Guest Contributor, Bindi Li, VP of Sales at Asertia
Digital security is increasingly becoming a top priority in Asia. As the region continues its advance towards digital transformations, businesses throughout the region will see increased convenience and efficiency. Digital innovation impacts many areas, specifically online transactions and electronic documents.
The need for digital security and integrity as the region moves towards digitalisation is paramount – though the methodology and use cases for digital signing are still evolving.
In this latest partner blog, Netrust partner Ascertia details how to ensure digital security and trust. In this blog, they discuss two essential elements of ensuring this: trust and level assurance.
Rise of digital signature adoption in Asia
In June 2021, CIO Tech Asia predicted a rapid rise in digital signatures, digital signing, digital transaction management and user authentication in the Asia-Pacific region. That prediction was spot on.
In countries such as Vietnam, Singapore and Malaysia, the demand for digital security is on the rise, as is the software and services to support digital user identification and authorisation. Many governments in this region are in the exploratory phase of the digital signing and document workflow process.
Digital signing and electronic signatures are already widely used in Europe and North and South America. Once Asia-Pac governments outline their uses, the tools for digital security will become a top priority. Let’s discuss how businesses like Ascertia and Netrust ensure this security with trust and level of assurance.
Level of assurance
Level of assurance is the amount of confidence a business or entity has in a ‘claimed’ digital identity. In essence, it is the foundation of digital security and trust.
The Asia-Pacific digital security infrastructure is still in its infancy. As an example of what we could see develop in the region as it moves towards implementation, we’ll use the well-established EU digital trust process.
Levels of assurance vary depending on business and document requirements. It dictates the amount of protection that is required to generate and store certificates and keys. These keys include cryptographic smartcards, tokens, Remote Qualifed Signature Creation Devices (QSCDs) or Hardware Security Modules (HSMs).
As the trust level increases, so too does the diligence of the necessary checks and vetting. A document or entity’s trust level indicates it’s been through the comprehensive process of obtaining a security certificate.
Current levels of assurance in the EU, North and South America:
Basic assurance is a simple mark in a document with minor security against document alteration.
Advanced assurance includes individual or eSeal signing certificates with signatures based on a private PKI, software or hardware keys, and support for local and remote signing.
If the Asia-Pac region implements digital signature security, it is likely we will see similar levels of assurance introduced.
Establishing digital security
Every part of our online lives is touched by digital security. From signing documents remotely to online shopping, establishing digital security begins with proving identity. The end entity – whether a person, server or application – must have its identity ensured for a digital identity to be issued.
In established digital trust infrastructures, Trust Service Providers (TSPs) produce and preserve digital certificates that validate electronic signatures. There are several TSPs, and they supply varying identity types, all of which have unique requirements for enrolment and identity vetting.
Types of Trust Service Providers include:
- AATL – Adobe Approved Trust List Provider
- QTSP – Qualified Trust Service Provider
- RSSP – Remote Signature Service Provider
- TSP – Trust Service Provider
Digital security with Netrust and Ascertia
Ascertia and Netrust‘s partnership provides comprehensive digital signature solutions to customers in the Asia-Pacific region. Ascertia is a leading provider of PKI and digital signature software, while Netrust is a prominent digital identity service provider in Asia. Netrust is also certified as an accredited certificate authority by Singapore’s Infocomm Media Development Authority (IMDA) and its data centres are in Singapore – meaning documents are stored in the region rather than further afield.
Together, Ascertia and Netrust offer a range of solutions that can be used to secure digital transactions and provide electronic and digital signatures that comply with Singapore’s regulatory standards.
Netrust’s nSignHub solution is powered by Ascertia, an eSignature solution & its datacenter is hosted in Singapore. Netrust’s partnership with Ascertia means documents that have been digitally signed using CA-issued digital certificates can be easily validated. Whether you are signing on PDF or Word, the process of checking signature validation is straightforward.
To further enhances its digital capabilities, Netrust has integrated its nSignHub solutions with Singpass APIs to enable signing with Singpass capabilities for its users. This allows Singapore citizens to use their Singpass mobile application and digitally sign documents anytime, anywhere.