If a digital certificate is also requested, a public and private key is generated on the signer's computer using functionality built into the Microsoft Windows operating system.   Once identity has been verified in accordance with the procedures described above, the public key and identification information (including name and e-mail address) is then passed to the certificate authority, which issues a certificate for delivery to the customer.   Wave never has access to the private key.   The digital certificate is stored in Internet Explorer's certificate storage utility or the user's designated hardware device (such as Wave's EMBASSY product, smartcards or tokens).  

If the SmartIdentity service is used only for authentication it can be accessed via web services. If digital certificate issuance is also requested, the signer will be seamlessly transferred to Wave's SmartIdentity site.

Creating Signable Documents and Forms:

Wave’s software applications support signing documents created by proprietary or industry specific forms and document providers.  In other words, the eTMS solution can be seamlessly integrated with existing document content provider systems. Alternately, Customers who need assistance in creating electronic documents can utilize the SmartForms application to create and maintain PDF forms that will be populated with transaction specific data.  Regardless of the source of the electronic document, each document needs to be prepared for signing by one of the eTMS solutions. This document preparation process is called document tagging and is done via web services. The tagging process associates certain signing data with the document so the signing application can create a custom signing ceremony for each signer, including checking for authorized signers, verifying document expiration dates, enforcing signing order and signer roles.

Signing via SmartSignature Server:

SmartSignature Server is a server side component that interacts with an organization's existing applications to provide a secure signing ceremony utilizing username/password authentication.   SmartSignature Server can be used with either new or existing user signing credentials. For previously authenticated individuals, signing accounts can be established on a batch basis utilizing existing usernames/passwords, allowing users to leverage credentials for website access as well as signing.   Alternately, a user can create a separate signing account once authenticated.   SmartSignature Server allows an organization to customize the signing experience but leverages the eTMS suite to ensure that the document has not expired or been altered and is signed by the appropriate parties. SmartSignature Server also checks if multiple signed counterparts are allowed and whether user acceptance is needed of a transferable record.   After signing, SmartSignature Server submits and uploads the document to the SmartSAFE for validation and record retention.   SmartSignature Server supports the signing of multiple document types including Microsoft Office documents, PDF files and XML files.

Signing via SmartSignature Software:

SmartSignature permits the use of a digital certificate to logically associate a digital signature with an Adobe Acrobat or Acrobat Reader file in PDF format ("PDF File).The SmartSignature system can work with digital certificates provided through SmartIdentity or any third party certificate authority.  

The SmartSignature software installs a software plug-in/module in Adobe Acrobat Reader or Adobe Acrobat 4.0 or higher that embeds a signature button on the Acrobat Toolbar.   An explanation of the installation and use of the signature button is provided to the signer.   When the signer is ready to sign a displayed PDF File, the signer clicks on the embedded signature button. The SmartSignature Console is presented, displaying a summary list of the digital certificates stored on the user's machine or attached hardware device that are available for use, based on an organization's approved Certificate Authority list.

The software checks the following: who is authorized to sign the record and document expiration.   The software also checks embedded XML tags in the record to determine whether multiple signed counterparts of the electronic record are permitted, and if not, whether all required signatures have been applied to the single electronic record, before permitting submission of the electronic record to the SmartSAFE.   The software also personalizes all messages based on the organization. The signer selects the applicable digital certificate from the list and clicks a button labeled "Sign Document" on the console (the signer has the option of canceling the transaction instead).   The private key associated with the certificate is used to create a digital signature which is logically associated with the PDF File.    Once all the necessary signatures have been added to the PDF File, the signer may submit the record for filing in the SmartSAFE by clicking on an on-screen button on the SmartSignature Console labeled "Submit."   A dialog box is presented to the signer stating "Important:   You are submitting a legally signed and enforceable document. Do you wish to continue?"  

The signer may click on either a "Yes" or "No" on-screen button.   If the "Yes" button is selected, the signed record is submitted to the SmartSAFE. Also, if the Transferable Record flag is set to "Y", the signer is presented with a dialog box asking for them to agree that this document is a transferable record.

Signing within a SmartSigning Room:

A SmartSigning Room can be created via the SmartSAFE user interface or initiated via a web service.  The creator establishes a transaction ID and, optionally, a friendly name to the signing room.  The creator can also set expiration dates for the signing room and add documents to be viewed and signed.  The creator enters the name and email of individuals to be invited to the SmartSigning Room (“invitees”). Upon creation, the SmartSAFE sends out invitations by email to each of the invitees designated for the SmartSigning Room.

Upon receipt of the email, the invitee can click on a link in the email to bring them to the login page of the SmartSigning Room (within the SmartSAFE). The SmartSAFE first verifies that the SmartSigning Room is still valid and is intended for this invitee.  If the invitee already has signing credentials, the invitee can login. Alternately, the invitee can establish a signing account at this time.  Once logged in for the first time, the invitee is optionally presented a series of screens as configured by the SmartSAFE owner, including an ESIGN consent form and signature font selection interface.  Upon completion of these screens, the invitee is taken into a personalized SmartSigning Room and presented a document list for review. The SmartSigning Room also includes various tool bars and icons to initiate signing, commenting and downloading of documents.

