation of the signature after end of validity of the (short-term) certificate.
A signature application individually created or obtainable in the market can be added to the All-in Signing Service. Swisscom does not offer a signature application on its own but recommends its partners. In this case, the documents for signature are displayed and prepared for signature. Only a value representing the document (known as “hash values”) will be transferred to Swisscom. Thus, Swisscom has no chance to read any content of the document. After the signature procedure the signed hash is returned to the signature application, which creates a signed document based on this signed hash. A lot of standard libraries on the market support the transformation document-hash-document.