Ascertia Ltd

SigningHub - Digital Signature Solution

SigningHub is a high trust platform delivering an electronic signing solution enabling organisations to create workflows for digital signature approval. Using business applications or as a standalone solution, SigningHub optimises how people review, approve and sign documents on any device, allowing businesses to migrate paper-intensive processes to the digital world.

Features

• High trust solutions for Advanced and Qualified Electronic Signatures
• Advanced document workflow for facilitating secure digital signature approval
• Integrates with business applications including, Salesforce and Office 365
• Strong authentication, accurate traceability, detailed accountability, data integrity, archiving
• Deployment options – on-premise, hybrid, public or private cloud
• Standards compliant – eIDAS, ETSI, SEN, NIST and Adobe CSC
• Prepare and sign documents across devices, any browser, any time
• Interoperable with Adobe® Reader– ISO 3200 & ISO 19005
• Secures documents using strong user authentication, integrity, non-repudiation and encryption
• Mobile App, enterprise branding and FDA21CFR Part11 compliant

Benefits

• Industry standard and regulation compliant
• Rapid digital transformation for document signing – ink to electronic
• Flexible payment plans to facilitate changing business habits and behaviours
• Display documents clearly and securely. Minimise disputes and misunderstandings
• Prevents data leakage using policy controls and data encryption
• High trust to underpin legislative, regulatory and internal control requirements
• Future proofed using common industry standards and tracking emerging trends
• Document status tracking: fully traceable and auditable business signature processes
• Enables easy business adoption by supporting all common document types
• Utilises technology best practices and operates to Government security standards

£1.80 a user a month

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@ascertia.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

663807973894626

Contact

Ascertia Sales
08007720442
sales@ascertia.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: SigningHub has rich API functionality and can be integrated into core business applications OR used in a standalone mode. SigningHub also supports special connector apps for Salesforce.
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: SigningHub.com is a cloud based service, therefore no hardware considerations to consider. ; ; 12 hour x 5 days product support service is available from 06:00 to 18:00 GMT Monday to Friday. The web support centre is available 24x7 to receive support tickets. ; ; Planned events such as system updates occur on a quarterly basis. Such events occur during off-peak ours. Information on these events is shared on SigningHub.com.
• System requirements:
  • Use any HTML5 browser Including Chrome, Firefox, Safari, Edge, IE9+
  • SigningHub supports mobile web browsers on mobile devices including phones
  • The optional SigningHub mobile app (free) supports iOS and Android
  • Private cloud hosted solution requires virtual machine(s) or server(s)
  • Private cloud hosted solution requires database solution for configuration files
  • Private cloud hosted solution requires operating system for solution software

