How “What You See Is What You Sign” works
GUEST BLOG What You See Is What You Sign (WYSIWYS) refers to the part of the signature process where you read the document you intend to sign and ensure that you only sign it once you know it is the right document and that you agree with its terms, writes Jan Kjærsgaard, Senior Cryptography Manager at Cryptomathic, a leader in secure digital signing.
When you read something in your web browser, how can you be sure that the text you read is genuine and from the right source? In the digital world, the WYSIWYS experience is part of a larger signature process involving several steps:
- The document or transaction is prepared
- The signatory views and reads the document
- The signatory approves the document
- The signature is created
- The terms in the document or transaction are executed
Read complementary Gartner report: “How We Will Work in 2028”
A mutually authenticated channel
Step 1 and 5 are about the business that needs something signed to proceed. It can be anything from a contract or tax declaration to a financial transaction. Once the document or transaction has been signed, the applications requiring the signature can use the document and proceed with the business: open a bank account, buy a house, check a declaration, transfer money, etc.
Step 2 is where the user is presented with the document that requires a signature, through their web browser. Before the user trusts that the remote system is genuine, they should check that the URL appears correct and that the browser displays a padlock (or something similar, depending on the browser) to indicate that the connection is secure. Likewise, the remote system will not deliver a document to anyone it doesn’t know and will ask the user to be authenticated by logging on with their authentication credentials. Having both the remote system and the user authenticated means that documents can be exchanged over a mutually authenticated channel.
User convenience is paramount
When business is conducted online, the user interface must be convenient to use and accessible from all types of devices – if dedicated hardware must be available, special software installed, and the user’s favorite tablet and browser aren’t supported, the user journey becomes cumbersome and there’s a substantial risk that the user opts for a more welcoming service.
User convenience also relates to the cryptographic keys and processes required, and that the user must accept the terms of the signing service to apply their signature. While the terms must be understood and accepted by the user, the involvement of a public key infrastructure is not something the user should be concerned with. In a digital world, the user doesn’t see the actual data being signed. Instead the e-signing system interprets and renders the data in a human-readable fashion that can be displayed in a browser.
WYSIWYS creates a trusted viewer in the browser
WYSIWYS is about enabling trust and confidence in digital transactions, where the users can truly trust what they are presented with on their screen and are confident that what they are signing is authentic. From a business perspective, WYSIWYS should ensure that signing processes are protected against fraudulent activity, such as man-in-the-middle (MITM) attacks.
One approach to achieve WYSIWYS is to render the data on a remote server before presenting the rendered images or data in the browser. This method creates a trustworthy viewer with the most convenient user experience, allowing the user to read and sign documents on PCs, tablets and smart phones without requirements to install software on the device.
No need for any special software
This approach has several advantages. Since the document to be signed (whether it’s in PDF or XML format) stays on the remote server and is never transported to the browser in its entirety, there is a real assurance that the signed document is the intended one. Presenting rendered images in the browser is a trivial task on all devices and does not require any special software to be downloaded.
Nevertheless, with a minimal client in the web browser, it is a nontrivial task to produce the advanced signature objects required for qualified electronic signatures (QES) within the browser. For QES, additional formats, processing, certificates, revocation information and time stamps are required to be collected. Therefore, we recommend leaving such complicated matters for the back-end system to carry out.
The strongest level of security
Once the user has read and agreed to the terms in the document (step 3), it’s time to create the digital signature (step 4). This typically means that the user will provide one or more authentication factors, required to activate the signature key over an advanced protocol from the web client to the part of the remote system that has access to the signature key. The protocol and the authentication information ensure that only the intended document will be signed.
Correctly implemented, WYSIWYS provides the strongest level of security, non-repudiation and end-user convenience.
Published 12/12 2018