Signature Service - Swisscom Trust Services

The All-in Signing Service for electronic signatures

Easily integrated remote signatures as a service – become a partner and accompany your customers into the digital future. The All-in Signing Service is a cloud-based service allowing partner applications to sign legally electronic documents on behalf of electronic signing and time stamps. This makes it a core element of digitalisation.

Pan-European

The All-in Signing Service is a unique solution from a European manufacturer covering the two legal jurisdictions: EU/EEA (eIDAS Signature Regulation)* and Switzerland (ZertES Signature Act). An interface for signatures and seals. Our support speaks your language: German, English, French and Italian.

Easy

An app free of charge (RA App) enables your customers to easily identify your colleagues, customers and partners. Or you use identification data that is already available, such as that provided by banks or recognised E-IDs – also for verified signature. We are constantly expanding our offer to add remote video, bank ID and eID identification.

Flexible

We also integrate your identification or authentication process. Otherwise, you can use our Mobile ID free of charge in Switzerland or a combination of password and one-time code via a text message on an international level. In 2020 you can use our authenticator app – sign by biometry. Our APIs are based on standards and are open.

White Label

Thanks to one-time signature certificates, the signee does not need an account with us for annulment. The signee does not contact us. You enjoy the advantages of the market leader for security in Switzerland with georedundant computer centres. Your signature application remains the face to the customer.

Partner network

Your IT is not able to build a signature application? Numerous partner applications have already implemented the All-in Signing Service and offer either industry-specific or generally installable solutions or web portals for signature. As an end user, you will find our partners here.

Trustful

The request for signature contains only a hash of the document data to be signed. Swisscom cannot read the content of the document. The identification verification and signing request is processed in geo-redundant data centers in Switzerland. Auditors continously verify that all regulations are considered for the law in Switzerland and in the EU.

Our portfolio for companies

Seals (Organisation signatures)

Company

Advanced signatures for legal persons

For mailing large volumes of documents and invoices or for scanning of paper documents.

Ensuring integrity, time and authenticity

Personal Signatures

Natural person

Qualified and advanced signature for natural persons

For online signature portals and signature applications

Ensuring integrity, time and authenticity and replacement for handwritten signature

Signature process

Natural Person & Legal Person

Natural person
A natural person or employee would like to sign a contract or any form of document. The personal signature is suitable for this purpose.

Legal person
A legal person needs a large number of electronic signatures for different types of file such as invoices, contracts etc. The seal is available for this purpose.

Identify once - sign multiple

In order to use the All-in Signing Service, the natural person or the representative of a legal person must be identified once by an identification application. The identification is carried out using the Registration Authority App (RA App) that is available free of charge, a video identification or another already existing agreed and authorised (KYC) process. The RA App offers anyone the opportunity to become the extended arm for the Swisscom registration office and to act as an RA Agent for purposes of carrying out the identification of colleagues, customers or partners in a company. Registers are additionally used to check organisation entries in the case of seals.

Authentication

A declaration of intent is requested for each personal signature. The declaration of intent is carried out with the authentication method defined during the course of the identification. As standard practice, Swisscom offers the Mobile ID or a combination of password and one-time code by text message for the verified signature. Starting in 2020 also an authenticator app with fingerprint/face ID will be available. Access certificates prepared by the organisation are used as a means of authentication in the case of seals in order to permit mass signatures.

Request of a signature or seal

A signature application, e.g. of a Swisscom partner or a self-created application, requests a signature from Swisscom. The application creates a document hash and transmits it to Swisscom.

After authentication and declaration of intent to sign, a one-time, short-term signature certificate is issued in the case of personal signatures. As a result, it is not necessary to provide a process for revocation of certificates. Only organisation seal certificates for seals are longterm certificates (e.g. 2 years).

Time Stamp

In addition to the signature, a time stamp can be used. The time stamp serves to verify that a signature was valid at a particular point in time and allows long-term validation of the signature after end of validity of the (short-term) certificate.

Signature application

A signature application individually created or obtainable in the market can be added to the All-in Signing Service. Swisscom does not offer a signature application on its own but recommends its partners. In this case, the documents for signature are displayed and prepared for signature. Only a value representing the document (known as “hash values”) will be transferred to Swisscom. Thus, Swisscom has no chance to read any content of the document. After the signature procedure the signed hash is returned to the signature application, which creates a signed document based on this signed hash. A lot of standard libraries on the market support the transformation document-hash-document.