Electronic Signatures
Overview
frevvo supports two types of Digital Signatures. No special hardware is required. All you need is a smartphone or a computer with a browser that supports HTML5.
Signed Sections - Users authenticated to the frevvo server, or in some cases by email, can digitally sign a section in a form/workflow, lock it down and prevent tampering with the data. A signed section creates a digital signature over the contents of the section, and if set to Wet Signature type, also captures a handwritten signature image. If legally binding signatures and/or authentication are required, Signed Sections should be used.
Signature Control- frevvo also offers a Signature control that allows any user, including anonymous users, to sign electronically using either a trackpad/mouse, stylus or a touch screen in use mode. Both authenticated and non-authenticated users may sign a form using a Signature control from the palette. The signature control only captures a handwritten signature image. It does not create a digital signature.
Learn more about digital signatures in our blog article, "What Makes Electronic Signatures Legally Binding?" or view this video.
Which Signature Should I Use?
Use this chart to help select which type of signature to use based on factors that are commonly used to determine legally binding signatures:
Feature | Signature Control | Signed Section (Wet or Text/Image) |
---|---|---|
Requires Authentication | No - can be used by anonymous users | Yes - via frevvo User auth or, for workflow steps assigned to email, by email |
Secure from tampering | No | Yes |
Automatically disable section and set date | No - but can be done with business rules | Yes |
Legally Binding | Maybe | Yes |
Digital Signatures
This paragraph applies to Signed Sections. Signed Sections may be used by an authenticated frevvo user, who will be required to login, or by an email user who will be required to supply the correct email as well as first and last name to authenticate the signature.
frevvo uses public key cryptography. When a frevvo server is first started, it generates a public and a private key. This is automatically generated using the RSA algorithm. There is no official certificate authority (CA); however, if you want one you can supply your own public and private keys that are certified by some authority (like Verisign). An official CA is not required since the data is signed by and verified by frevvo using keys generated by frevvo. You must keep the private key "private" by setting up good security practices to the frevvo server's disk. The public key may be shared with anyone and, in fact, if you manage the server as the admin user, and click on Security you can see the public key displayed there.
When a section is signed, the data in the section, together with a time stamp, the signing user, and a few other things are used to generate a message digest. The message digest is digitally signed using the private key. The signatures (there can be more than one) are included with the submission – in the repository and sent in the HTTP POST so you can save it yourself if you want.
When the form is re-initialized from the submission documents, you must also supply the signatures. The initialization process will verify that the data has not changed (i.e., has not been tampered with) and the signature is still valid. If the signature is not valid, it is removed and the entire Section is displayed with a visible error (large red background). If it is valid, there is a green background and the Section cannot be edited.
One way signatures become invalid is when the production form is changed to remove a control that was inside a signed section. See Admin Best Practices for updating a form/workflow in production.
Signed Sections
frevvo provides true digital signature functionality via a Section control in your form. The user signs a specific Section so that different parts of the form can be signed by different people rather than a signature being applied only to the entire form. Signed sections provide authenticated digital signatures with either a Wet Signature or Text/Signature Image type of signature.
Adding a Signed Section to Your Form/Workflow
You can configure any section(s) in your form as Signed Sections.
When you create a workflow using Approval Steps with the Workflow Design Wizard, or add steps using the Add Step Wizard, frevvo automatically creates Signed Sections for you!
Select a Section control on your form and click the Security tab in the properties panel. The bottom portion of the tab is relevant to signatures. Refer to Security Properties for information on the Role dropdown. The dropdown select has three options, and the default value is None Required.
None Required - no signature required, section not digitally signed.
Text/Signature Image - An uploaded signature image for the user will be used if one is available. The user's name will be printed otherwise. The date of the signature, based on the user's browser settings, will also display.
Wet Signature - frevvo will present the signature entry dialog to capture the user's signature. The date of the signature, based on the user's browser settings, will also display.
The Lock sign means that the next person in the workflow can not remove the signature and edit the signed data. A good use case is an employee performance review where the manager starts the form, signs the review, and sends it to the employee. You would check Lock sign so the employee cannot unsign and edit the data entered by the manager.
The Must sign property makes the signature required. With Must sign, a form cannot be submitted or a workflow is not sent to the next person until the signature is added. Checking Must sign will disable the None Required option from the Signature dropdown and automatically selects Text/Signature Image. You can change the Signature dropdown to Wet Signature.
