The Signature Service for legally valid electronic signatures
Easily integrated remote signatures as a service – become a partner and accompany your customers into the digital future. The Signature Service is a cloud-based service allowing partner applications to sign legally electronic documents on behalf of electronic signing and time stamps. This makes it a core element of digitalisation.
Signature process
Natural Person & Legal Person

Natural person
A natural person or employee would like to sign a contract or any form of document. The personal signature is suitable for this purpose.
Legal person
A legal person needs a large number of electronic signatures for different types of file such as invoices, contracts etc. The seal is available for this purpose.
Identify once - sign multiple

In order to use the Signature Service, the natural person or the representative of a legal person must be identified once by an identification application. The identification is carried out via our Smart Registration Service (SRS), e.g. by using the free of charge Registration Authority App (RA App), SRS video or SRS bank or any other existing and approved (KYC) process. The RA App in SRS Direct offers everyone the opportunity to become a delegated registration authority by Swisscom and, as an RA agent, to perform the face2face identification of colleagues, customers or partners in your own comapany. Registers are additionally used to check organisation entries in the case of seals.
Authentication

A declaration of intent is requested for each personal signature. The declaration of intent is carried out with the authentication method defined during the course of the identification. As standard practice, Swisscom offers for verification of the signature the Mobile ID, Mobile ID authenticator app with fingerprint/ face recognition or a combination of password and one-time code via SMS. For seals, access certificates created by the organisation are used as a means of authentication in order to permit mass signatures.
Request of a signature or seal

A signature application, e.g. of a Swisscom partner or a self-created application, requests a signature from Swisscom. The application creates a document hash and transmits it to Swisscom.
After authentication and declaration of intent to sign, a one-time, short-term signature certificate is issued in the case of personal signatures. As a result, it is not necessary to provide a process for revocation of certificates. Only organisation seal certificates for seals are longterm certificates (e.g. 2 years).
Time Stamp

In addition to the signature, a time stamp can be used. The time stamp serves to verify that a signature was valid at a particular point in time and allows long-term validation of the signature after end of validity of the (short-term) certificate.
Signature application

A signature application individually created or obtainable in the market can be added to the All-in Signing Service. Swisscom does not offer a signature application on its own but recommends its partners. In this case, the documents for signature are displayed and prepared for signature. Only a value representing the document (known as “hash values”) will be transferred to Swisscom. Thus, Swisscom has no chance to read any content of the document. After the signature procedure the signed hash is returned to the signature application, which creates a signed document based on this signed hash. A lot of standard libraries on the market support the transformation document-hash-document.