Signable Security

How Signable keeps your documents safe: Compliance is key.

You can be sure that your electronic documents are always secure in Signable’s hands.

How has Signable got you covered?

Our eSignatures are safe and secure, with SSL encryption on every page you visit on the Signable website. This means that no one can snoop on your password or the documents you send and sign using our services.

Every action from the point of uploading is logged in a full audit trail that’s attached to the corresponding envelope in your account. You’ll be able to see right down to the minute when the signee has opened the document.

Once a document has been signed and submitted by your client, you will receive an email that includes the completed electronic document attached as a PDF and a certificate of signature.

The certificate of signature is an important document that includes important information including:

  • Who each signing party is
  • Dates, times, IP addresses and fingerprints
  • A full audit log or audit trail

With Signable, the audit trail provided gives you an action by action breakdown of the electronic signing progress of the document, allowing you to see the status of it and what has happened in the past to the source document.

What is SSL Encryption?

SSL encryption can be summed up as:

“SSL is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browser remain private.”

What this means is you can be safe in the knowledge that the information you share on Signable is secure. As the Signable site is encrypted with SSL, your browser will form a connection with the webserver, look at the SSL certificate, and then bind together your browser and the server. This creates a secure connection that means the information you’ve submitted is safe.

Secure Electronic Signatures

We comply with regulations set out by the eIDAS to ensure your documents are legally binding in any court (check out our legal page here). Once everyone has signed the document, you’ll get a full copy of all signatures with a certificate showing you:

  • Each signing party
  • Dates, IP addresses, and fingerprints
  • A full audit log

Your documents are stored securely in your account for easy access. They’re only accessible to you (or anyone you give permission to view) and you can access them anytime.

To ensure Signable security is up to standard and all your documents are secure & legally binding we provide:

  • eIDAS compliance & exceedance of UK eSign regulation
  • Detailed audit log stored for each signature action
  • Identification of users verified before permitted to send documents
  • Document integrity checked, always
  • Unique  fingerprint IDs for each document
  • Secure storage of documents and data
  • Signatory identity verified via email address, timestamps and geo-tracking
  • SSL 256-bit AES/RSA encryption
  • Only you and people you’ve authorised can access documents

Our Compliance and Data Security page can be found here.

esign act

Encryption at Rest

Signable uses encryption at rest to keep your data safe. Often when worrying about data breaches businesses may be concerned about documents they have been using most recently, data referred to as active data or data in motion, the stuff you’re most likely using on a daily basis. But what about the documents that haven’t been accessed in a long time, your archived data?

Archived data can be referred to as data at rest and is usually protected by a firewall or anti-virus software, but needs an additional layer of defence. This is where encryption at rest comes in.

Data encryption is the process of translating one form of data into another form of data that unauthorised users can’t decrypt.  By encrypting data at rest, we essentially convert sensitive data into another form of data that can’t be understood by a user who isn’t authorised to decode it. The minimum number of people have access to your data meaning you can be sure that your data stays secure.

AWS WAF

Signable also protects your documents by using AWS WAF.

AWS WAF (or Amazon Web Services Web Application Firewall)  is a web application firewall that protects applications and APIs against web attacks that may affect availability, compromise security, or consume excessive resources.

Brexit Update:

The UK government intends to grant “adequacy” to all EEA countries for the purposes of personal data flows, so your information will be fully secure and legal post-Brexit.

Vulnerability Scanning

Signable uses vulnerability scanning to help identify security weaknesses in our system. This means we are consistently alerted to any suspected vulnerabilities in our system and act on them, fixing any issues and keeping your data safe.