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Weekdays: Within 4 hours.; Weekends: Reasonable efforts
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: A standard web browser interface is used to login to the on-line based support ticketing system. The browser being used is therefore responsible for the WCAG accessibility features. A simple form is presented that asks for details of the support being requested.; ; The alternative is to use a standard email client or webmail interface to send an email to support@ascertia.com that details of the support services being requested. WCAG accessibility is the responsibility of the email client.; ; Skype is also available as a means of communication ; SkypeID: ascertia.support.; In this case Skype is responsible for the WCAG accessibility criteria.
• Web chat accessibility testing: Web chat functionality is under investigation - not expected in 2022
• Onsite support: No
• Support levels: Support is provided from 6am to 6pm GMT.; Access to our support service is included at no extra cost - ; using email or web-based support requests.; Skype chat and escalation to a telephone meeting ; or web-conference session, if required.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: As part of the on boarding process, Ascertia provide How-to training videos and full step-by-step manuals to assist customers get started with SigningHub.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The SigningHub service plan will be downgraded upon contract expiry, limiting the capability to sign documents and start new workflows. Any documents or workflow evidence reports that are still residing within the SigningHub account can be downloaded in bulk. User details and contact details can be deleted.
• End-of-contract process: The SigningHub service plan will be downgraded upon contract expiry, limiting the capability to sign documents and start new workflows. Any documents or workflow evidence reports that are still residing within the SigningHub account can be downloaded in bulk. Core functionality is included in the price of the contract. Additional costs to the customer may be incurred for on premise or private cloud deployment, remote signing feature with eIDAS Level 2 Sole Control, local signing feature using smartcard or eID, adding individual or corporate AATL certificates from third parties, use of an external public CA.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: SigningHub Web (the desktop browser) displays more information on a wider landscape user interface than SigningHub Mobile Web which uses a portrait layout. SigningHub Mobile App looks the same as Mobile Web but has the benefit of being an app rather than a browser page.; SigningHub Mobile App supports iOS and Android devices.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: SigningHub provides a quick easy digital Signature platform for preparing, sending, viewing, Signing and returning your e-documents. The platform enables users to start a new document workflow, change personal or enterprise settings and quickly access pending, in-progress, declined and completed documents. A workflow entails uploading documents, adding recipients, choosing a template and setting permissions. The user can then prepare document(s) by adding signature, form fields and share document. Users can also review and sign documents quickly, easily and securely
• Accessibility standards: None or don’t know
• Description of accessibility: A standard web browser interface is used to login to the on-line based support ticketing system. The browser being used is therefore responsible for the WCAG accessibility features. A simple form is presented that asks for details of the support being requested.; ; The alternative is to use a standard email client or webmail interface to send an email to support@ascertia.com that details of the support services being requested. WCAG accessibility is the responsibility of the email client.; ; Skype is also available as a means of communication.; SkypeID: ascertia.support.; In this case Skype is responsible for the WCAG accessibility criteria.
• Accessibility testing: Any background work has been conducted using an assistive tool - not with an end user.
• API: Yes
• What users can and can't do using the API: SigningHub provides a REST architectural style API that supports over 100 different methods. The API allows full document preparation, sharing, review and signing (electronic and digital) operations. Along with user enterprise management. Control of personal settings such as visible signature appearance, locale, and delegated signing are all available through the API. All signature workflow can be controlled via the API and updated in real time as required.; ; The API uses JSON for payloads and OAuth 2.0 for access and authorisation control. Initial authentication is based upon an Enterprise API Key. Enterprises in SigningHub support multiple API keys.; ; Both tight (embedding SigningHub functionality into the business application) and loose (browser redirect) integration models are supported as well as Authorised Remote Signing for level 2 sole control for remote signatures compliant with EN 419241 part 2.; ; SigningHub Mobile SDK allows developers to embed SigningHub functionality within their own mobile apps.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Full whitelist branding including logos, colour scheme, email notification content. Permission to branding is managed by extensive user & adminitrative roles & permissions functionality.

Scaling

• Independence of resources: SigningHub runs on Microsoft's Azure platform and additional resources are added as required to service the growing requirements.

Analytics

• Service usage metrics: Yes
• Metrics types: Top Signers option will sort your enterprise users list with respect to those users, who have applied the highest number of signatures.; Top Senders option will sort your enterprise users list with respect to those users, who have sent the highest number of documents for approval processing. ; Top Disc Storage option will sort your enterprise users list with respect to those users, who have consumed more account storage.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Other
• Other data at rest protection approach: All user documents are AES-256 bit encrypted within the SigningHub application and then stored as encrypted Blobs within the SigningHub database. Only the owner or users they authorise can have this data decrypted and imaged within the browser session.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Either via the SigningHub API or manually by selecting all documents and downloading them directly.
• Data export formats: Other
• Other data export formats:
  • PDF
  • PDF/A
  • Word 2013 if used
  • XML
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats:
  • RTF, DOC, DOCX, DOT, DOTX, DOTM, DOCM, ODT, OTT, TXT
  • XLS, XLSX, CSV, TSV, XLSM, XLSB, XLTX, XLTM
  • PPT, PPTX, POT, PPS, POTX, PPSX, PPTM, PPSM, POTM, ODP
  • PSD, VSD, VSDX, VSS, VDW, VDX, VSSX, VSTX, VSDM, VSSM
  • JPG, JPEG, PNG, GIF, TIF, TIFF, ICO, BMP, EMF
  • HTML, XHTML, MHTML, XML, OOXML, DWG and DXF
  • PDF, XML, MPP, MPT, and ONE

