CoSign Digital Signatures for Healthcare Organizations - Features & Technology

CoSign® digital signatures enable the replacement of slow, expensive, and non-productive paper-based approval, collaboration, and delivery processes with fast, low-cost, and efficient electronic operations.

CoSign works seamlessly with all common document formats such as Microsoft® Word, Excel®, Outlook®, InfoPath®, Adobe® PDF, AutoCAD®, Bentley® MicroStation, TIFF, and other document types. CoSign is standards-based (based on Public Key Infrastructure – PKI), avoiding vendor lock-in and allowing the document to be verified by anyone, anywhere, anytime without the need for proprietary verification software or third party support.

CoSign is offered in two versions – CoSign Desktop is meant for individual users, while CoSign Central is designed for a multiple-user organization. CoSign Central is based on easy-to-use software that communicates with a centralized and secure digital signature server. It is quick-to-deploy and ideal for mid to large sized organizations, offering seamless integration with content management and workflow systems. For smaller organizations (up to 10 signers), CoSign Desktop is offered as a standalone solution that does not require any hardware component. Learn more about the differences between CoSign Central and CoSign Desktop.

Signing features (CoSign Central and CoSign Desktop)

• Digitally sign with a simple click of a mouse - Equipped with an intuitive user interface, a simple right click is all that is required to sign and seal the document. View a digital signature demo.
• Digitally sign any document type - CoSign works with all standard file formats: Microsoft® Word, Excel®, Outlook®, InfoPath®, Adobe® PDF, AutoCAD®, Bentley® MicroStation, TIFF, and other document types.
• Turn any document into a digitally signed and sealed PDF - CoSign's integrated virtual signing feature converts any electronic document into a signed PDF. See how CoSign converts any document format into a signed PDF.
• Ensure external acceptance - CoSign embeds the digital signature directly into the document itself, enabling it to serve as a form of self contained e-record. After signature capture, anyone can verify the signature and content integrity anywhere at anytime - with a simple click.
• Add your graphical signature and signing rationale - The signer's graphical signature is placed on the document as well as the reason for signing (e.g., I approve, I agree, etc.).
• Approve along with your colleagues - CoSign allows multiple signatures to be placed on a document (one after another) while ensuring document integrity. This is useful in scenarios that require a series of approvers and an audit trail.
• Approve only designated areas of the document - Digital signatures can be applied to a specific area of the document. This is particularly effective for spreadsheets.

Enterprise-ready features (CoSign Central only)

• Workflow Integration - CoSign integrates perfectly with leading workflow and Content Management Systems such as Microsoft SharePoint®, enabling automated formal approval processes from within your organization's existing workflow systems. See how CoSign integrates with a Document Management system.
• Simple Central Control - CoSign leverages existing user management systems, such as Microsoft Active Directory®, for control over signer authorizations (new employees are added and employees leaving the organization are removed from the authorized signer list with a simple click). CoSign ensures quick deployment and minimal ongoing IT management requirements, translating into enhanced security and a very low total cost of ownership.
• Easy to integrate with existing infrastructure - CoSign is designed as a plug-in for DM/ECM/BPM systems or whatever existing infrastructure is in place. CoSign comes with SAPI®, a robust API that enables intuitive web service interfacing. Learn more about SAPI.
• Scalability - CoSign is scalable from a few signers to several million users and will work in your existing authentication environment.
• Quick deployment - CoSign is typically deployed in a matter of hours.
• Minimal IT ongoing management - Once in place, CoSign typically requires under 10 hours of annual IT management.
• Web-based forms - CoSign enables compliant digital signatures in an external-facing portal. Read more about CoSign web services.
• Batch signing - With high throughput, CoSign can sign millions of documents, making it an ideal solution for bulk signing needs such as eInvoicing and eArchiving.

Security features (CoSign Central only)

• Enhanced security - CoSign Central stores the signing keys (Private Keys) in a centralized and secure hardware device, ensuring that any tampering attempt with the secured CoSign appliance will be detectable.
• FIPS level 3 certified - The CoSign  FIPS version is FIPS-140 Level 3 validated and is used by agencies that rely on a high level of security, such as the Dutch Supreme Court, US Bureau of Prisons, US border patrol.

By using a secure server to manage credentials and issue certificates to authorized signers, ARX’s engineers managed to maintain the security benefit associated with PKI-based digital signatures while removing the expensive management requirements.

Using Bob and Alice, we can illustrate how standard digital signatures (standard electronic signatures) are applied and verified.

From Bob's perspective, the signing operation can be as simple as a click of a button. But several things are happening with that one click:

Step 1: Getting a Private and Public Key

Step 2: Signing an Electronic Document

1. Initiate the signing process - Depending on the software used, Bob needs to initiate the signing process (e.g., clicking a "Sign" button on the software's toolbar).
2. Create a digital signature - A unique digital fingerprint of the document (sometimes called a message digest or document hash) is created using a mathematical algorithm (such as SHA-1). Even the slightest difference between two documents would create a separate digital fingerprint of each.
3. Append the signature to the document - The hash result and the user's digital certificate (which includes his Public Key) are combined into a digital signature (by using the user's Private Key to encrypt the document hash). The resulting signature is unique to both the document and the user. Finally, the digital signature is appended to the document.

Bob sends the signed document to Alice. Alice uses Bob's public key (which is included in the signature within the Digital Certificate) to authenticate Bob's signature and to ensure that no changes were made to the signed document after it was signed.

Alice:

1. Initiates the validation process - Depending on the software used, Alice needs to initiate the validation process (e.g., clicking a "Validate Signature" menu option button on the software's toolbar).    
2. Decrypts Bob's signature - Using Bob's Public Key, Alice decrypts his signature and she receives the original document (the document fingerprint).          
3. Compares Bob's document fingerprint with her calculated one - Alice's software then calculates the document hash of the received document and compares it with the original document hash (from the previous step). If they are the same, the signed document has not been altered.