OneSpan Sign Developer: In-person SMS Authentication
OneSpan Sign version 11.39 was recently deployed to all environments, and the update includes new and exciting product capabilities. In this previous blog, we outlined some of the most notable updates in the release. Picking up where we left off, we will unveil the in-person SMS authentication in this blog and explain how this feature could empower your use cases. Let’s get started!
Remote vs In-person Signings
With remote signing, once the recipient receives the activation email and accesses the signing link, there could be additional signer authentication challenges through different channels, like SMS one-time password (OTP) or knowledge based questions. Recipient's IP address and the signer authentication confirmation will be audited, and all these audited events strengthens the legality of the whole e-signature process.
Comparatively, in-person signing requires the physical presence of all recipients, and typically does not involve as many signer authentication options as the remote signing use case. The transaction owner, normally an internal agent, needs to collect signers’ proof of identifications like a “wet” signature scenario.
In-person SMS Authentication
In order to further enhance the security and avoid any potential internal fraud, account owners can now choose to authenticate signers with SMS OTP during an in person signing.
Once the signing ceremony is switched over to a recipient who has been configured for SMS authentication, the pop-up window below will prompt the signer for an OTP which has been sent to his/her mobile.
Note:
- This capability is only offered in the New Signer Experience
- To leverage this feature, you’d contact support team and have it turned on at the account level. By default, the feature is turned off and won’t affect your current experience.
- This feature won’t affect to apply SMS authentication for remote signing scenarios.
Audited Events in Evidence Summary
The entire signer authentication process will be audited in Evidence Summary, which looks similar to the screenshot below.
The audit trail shows that before the signing ceremony was handed over to the signer, he/she passed the SMS authentication which was delivered to his/her phone number.
There it is. We’ve demonstrated what you can expect for the in-person SMS authentication and how it strengthens the legality of your workflow. If you have any questions regarding this blog or anything else concerning integrating OneSpan Sign into your application, visit the Developer Community Forums. Your feedback matters to us!