Credible Remote Administration is more and more becoming a basic requirement in our fast-moving world. Especially younger generations would like to arrange all their administrative tasks in front of their computer, or on their mobile, however due to the COVID-19 crisis we see a significantly increased demand for all the online services, especially for credible remote administration, as people are not willing to move out, or they are restricted to move out. This is more and more becoming possible, however it arises several security issues. PKI infrastructure based solutions can address these challenges, with the certificate based authentication, encryption and digital signature. We are going to discuss the latter one in more details.

How can we sign documents on a remote server when our signature key is in our computer?

Of course we may download the document, and sign it on our PC (if we have the appropriate software) and upload it back to the server. However, this use-case becoming extremely difficult, especially in case we would like to sign significant number of documents.

To sign documents remotely is certainly a challenge, that has some better and worse solutions. The signature standards allow remote signatures, by sending the created document hash to the signer, and putting the signed hash back into the document.

The main challenge is that the browser must be able to access local resources on the computer. Namely the key store. In the past, developers solved this issue by using AciveX or JavaApplets, however due to security considerations browsers prohibit these solutions nowadays, so these cannot be used any more. Some going forward on this path, started to develop plugins for the browsers, that can access the keystore, allowing the generation of electronic signatures, but these plugins has to be developed for all the supported browsers separately, and has to be kept up-to-date on all the different browser releases. The development of these plugins therefore are slower, and customers may face issues in signing documents, when they are upgrading their browsers to the latest releases, until the latest plugin comes out.

MicroSigner

Microsec adopted a different approach. Keeping in mind the end-user focus and satisfaction, we wanted to avoid the issues of the browser upgrades. So we decided to develop a thin client for the desktops, that can be installed on the computers without Admin rights. This development has been done for Windows, macOS and Linux platforms, as well as for the mobile platforms, iOS and Android, so we can say that our solution is platform independent. This thin client can reach the local keystore, while communicating with the remote server through a proxy that is located in Microsec domain. This proxy is used as a common known and secure point for the communication for both the thin client and the signing server.

Using MicroSigner is an excellent tool for developers to integrate remote signing solutions into their products and services, however we realized that there is a need for a ready-made signature creation webapp as well, as most of our partners developed the same functions while creating their own products. Therefore Microsec decided to develop a web-based signature creation platform, that integrates MicroSigner as well, and implements an easy to use web-interface for creating and signing documents, and a WSDL interface for the integration of 3^rd party software (ie. workflow management systems). With the above development web-Szigno was born, and now become our flagship product for spreading credible remote administration solutions. With the above portfolio, we believe that documents can be easily signed remotely, that also has been confirmed by our multiple clients started to use our solutions.