Using biometric signature with verification

Please note that you will need an active, dynamic and enrolled biometric server profile for the following configurations. For more information about the biometric server please do not hesitate to contact us.

Please also note the following preconditions:

  • Biometric server
  • Feature flag ("BiometricSignature")
  • Native component (Device Driver, Kiosk, sign on phone, ...)

The Story 

Charly wants to open a new bank account. In order to be able to guarantee that Charly and no one else  signs future signatures, Charly has to sign six times to collect them in order to use those six signature to verify future signatures from Charly. This ensure that even if Charly does not sign directly in the bank, his signatures, which are digitally signed, are verified with the collected six signatures to check if Charly signed the document.

Integration

In order to verify the signature with the collected six signature from the enrolled biometric server the following attribute must be set:

"IsBio": true,

Please note that the signature will not be verified if the value for "IsBio" is set to false!


Furthermore, the "BiometricServerUserId" must be set. The uid is the user id which can be found in the biometric server profile:

"BiometricServerUserId": "string",

Please also see the following configuration which shows where to place those two attributes:

"AllowedSignatureTypes": {
    "Biometric": {
        "BiometricVerification": true,
        "AllowBiometricStoringOnly": true,
        "StoreSignedResponseWithoutBioData": true,
        "AllowSkipBiometricVerification": true,
        "BiometricServerUserId": "string",
        "SignaturePositioning": "WithinField",
        "Preferred": true,
        "StampImprintConfiguration": {
            "DisplayExtraInformation": true,
            "DisplayEmail": true,
            "DisplayTransactionId": true,
            "DisplayTransactionToken": true,
            "DisplayPhoneNumber": true,
            "UseCustomStampImprint": true,
            "DisplayIp": true,
            "DisplayName": true,
            "DisplaySignatureDate": true,
            "FontName": "string",
            "FontSizeInPt": 0
        }
    }
},

In this configuration you can also find three more attributes to configure the settings of biometric verification:

  • AllowSkipBiometricVerification (to allow to skip the biometric verification)
  • AllowBiometricStoringOnly (to allow to store the biometric signature without verification process)
  • StoreSignedResponseWithoutBioData

Please also see the following complete workstep configuration:

{
    "Documents": [{
            "FileId": "20f35fe5-1234-1234-847d-02ece578ad88",
            "DocumentNumber": 1
        }
    ],
    "Name": "Test",
    "Activities": [{
            "Action": {
                "Sign": {
                    "RecipientConfiguration": {
                        "ContactInformation": {
                            "Email": "johndoe@sample.com",
                            "GivenName": "John",
                            "Surname": "Doe",
                            "LanguageCode": "EN"
                        }                  
                    },
                    "Elements": {                                            
                        "Signatures": [{
                                "TaskConfiguration": {
                                    "OrderDefinition": {
                                        "OrderIndex": 0
                                    }
                                },
                                "ElementId": "sample sig biometric",
                                "Required": true,
                                "DocumentNumber": 1,
                                "DisplayName": "Sign here",
                                "AllowedSignatureTypes": {
                                     "Biometric": {
                                        "BiometricVerification": true,
                                        "AllowBiometricStoringOnly": true,
                                        "StoreSignedResponseWithoutBioData": true,
                                        "AllowSkipBiometricVerification": true,
                                        "BiometricServerUserId": "string",
                                        "SignaturePositioning": "WithinField",
                                        "Preferred": true,
                                        "StampImprintConfiguration": {
                                        "DisplayExtraInformation": true,
                                        "DisplayEmail": true,
                                        "DisplayTransactionId": true,
                                        "DisplayTransactionToken": true,
                                        "DisplayPhoneNumber": true,
                                        "UseCustomStampImprint": true,
                                        "DisplayIp": true,
                                        "DisplayName": true,
                                        "DisplaySignatureDate": true,
                                        "FontName": "string",
                                        "FontSizeInPt": 0
                                        }
                                     }
                                    },
                                "FieldDefinition": {
                                    "Position": {
                                        "PageNumber": 1,
                                        "X": 100,
                                        "Y": 200
                                    },
                                    "Size": {
                                        "Width": 100,
                                        "Height": 70
                                    }
                                }
                            }
                        ]
                    },
                    "SigningGroup": "firstSigner"
                }
            }
        }, {
            "Action": {
                "SendCopy": {
                    "RecipientConfiguration": {
                        "ContactInformation": {
                            "Email": "johndoe@sample.com",
                            "GivenName": "John",
                            "Surname": "Doe",
                            "LanguageCode": "EN"
                        }
                    }
                }
            }
        }
    ]  
}

With this configuration set the signing will be verified. If the signature does not match the others the signature will be rejected! Please see the next figure:

Signature Verification Failed