Sections that are hidden/not hidden via a rule or the Visible property in the designer, behave as stated below with respect to Must Sign:
If the must sign section is visible, then you must sign to make the form valid, regardless of the section's required status.
If the must sign section is hidden and required and contains required controls, then the form cannot become valid.
If the must sign section is hidden and not required, then the section becomes valid and the form becomes valid.
Sections configured for wet signatures will "fall back" to using Text/Signature Image signature format if the browser you are using does not support HTML5 canvases.
Forms and workflows can be made accessible to help individuals with visual and motor impairment. Refer to this topic for the behavior of the Wet Signature control when this property is checked.
Using Signed Sections
Let's look at the user experience when filling out a form with a Signed Section.
Consent to Sign
A consent to digitally sign statement is provided above the Sign this section button. It reads "By clicking the button below, you consent to the use of digital signatures." This element cannot be changed.
Signing
Click anywhere in the signature panel or click the Sign this section button to sign.
Signed Section configured with the Wet Signature type will display a popup to capture the signature drawing via mouse, touchscreen, or signature pad.
Signed Section configured with the Text/Signature Image type will display the signature image, or if none is available, will display the message digest (first name, last name, and date).
Signed Sections on workflow steps assigned to an email will display additional fields in the popup to verify the signature and capture the first and last name. Those set to the Wet Signature type will also capture the signature drawing.
If the email entered does not match the email assignment, the error message "Does not match the email address in the notification" will be shown and the signature will not be accepted until the correct email address is provided.
If a user clicks the Sign this section button and there are invalid or empty required controls in the section, they will see this error "You cannot sign this section yet because one or more required fields may be missing values and/or contain an invalid value. Please correct the highlighted fields."
Authentication
Here's how the authentication works:
When used in a standalone form or the first step of a public workflow, the user must be logged in to frevvo in order to sign the section.
When used in a Workflow Step, this type of signature will authenticate the signer based on the Workflow Step assignment.
If the Workflow Step is assigned to a frevvo User, that person must log in to perform the step and sign the section.
If the Workflow Step is assigned to an Email address, when the anonymous user clicks to sign they will be prompted to enter the correct email address along with their first and last name to authenticate.
When the user signs and clicks Continue/Submit, a unique signature ID is created. You can see this ID under the signature on future steps and on the completed submission.
Signed sections that are authenticated based on the logged in user will display "Digitally Signed (identity verified)" above the signature. Signed sections that are authenticated based on email address will display "Digitally Signed (email verified) above the signature.
After Signing
Once the user signs, all of the controls in the section become disabled and cannot be edited unless the user clicks Edit this Section. Clicking anywhere in the signature panel or on the Edit this section clears the signature and the date. The user can sign again, if desired.
Public forms that include a digital signature require a login. When the user clicks to save or sign, they will be prompted with the login screen.
Rules that result in value changes to controls after the Section is signed are not allowed. See this topic for the details.
Workflows that contain separate forms (vs. Linked Steps) and need to show the Signed Section on multiple steps must include all of the same controls inside the Section on each form.
Signature Control
You can use the signature control to place a signature anywhere in your form. The Signature control allows the user to enter their signature using either a trackpad/mouse, stylus, or a touch screen during form completion. Authentication to the frevvo server is not required. If the Printable property is checked, the Signature image will be displayed on the PDF Snapshot of the form. Your browser must support HTML5 canvas technology for proper signature entry functionality.
When designing a form with a Signature control, the captured signature is attached to the form submission as a PNG image attachment. This PNG image is included in your form data and will be sent in any Document Actions that handle form data. For example, should you choose to post the data to your web application, then the signature PNG is part of that posted data. Should you choose to email the data, the signature PNG will be attached to the email. The captured signature PNG is available for downloading by browsing your submissions within frevvo. See Submissions Stored Inside of frevvo for the details.
All of the standard properties and settings apply to the signature control. For example, the required setting can be used to force the entry of a Signature in order for the form to be valid (in use mode).
Using Signature Controls
The user can sign using the Signature Control just by clicking anywhere on the control. They will get a popup signature box and can sign using a mouse, touchscreen, or signature pad. When they click "Done" the signature drawing will appear on the form. The user can clear or change the signature by clicking the control again.