The invitee can open and review any document in the list. If requiring a signature, the invitee can also sign the document from the room.  The SmartSigning Room keeps track of whether the document has been reviewed, is expired and who is allowed to sign the document.  Depending on the SmartSAFE configuration, the invitee may be prompted to re-enter signing credentials to sign. Upon authentication, the document will be populated with the invitee’s signature image at all applicable signature/initial points within the document.  At this point, another invitee can sign (if proper credentials supplied) or the document can be submitted.  This process can be repeated for all documents in the SmartSigning Room.

Additionally, the invitee can add comments in the form of a “sticky note” in the SmartSigning Room.  These comments do not alter the document but allow the invitee to notify the creator of any potential issues related to the document.  These comments can be viewed from within the SmartSigning Room as well as from the SmartSAFE.  Once a comment is made, a notification is sent to the signing room creator as well. 

The invitee can print or download any or all of the documents in the SmartSigning Room.  When the invitee is finished in the SmartSigning Room, he or she logs out.

Record Retention: SmartSAFE

When the signer clicks the on-screen "Sign Document" button, an encrypted "hash" of the file is created using public-key cryptography. The file and the hash are then logically associated and submitted to the SmartSAFE.

Upon submission to the SmartSAFE, the SmartSAFE performs a series of validation tests on the document, including:

• Checking the encrypted hash using the digital certificate's public key, to determine whether or not the appropriate private key was used for signing with SmartSignature
• Performing a hash digest compare to determine if the record been altered since the signature was attached (SmartSignature Server and SmartSignature)
• Checking with the certificate authority for revocation and/or status of the digital certificate.
• Validating the digital certificate(s) logically associated with the digital signature throughout the certificate chain.
• Checking embedded XML tags in the electronic record to determine whether multiple counterparts of the same document may be signed and submitted to the SmartSAFE. If multiple counterparts are allowed, SmartSAFE checks to make sure that all signed copies submitted to the SmartSAFE are identical.
• Sending an e-mail to the signer advising that an electronic record signed using the signer's certificate has been submitted to the SmartSAFE.

The signer of a record submitted to the SmartSAFE has access to their personal homepage that lists their signed and unsigned documents.

When a signed record is displayed in the SmartSAFE or printed out, a text rendering of the digital signatures is also displayed at the end of the record reflecting the identity of the signer, the date and time of signing, and the fact that a valid certificate was used. In addition, the display or printout includes a watermark indicating the record being viewed is a copy of the SmartSAFE electronic record.   On SmartSignature Server documents, graphic representations of each signature can also be created and displayed

If the SmartSAFE has accepted multiple counterparts of the same record, all of the signatures will be displayed when the record is displayed or printed. Although the signed electronic record may be shared by multiple parties having access to the SmartSAFE and although links to the electronic record may be displayed in multiple file folders within the SmartSAFE, there is only one copy of each signed electronic record stored in the SmartSAFE file server. All SmartSAFE users participating in a transaction can display a signed electronic record in their own folders, but they all access the same signed electronic record. Signed records may not be edited in the SmartSAFE.

With respect to unsigned electronic records stored in the SmartSAFE, the SmartSAFE does not currently perform validation checks. Users of the SmartSAFE can make copies of an unsigned electronic record in the SmartSAFE, unless the user has "read only" access to the file folder in which the electronic record is displayed (in which case the user can only make a copy to the user's local drive, not to the SmartSAFE, and cannot add an edited copy back into the SmartSAFE file folder). Unsigned electronic records cannot be edited in the SmartSAFE and their creation date as a SmartSAFE electronic record is recorded and available. Unsigned records can be deleted and overwritten, but the SmartSAFE will reflect the new creation or overwrite dates for the record.

The SmartSAFE utilizes a hierarchical file folder structure that permits multiple levels of access to various users of the SmartSAFE. Each user has a user name and password for login to the SmartSAFE. Each user is granted access to electronic records on a "per folder" basis and is assigned various functions and permissions with respect to records contained within the folder.

Multiple folder levels may be used, with user access and functions for the same user varying from level to level within the same family of nested folders. Folders to which the user does not have access are not visible to the user, and therefore, by having the same electronic record displayed in multiple folders for access by different users, access and functions with respect to a particular electronic record can be controlled on a "per user" basis. Users may also "share" files with other users on a "read only" or "read/write" basis. In this context, having "write" authority means that the party sharing the file may upload a new version (as noted above, editing is not permitted in the SmartSAFE).

The Wave Systems Customer's administrator can establish levels of access and functions for each user on a per folder basis. For users who are legal entities granting access to multiple employees, agents or representatives, the user's primary representative may set levels and functions for each of the user's representatives, employees and agents with respect to folders under the user's control.

Each electronic record is identified in the SmartSAFE as having an owner. Change of ownership is accomplished via a logical registry maintained as part of the SmartSAFE and requires an active transfer of ownership from the current owner to the new owner under a protected process that only permits a user with full write authority and access permission to perform a transfer.

The SmartSAFE maintains the following system logs:

• Web Log - Reflects what electronic records and folders have been accessed by a registered user.
• Audit log - Tracks certain actions taken by users with respect to the SmartSAFE
• Document Log - Tracks the transfer of file ownership
• E-mail log - Maintains a record of the e-mail notifications sent to signers.

Additionally, the SmartSAFE has robust reporting functionality.