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: Various strong user authentication options are available.; For high trust requirements SigningHub can be delivered on-site ; or via other service providers that offer PSDN connectivity
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: Various strong user authentication options are available.; For high trust requirements SigningHub can be delivered on-site ; or via other service providers that offer PSDN connectivity

Availability and resilience

• Guaranteed availability: SigningHub is designed to offer 99.95% availability. ; Planned maintenance occurs out of office hours and 5 days warning is provided of such activity. ; Users are able to present their reasons for why a refund should be given in any circumstances.
• Approach to resilience: Microsoft Azure is used to provide the highest levels of application availability.
• Outage reporting: SigningHub is well proven to offer a robust and resilient platform. Ascertia’s SigningHub cloud service runs on an Azure instance in Northern Europe and has been running continuously with no unplanned downtime for several years of operation, and by many thousands of users. Other Ascertia partners around the world have similar experiences.; ; Similarly, the underlying ADSS Server has a long history of running 24/7 without intervention. High availability services can be ensured by using two production servers running SigningHub with a back-end database cluster offering resilient information services to deliver a service of 99.9% or better.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Other
• Other user authentication: For certain authentication services users have to provide an email address to SigningHub before initiating the login process. These authentication services include: Entrust IdentityGuard; AET Consent ID; Verisec, Freja. ; ; SigningHub Cloud service also allows certain authentication services including social accounts where the user initiates login directly with these authentication methods and is then redirected to our cloud service. Once authenticated, SigningHub will get the authenticated user's email address. These authentication services include: Salesforce; UBISecure; Google; LinkedIn; MSOffice 365; Azure AD; Active Directory; ADFS; SAMLv2 SSO; ; ; And many more...
• Access restrictions in management interfaces and support channels: Only authorised staff are allowed access to SigningHub's Admin Screens. Role based access controls are used to restrict staff rights.; Strong mutual TLS security is used to authenticate operators and prevent unauthorised access.
• Access restriction testing frequency: At least once a year
• Management access authentication: Public key authentication (including by TLS client certificate)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: At a high-level we follow the ISO/IEC 27001 security management principles. We have defined a Information Security Policy and then lower-level policies like access control policy, antivirus policy, network connection policy, password policy etc.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The SigningHub Cloud service is under strict configuration and change management controls. These include restricting who can access the system and under which privileges. Any configurations changes are first planned and authorised by the Ascertia CTO and then implemented by the IT Team and verified by the QA Team. All security related changes are made under under dual control i.e. an IT administrator makes the changes and these remain pending until approved by the Security Officer role holder.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Ascertia conducts regular internal and external penetration testing exercises using both in-house and commercial testing tools. During development there is extensive peer reviews and QA testing of each product change. Product patches can be made available within 1 to 5 days depending on severity/complexity.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Potential compromises are identified through internal reviews and testing, external 3rd party security reviews as well as customer testing. Ascertia always handled potential compromise with highest priority by assigning relevant resources for immediate analysis and resolution of the issue. We ensure all affected customers are notified in a simple and clear manner. Our objective is to respond to incidents within 24 hours.
• Incident management type: Supplier-defined controls
• Incident management approach: We follow a formal approach to incident management which involves logging the incident with a unique ID and date/time. The incident is then categorised and prioritised. The response to the incident is then prepared and provided to all affected parties.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Fighting Climate Change – policy outcome: effective stewardship of the environment. This could include but is not limited to:; - Working towards net zero. Being a supplier of electronic signatures, we are striving internally to be come a paperless environment. We are looking to enable our customers and suppliers to become the same.; - Working collaboratively with your supply chain to deliver environmental benefits and work towards net zero. We are embracing modern technology to reduce our environmental impact through continuing on line working and collaboration, minimising travel and empowering our staff to find a suitable working model for their individual needs.

Pricing

• Price: £1.80 a user a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Everything is included as per the needs of the organisation trialling the service. Trial runs for 30 days with the option to extend
• Link to free trial: https://web.signinghub.com/Register?planId=30

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@ascertia.com. Tell them what format you need. It will help if you say what assistive technology you use.