ComSignTrust’s Signer-1 deploys easily on-site or on a secure cloud-based server.
Internal MS-CA module | Supports enrolling certificates using MS DCOM or CMP | Supports pkcs10 CSR generation and importing external x509 certificates.
As a standalone product or as a secured cloud-based service, Signer-1 is designed to meet the needs of enterprise organizations with high-volume batch signing processing.
1. Internal or external Hardware Security Module (HSM)
Data security is critical to enterprise companies.
A hardware security module safeguards electronic signatures from being altered by integrating secure cryptographic processes.
Signer-1 includes an HSM from the world’s leading manufacturers including brands like nCipher, Thales, and Utimaco and any other HSM which is at least (FIPS) 140-2 Level 3 and/or common criteria (CCELA4+) certified.
The Signer-1 server can be integrated through API with any certified HSM.
2. Easy access for authorized signers
Authorized signers can be synchronized automatically through the organization’s active directory service or by uploading various database formats and files that are managed through a web application dashboard.
3. One-time password (OTP) solution for enhanced security (Optional).
To protect the Signer-1 server against advanced cyber attacks, users follow a two-step secure authentication process to gain and confirm access to its private key reside in the signing server.
4. A biometric (face or finger) strong authentication to your private signing key (Optional)
To protect the Signer-1 server against advanced cyber attacks, users follow a two-step secure authentication process to gain and confirm secured access to its private key reside in the signing server.
Integrate additional solutions with Signer-1’s upgraded modules
Advanced Verification module.
The verification module enables Signer-1 to validate digitally signed documents with:
- The issuing certificate authority (CA) including OCSP
- Detailed information regarding the signer and the organization
- A signing algorithm
- Timestamping according to RFC 3161
Digital archive module
The digital archive module enables Signer-1 to securely store long-term various formats of digitally signed documents and other files. You can search and retrieve stored data easily, and replace cumbersome physical archives.
- PAdeS signatures compliant with directive 1999/93/EC
- CAPI signing with SHA256/SHA512 support on all Windows platforms
- PKCS#11 signing
- Option to include digital timestamp server compliant with RFC3161
- Profile-based configuration
- Active-directory based roles for configuring the system and accessing the keys in addition to the PIN/PAD authentication against the hardware device
- Support for secure signature creation devices (SSCD) and software keys
- Support for native PDF, OpenXML, XML, OpenOffice signature formats
- Multipage TIFF embedded signature and validation tool
- Audit and logging of all signing and system operations
- Large files supported
- Detached PKCS#7 signatures supported
- Centralized logging
- Visual graphics positioning in the profile configuration
- Signature validation tools
- SNMP traps