...
Design | Registration | Credential | Credential | Signing | Tamper |
| Ease-of-use | Portability | Cost | Accountability |
|---|---|---|---|---|---|---|---|---|---|---|
HMS Permits: | Online registration at http://www.hmspermits.gov/ | Permit number | Online issuance of permit | Not called a signature, but does include "I am authorized" checkbox | Typical transactional database controls |
| Similar to common e-commerce transactions | Only "something you know" required | Clearly less expensive than the paper process | Low confidence in identity and custody, but may be adequate to mitigate low risk in the context of the full relationship between the parties |
NPS e-signature | Online registration, identity validation via shared secrets including SSN | Username and password | Online issuance | Signatory signs with a "something you know" username and password. One-factor authentication. | Package consists of text of document and e-signature metadata; requires external "seal" to make tamper-evident |
| Similar to common e-commerce transactions | Only "something you know" required | Clearly less expensive than former paper process | Moderate confidence in identity, credential, and custody, but may be adequate to mitigate moderate risk |
Transactions typically are complete stand-alone packages with registration, content, and e-signature submitted at the same time; registration for subsequent authentication is not an important concept in this context | Self-Select five-digit PIN with customer's prior year adjusted gross income, or prior year PIN | An identity credential is not an important concept in this context. The e-signed annual electronic transaction (filing a return) represents a small part of the relationship between the parties, and validation of identity is based on multiple factors from the full relationship. | Signatory signs with a "something you know" self-selected five-digit PIN. Transaction is authenticated by user providing prior year adjusted gross income. Might be considered two-factor, but likely one factor (prior year AGI). | Package consists of text of document and e-signature metadata; requires external "seal" to make tamper-evident. User recieves an electronic confirmation number from IRS acknowledging reciept and that also binds signature to transaction. |
| Similar to common e-commerce transactions | Only "something you know" required | Clearly less expensive than former paper process | Moderate confidence in identity, credential, and custody, but found to be adequate to mitigate risk in the context of the full relationship between the parties | |
myAlaska e-signature | Online registration, identity validation via shared secrets from two independent government-issued sources (Alaska Permanent Fund Dividend and driver license) | Username and password | Online issuance | Signatory signs with a "something you know" username and password. One factor authentication for user, strengthened by server side encryption. (Authentication almost two-factor due to obscure, unlikely to be memorized shared secrets, viz., height and weight on driver license, knowledge of which iimplies "something you have".) | Package consists of text of document and e-signature metadata, and is then digitally signed by the myAlaska server to become tamper-evident |
| Significantly more complex than common e-commerce transactions, but wide adoption indicates that the complexity is acceptable | Only "something you know" required | Clearly less expensive than former paper process | Moderate confidence in identity, credential, and custody, but found to be adequate to mitigate moderate risk in the context of the full relationship between the parties |
FedEx(R)-like digitized signature: holographic signature using stylus on a digitizing pad | Signature would not necessarily be electronically associated with the registrant | Image of a holographic signature | None required | Signatory signs a holographic signature on a digitizing pad while the digitizing pad is under the control of agency's e-signature software. One-factor authentication | Package consists of text of document, e-signature metadata, and image of holographic signature; requires external "seal" to make tamper-evident |
| Familiar and understandable | Requires digitizing pad, stylus, and custom software at client device | Significant cost of stylus and digitizing pad | Characteristics similar to traditional signature |
Create online profile, then appear in-person at USDA Service Center with government-issued photo ID to activate level 2 credentials | User ID and password | Customer specified credentials are electronically activated by USDA Service Center employee | tbd | tbd |
|
| Strong confidence in identity, however, custody of credential not guaranteed | |||
Configurable per business requirements; could be fully online using shared secrets | Choice of 5 hardware authenticators or software for cell phone or PDA | Hardware authenticators require physical delivery; software authenticators "seed" could be delivered electronically | Signatory signs with a "something you know" pin or password, and, a one-time use token code generated by their authenticator | Package consists of signed document and authentication metadata; requires external "seal" to make tamper-evident |
| Dedicated devices mask deep complexity | Dedicated device must be present at signing | Significant cost of dedicated device and licensing | Strong confidence in identity and credential, good confidence in custody of credential | |
Theoretical highly rigorous public key infrastructure (PKI) alternative | In-person proofing at US Post Office or a financial institution. | PKI private key with password and biometric (three-factor: something you have, something you know, something you are) | User enables the use of a digital certificate by typing in a passode. The digital certificate would likely be on a storage device or may be stored on a computer. Many web browsers and e-mail clients will work with digital certificates. | Digital Signature: document hash and biometric and e-signature metadata are encrypted with private key. Requires some type of reader to input the key, a scanner for the biometric, and, PKI-aware and biometric-aware client software | Package consists of text of document, biometric and e-signature metadata, and digital signature; this combination is tamper-evident by design |
| Complex, mysterious, many ways to fail | Reader required (mag stripe, smartcard, usb, etc.), biometric scanner required | Significant cost of person-proofing and certificate issuance, significant cost of reader and biometric scanner | Strong confidence in identity, credential, and custody of credential |
...