...
Design | Registration | Credential | Credential | Signing | Tamper |
| Ease-of-use | Portability | Cost | Accountability | ||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
HMS Permits: | Online registration at http://www.hmspermits.gov/ | Permit number | Online issuance of permit | Not called a signature, but does include "I am authorized" checkbox | Typical transactional database controls |
| Similar to common e-commerce transactions | Only "something you know" required | Clearly less expensive than the paper process | Low confidence in identity and custody, but may be adequate to mitigate low risk in the context of the full relationship between the parties | ||||
NPS e-signature | Invitation by USPS mail with unique access code which allows online registration, which includes identity validation via that access code and other shared secrets possibly including SSN | Username and password | Online issuance | Signatory signs with a "something you know" username and password. One-factor authentication. | Package consists of encrypted PDF of document (tamper-evident) and e-signature metadata |
| Similar to common e-commerce transactions | Only "something you know" required | Clearly less expensive than former paper process | Moderate confidence in identity, credential, and custody, but may be adequate to mitigate moderate risk. Note that individual permit applications may require additional documentation including USCG Vessel Registration, Articles of Incorporation, etc., which may further mitigate risk but are not part of the e-signature. | ||||
Transactions typically are complete stand-alone packages with registration, content, and e-signature submitted at the same time; registration for subsequent authentication is not an important concept in this context | Self-Select five-digit PIN with customer's prior year adjusted gross income, or prior year PIN | An identity credential is not an important concept in this context. The e-signed annual electronic transaction (filing a return) represents a small part of the relationship between the parties, and validation of identity is based on multiple factors from the full relationship. | Signatory signs with a "something you know" self-selected five-digit PIN. Transaction is authenticated by user providing prior year adjusted gross income. Might be considered two-factor, but likely one factor (prior year AGI). | Package consists of text of document and e-signature metadata; requires external "seal" to make tamper-evident. User recieves an electronic confirmation number from IRS acknowledging reciept and that also binds signature to transaction. |
| Similar to common e-commerce transactions | Only "something you know" required | Clearly less expensive than former paper process | Moderate confidence in identity, credential, and custody, but found to be adequate to mitigate risk in the context of the full relationship between the parties | |||||
myAlaska e-signature | Online registration, identity validation via shared secrets from two independent government-issued sources (Alaska Permanent Fund Dividend and driver license) | Username and password | Online issuance | Signatory signs with a "something you know" username and password. One factor authentication for user, strengthened by server side encryption. (Authentication almost two-factor due to obscure, unlikely to be memorized shared secrets, viz., height and weight on driver license, knowledge of which iimplies "something you have".) | Package consists of text of document and e-signature metadata, and is then digitally signed by the myAlaska server to become tamper-evident |
| Significantly more complex than common e-commerce transactions, but wide adoption indicates that the complexity is acceptable | Only "something you know" required | Clearly less expensive than former paper process | Moderate confidence in identity, credential, and custody, but found to be adequate to mitigate moderate risk in the context of the full relationship between the parties | ||||
FedEx(R)-like digitized signature: holographic signature using stylus on a digitizing pad | Signature would not necessarily be electronically associated with the registrant | Image of a holographic signature | None required | Signatory signs a holographic signature on a digitizing pad while the digitizing pad is under the control of agency's e-signature software. One-factor authentication | Package consists of text of document, e-signature metadata, and image of holographic signature; requires external "seal" to make tamper-evident |
| Familiar and understandable | Requires digitizing pad, stylus, and custom software at client device | Significant cost of stylus and digitizing pad | Characteristics similar to traditional signature | ||||
Create online profile, then appear in-person at USDA Service Center with government-issued photo ID to activate level 2 credentials | User ID and password | Customer specified credentials are electronically activated by USDA Service Center employee | tbd (presumed to be digital certificate) | tbd (presumed to be digitally signed document) |
| tbd (presumed to be typical complexity involved with digital certificates) | Portable if credential is user name and password. Signatory signs with "something you know" username and password. One-factor authentication | Uses database logs, which includes access control record with shared secrets. |
| simliar to common e-commerce transactions | Only something you know | Cost of training staff and maintaining service centers for ID proofing . | Strong Very strong confidence in identity because of face to face proofing, however, custody of credential not guaranteed | |
Configurable per business requirements; could be fully online using shared secrets | Choice of 5 hardware authenticators or software for cell phone or PDA | Hardware authenticators require physical delivery; software authenticators "seed" could be delivered electronically | Signatory signs with a "something you know" pin or password, and, a one-time use token code generated by their authenticator | Package consists of signed document and authentication metadata; requires external "seal" to make tamper-evident |
| Dedicated devices mask deep complexity | Dedicated device must be present at signing | Significant cost of dedicated device and licensing | Strong confidence in identity and credential, good confidence in custody of credential | |||||
Theoretical highly rigorous public key infrastructure (PKI) alternative | In-person proofing at US Post Office or a financial institution. | PKI private key with password and biometric (three-factor: something you have, something you know, something you are) | User enables the use of a digital certificate by typing in a passode. The digital certificate would likely be on a storage device or may be stored on a computer. Many web browsers and e-mail clients will work with digital certificates. | Digital Signature: document hash and biometric and e-signature metadata are encrypted with private key. Requires some type of reader to input the key, a scanner for the biometric, and, PKI-aware and biometric-aware client software | Package consists of text of document, biometric and e-signature metadata, and digital signature; this combination is tamper-evident by design |
| Complex, mysterious, many ways to fail | Reader required (mag stripe, smartcard, usb, etc.), biometric scanner required | Significant cost of person-proofing and certificate issuance, significant cost of reader and biometric scanner | Strong confidence in identity, credential, and custody of credential |
...