For a document to be signed with the DocuWare Signature Service (such as a contract), it must first be stored in a file cabinet. The service is then started within a workflow task.
After this trigger, several steps take place between person 1 who requests a signature in a DocuWare workflow and person 2 who signs the document. Both can also be identical.
In principle, the signing process with the DocuWare Signature Service always looks the same:
The workflow sends information about the document and the signature to the Signature Service.
The DocuWare Signature Service loads the document from DocuWare and transfers it to the signature service provider.
The signature service provider informs the signing person by email.
The person signing opens the link sent with the document and starts the signature process.
The signature service provider authenticates the person signing the document.
The signature is linked to the document.
The signature service provider informs the signature service about the signed document.
The DocuWare Signature Service loads the document from the signature service provider and stores it in DocuWare.
A document can be signed by a single person or by several persons. The signing process is always the same for each signer, because an electronic signature is always bound to the person who executes the signature.
Which type of signature is chosen - so advanced (AES) or qualified electronic signature (QES) - always depends on the type of document, legal requirements if one or more persons should sign it, and at what signature security level. Read more about this in chapter Compliance through electronic signatures worldwide.
The various signing options
The signing procedures differ mainly in the authentication method. The authentication options described below assume that: Person 1 (P1) works in a company that uses DocuWare. Person 2 (P2) can be an internal colleague or an external business partner, but does not have to be a DocuWare user. It is always person 1 who requests the signature within a workflow and person 2 who signs.
Validated ID: Remote (AES)
Person 2 does not need to register with Validated ID.
Steps:
P2 tells P1 their name, email address, and SMS-enabled phone number.
P1 enters the data of P2 in the workflow form and thus requests the signature from Validated ID.
P2 receives an email with the link to the document and an SMS with a TAN, which they use to trigger the signature.
Validated ID: Biometric (AES)
Person 2 does not need to register with Validated ID.
Steps:
P1 sits at a company reception and visually checks the identity of visitor P2. P1 confirms the identity of P2 and enters their name in the form in a workflow task. The information is sent to a signature tablet.
P2 signs on the tablet, thus storing biometric data such as the writing pressure for possible later verification.
Validated ID: Centralized (AES)
Person 1 and person 2 work in the same company that has a contract with Validated ID. P2 is registered with Validated ID.
Steps:
P2 tells P1 their name, email address, and the user ID that P2 received from Validated ID upon authentication (which can be, for example, a passport number).
P1 enters the data of P2 in the workflow form and thus requests the signature.
P2 signs the document.
Validated ID: Centralized (QES)
Person 1 and person 2 work in the same company that has a contract with Validated ID. P2 is registered with Validated ID and has undergone separate identification with Validated ID for a qualified certificate.
Steps:
P2 tells P1 their name, email address, and the user ID that P2 received from Validated ID upon authentication (which can be, for example, a passport number).
P1 enters the data of P2 in the workflow form and thus requests the signature.
P2 signs the document with the qualified certificate.
DocuSign: No authentication (AES)
Person 2 does not need to register with DocuSign.
Steps:
P2 tells P1 their name and email address.
P1 enters the data of P2 in the workflow form and thus requests the signature from DocuSign.
P2 receives an email with a link to the document in DocuSign, where they sign it.
DocuSign: Authentication via SMS (AES)
Person 2 does not need to register with DocuSign.
Steps:
P2 tells P1 their name, email address, and SMS-enabled phone number.
P1 enters the data from P2 in the workflow form and thus requests the signature from DocuSign.
P2 receives an email with a link to the document in DocuSign. P2 receives a TAN from DocuSign via SMS, which they use to trigger the signature.
DocuSign: Authentication via telephone call (AES)
Person 2 does not need to register with DocuSign.
Steps:
P2 tells P1 their name, email address and telephone number.
P1 enters the data of P2 in the workflow form and thus requests the signature from DocuSign.
P2 receives an email from DocuSign with a link to the document as well as information received by phone call, e.g. a code, with which P2 triggers the signature.
DocuSign: Authentication via access code (AES)
Person 2 does not need to register with DocuSign.
Steps:
P2 tells P1 their name and email address.
P1 enters the data of P2 and a code (e.g. password) in the workflow form and thus requests the signature from DocuSign.
P2 receives an email with a link to the document in DocuSign.
P2 actively transfers the code to P1. This can be done verbally (face-to-face conversation, telephone call) or via a prior agreement (for example, date of birth or a membership number can always be used as the code).
P2 uses the code to trigger the signature.
DocuSign: Knowledge-based authentication (U.S. only, AES)
Person 2 does not need to register with DocuSign.
Steps:
P2 tells P1 their name and email address.
P1 requests the signature and transmits the name and email address of P2 to DocuSign.
P2 receives an email with a link to the document and must answer a personalized, knowledge-based multiple-choice question from DocuSign.