Signature controls don't automatically set the controls in the section to disabled or capture the date. However, you can configure such behavior (as we have in the example below) using business rules. Please see these rule examples.
Topaz Electronic Signature Pad
If you have a Wet signature control in your forms/workflows, you may prefer to use a device to capture a hand-written signature instead of the mouse or a touch screen. The Topaz Electronic Signature Pad is one such device that is now supported in frevvo.
Topaz devices are only supported for desktop workstations/laptops running the Windows Operating system. It is not supported for frevvo on mobile devices.
Forms and workflows can be made accessible to help individuals with visual and motor impairment. The Topaz Signature Pad works well when used in a form/workflow designed for accessibility.
There are many models of electronic signature pads. You can find more information on the Topaz website. frevvo supports/certifies the following models:
Model T-LBK462-HSB-R
Model T-S460-B-R
A unit with -HSB or -BSB suffix on the model number is recommended for machines that only have USB ports.
The Topaz Electronic Signature pad works with a standalone frevvo Wet Signature control and when the Wet Signature control is configured in a signed section.
You can still use the mouse or touch screen to sign if a Topaz Signature pad is installed on your system.
In order to use a Topaz signature pad with a particular laptop or workstation, driver and web api software modules must be installed before connecting the device to your computer. Refer to the instructions Electronic Signatures#InstallingtheTopazElectronicSignaturePad.
Installing the Topaz Electronic Signature Pad
It is recommended that you do not connect the Topaz Electronic Signature Pad to the workstation until the software has been installed. Depending on your security settings, you may need to login to Windows as an "Administrator" to begin the software installation.
Follow these steps to install the software/hardware:
Download the Topaz SigPlus software:
Navigate to the topaz website.
Choose the link for the Topaz model number you are using.
Only download and install SigPlus. Other software downloads from that page are not required.
Install the SigPlus software.
Download the Topaz SigWeb software:
Navigate to the Topaz SigWeb Browser API page.
Choose the link for the model number suffix found on the back of the signature pad.
Download the SigWeb Browser API for that model.
Install the downloaded sigweb.exe.
Connect the Topaz Electronic Signature Device to your computer. Windows may install an additional driver if necessary.
Topaz provides a test site where you can verify that the signature tablet is working correctly. Click here, click the Sign button then sign using the signature pad. Your signature should appear at the top of the screen.
Turning on the Topaz Electronic Signature Pad in Forms/Workflows
Ensure that the Topaz Electronic Signature Pad and the required software are correctly installed before activating the feature in your forms/workflows.
It is up to the frevvo designer to specify the forms and steps in a workflow, that will be using the Topaz signature tablet. Simply click the cog icon in the forms designer to display the form property panel. You will notice the Allow Sign Pad property is not checked (default). Check this property to change the runtime behavior of the signature dialog and allow users to sign with the external signature pad.
The Allow Sign Pad property is also available in Workflow Step Properties. This allows the designer to specify the steps in a workflow that will be using the external signature pad. Click on the steps that you want to use the signature pad with and check the Allow Sign Pad checkbox. Leave the property unchecked on the steps that will not be using the signature pad.
Consider a three-step workflow used by officers to obtain a blood warrant from a judge. Step one is performed by the arresting police officer and requires a signature. In the harsh environment of a police station or jail, the Topaz Electronic Signature Pad is a good inexpensive, and sturdy option. Step two is performed by a judge who accesses the workflow from a mobile device. Step 2 is not configured for the signature pad. When the judge completes Step 2 and signs, the workflow is routed back to the police officer who performs the third step and signs using the signature tablet again.
frevvo and the Topaz Signature Pad at Runtime
Here's how it works:
Forms and steps of a workflow that have the Allow Sign Pad property checked at design time display the signature dialog shown in the image when a Wet Signature control or a signed section that contains a Wet Signature control is encountered:
Notice the Use Signature Pad button. Until the user selects this button, the attached external signature pad is not enabled and regular signing via the mouse or touch screen is still possible. If Allow Sign Pad is not checked, the Use Signature Pad button is not visible.
When the Use Signature Pad button is selected, the signature dialog displays as shown:
The attached signature pad "takes over" the signing area and it is no longer possible to sign with the mouse or touch pad. Once the user signs with the attached pad, the on-screen Done button is selected to accept the signature. If the Use Signature Pad button is clicked in error, click the Cancel button.
If you see the error shown below, check your software/hardware installation.