Envelope FAQ's
      Back to home
      1. Annature Help Center
      2. FAQs
      3. Envelope FAQ's

      How does Annature ensure the right person is signing?

      Annature takes a comprehensive approach to eSigning security, ensuring that all digital transactions are secure, compliant, and verifiable. By incorporating advanced verification methods, audit trails, and industry-leading encryption, Annature provides a trusted solution for businesses and individuals looking to sign documents electronically with confidence. Below is a detailed breakdown of how Annature guarantees the highest level of security in eSigning processes.

      1. Signer Verification

      To prevent unauthorised access and ensure that only the intended recipient can sign a document, Annature employs multiple layers of verification:

      • Email & SMS Notifications – Upon document submission, recipients receive secure notifications via email and/or SMS. These notifications contain unique, time-sensitive links that prevent unauthorised access and ensure the document reaches the correct individual.

      • Two-Factor Authentication (2FA) – For an added layer of protection, signers may be required to enter a one-time password (OTP) sent via SMS or email before accessing and signing the document.

      • Metadata Tracking – Annature captures critical metadata, including IP addresses, user agents (device/browser information), and geolocation data. This information provides an additional level of authentication, confirming that the signature process occurs under legitimate conditions.

      2. Comprehensive Audit Trail & Certificate of Completion

      Every signed document processed through Annature is accompanied by a Certificate of Completion, ensuring full transparency and legal enforceability. This document provides a comprehensive record of all interactions with the signed document, including:

      • Session & Fingerprint ID – Each document signing session is assigned a unique identifier, ensuring the integrity of the transaction and preventing fraudulent alterations. The Session ID is a randomly generated alphanumeric string that serves as a unique identifier for each signing event. This ensures that every transaction can be individually tracked and verified. The Fingerprint ID is a cryptographic hash derived from key metadata points such as the signer’s device, browser type, and location. This fingerprint helps establish a unique, immutable record of the transaction and adds an extra layer of authenticity by ensuring that each signer’s session is distinct and tamper-proof.

      • Timestamps & Metadata – Detailed logs capture when the document was viewed, when each signature was applied, and when the process was completed.

      • IP Address & Device Details – The system records the signer's IP address and device details, adding an extra layer of verification and aiding in forensic analysis if needed.

      3. Advanced Security & Compliance

      Annature adheres to stringent security protocols and compliance requirements, ensuring that all electronic signatures meet global and Australian legal standards.

      • End-to-End Encryption – Annature protects data both in transit and at rest using TLS 1.2+ encryption for secure data transmission and AES-256 encryption for storage.

      • Australian Data Sovereignty – All data is securely hosted within the AWS ap-southeast-2 region, ensuring compliance with Australian data protection laws and privacy regulations.

      • ISO 27001:2022 Certified – Annature follows internationally recognised security frameworks, including ISO 27001:2022, which governs best practices in information security management.

      4. Why eSigning is More Secure Than Paper-Based Signatures

      Compared to traditional paper-based signatures, electronic signatures offer superior security, verifiability, and fraud prevention mechanisms. Annature enhances these benefits through:

      • Multi-Factor Authentication (MFA) – Strengthening identity verification by requiring users to authenticate their identity before signing.

      • Tamper-Proof Audit Trails – Every transaction is securely logged, preventing document manipulation post-signing. If any alterations occur after signing, they are detected and flagged.

      • Cloud-Based Security – Electronic documents are stored securely in the cloud, reducing the risks associated with physical document loss, forgery, or unauthorised duplication.