abox ECM offers a digital signature integrated in the application, which allows you to
sign annexes, images, documents and files with all legal guarantees

Management of "records" with electronic signatures

  • In infeed trays
  • Directly on file
  • Possibility of disaggregating mail attachments.
Capture e-mails

To determine the validity of a document, SGEDA must implement authentication mechanisms for files uploaded to the system to ensure that they have not been changed since they were filed or approved. This is what we call the handling of “evidence” or “records management”.

In abox ECM, “records” are signed using “secure hash algorithms” or SHA. A hash makes it possible to create a theoretically unique fingerprint of a file. When it is placed in the system as evidence (or when a document is approved or signed), the application calculates its “hash” and stores it in the database.

Each time the document is shown on screen, the system recalculates its hash and checks it against the one stored in the database. In this way a very high security is obtained in the authenticity of the document (in theory 1 among a number of 24 zeros to find a different file with the same fingerprint).

Certification of relevant attachments and actions using digital signatures

A digital signature certificate is an electronic document that is issued to a person or entity by a recognized Certifying Authority, it contains data that prove the identity of the holder of the certificate to third parties. The Digital Signature Certificate contains the following information:

  • Certificate’s unique identifier code
  • Identification of the Certifying Authority that issued it
  • Digital signature of the Certifying Authority
  • Identity of the holder of the certificate/li>
  • Holder’s e-mail address
  • The public key of the certificate holder
  • Period of validity of the certificate

abox ECM allows digital signatures on relevant contents or actions with different signature modalities:

  • With certificate in the possession of the user (signature files p12 or pfx)
  • With certificate stored on the client PC (e.g. token or device certificate store)
  • With certificate(s) stored on the organization’s own server

To implement the signature, abox ECM manages a special data structure that allows you to configure the elements you want to sign, including fixed fields, metadata and attachments. It is possible to incorporate one or several digital signatures to any tray, file or document.

Therefore, signatures can be stamped on any content and not only on the image or text file (PDF, Word, Excel, etc.), so they can guarantee not only the authenticity of the attachments, but also of the metadata values at the time of the signing operation (e.g. sign the invoice together with the values extracted from it).