Integration options

Qualified electronic signatures with the SecSigner Applet

For qualified electronic signatures according to SigG (German Signatures Act) the signature must be created by using a signature card and a card reader (please also see the paragraphs „Signature applet“ and „Signatures in web applications“). In order to realize this in a web application we offer a Java applet which can be integrated by web developers into their applications. The applet can be delivered directly via your server or the SecPKI server operated by yourself.

When the applet is invoked in your web application, the document which is transmitted via the web application to the SecSigner applet, is shown. Afterwards, the signing procedure is carried out as usual by using the signature card. The document is transmitted again to the web application and can be processed. The advantage of using the SecSigner applet: The user does not have to download and install manually the SecSigner program. Instead, your application is as usually invoked in the browser. In the step where the signing normally takes place, SecSigner is automatically started by your web application.

It makes sense to use the SecSigner applet in connection with the SecPKI server. The SecPKI server enables you to verify the signature cards directly with reference to the individual users (e.g. the validity of the signatures card). It is also possible to use the SecPKI server in order to define specific rules for the individual users. The SecPKI server is able to double-check the signatures which were created by your SecSigner applet. The SecPKI server creates then a long-term archive (hash tree) with the verified signatures. With this long-term archive the evidential value of your workflow is guaranteed over a long time period.

Functions of the two products:

Building a signature long-term archive is a mandatory procedure required by law in most instances to ensure the authenticity of the signature over the course of several years.

Remote signature with SOAP or PHP

As a result of the eIDAS regulation, a remote signature enables you to realize the creation and verification of signatures also on server side. For this your application transfers the file, which is to be signed after a strong user authentication, to the signatures server. The term remote signature, however, can be easily misunderstood: When we talk about a remote signature we mean a signature which was created on a server. For the signature on server side we offer you our SecPKiI server. Your web application can either communicate via the SecPKI API or SOAP directly with the signatures server which is running (like your web application) on your server.

Questions? Please contact us!More about SecPKI

Mobile signature for iOS or Android

For a mobile signature your web application transmits the data which is supposed to be signed to the mobile device of the signature creator. The signature creator then signs the data on the mobile device. The data are then transmitted again to the web application. For this we provide you with several different API´s which you can use in order to send your data to the signature application. You can also use an SDK in order to integrate the signature functionality into your own applications. This way an already existing app could thus help your customers to sign files and share them with you.
Questions? Please contact us!More about SecPKI