TWM669780U - Electronic signature system - Google Patents

Abstract

A system for electronic signatures, comprising a user interface for receiving a signature input from a signer; a signature verification module for verifying the similarity between the signature input and a pre-stored signature sample; and a document generation module for generating an electronic document containing the signature after verification. The system further includes an encryption module and a timestamp module to ensure the security and integrity of the signature and the electronic document.

Description

Electronic Signature System

This novel invention relates to an electronic signature system, particularly an electronic signature system applied to various electronic documents.

With the rapid development of digital technology, electronic signatures have become a key technology to replace traditional handwritten signatures in many industries. Existing electronic signature systems usually include a user interface, a signature verification module, and a document generation module. These systems allow users to input signatures through electronic devices and apply them to various electronic documents. However, these existing technologies still have some shortcomings in terms of security, data integrity, and accuracy of signature verification.

Most current electronic signature systems rely on simple matching algorithms to verify the authenticity of signatures, which are vulnerable to malicious tampering or signature forgery. In addition, after generating electronic documents, these systems often lack effective encryption measures to protect the integrity and confidentiality of data, resulting in potential security risks during the transmission and storage of documents. In addition, existing technologies generally lack timestamp functions and cannot accurately record the time of signatures, thus affecting the legal effect of signatures.

At the same time, most existing electronic signature systems only use a single identity verification method and fail to fully utilize multi-factor verification technology to enhance the confirmation of the signatory's identity, which is particularly insufficient in certain application scenarios with high security requirements.

Therefore, the prior art requires an improved electronic signature system to improve the security of the signature, the integrity of the data, and the overall reliability of the system.

In view of the above issues, the purpose of this invention is to provide an improved electronic signature system to overcome the deficiencies in the prior art, especially in terms of accuracy, security, data integrity and identity verification of signature verification.

The novel electronic signature system includes a user interface for receiving the signature input of the signatory; a signature verification module for verifying the similarity between the signature input and the pre-stored signature sample; and a file generation module for generating an electronic file containing the signature input after the signature verification is passed. The system also includes an encryption module for encrypting the signature input and the generated electronic file to ensure the integrity and security of the data; and a timestamp module for adding the precise timestamp of the signature to the electronic file to enhance the legal effect and reliability of the signature.

This new system supports multiple authentication methods, including but not limited to passwords, fingerprints and facial recognition, thereby enhancing the confirmation of the signatory's identity and reducing the risk of unauthorized signatures. The introduction of multi-factor authentication technology further improves the security of the system, especially in applications involving sensitive documents.

In addition, this new electronic signature system can automatically store the generated electronic files in the cloud system to ensure the traceability and accessibility of the files. The design of the system also takes into account the user's operational convenience, providing an efficient and secure electronic signature solution that is suitable for various industry applications.

This new type significantly improves the security and reliability of electronic signatures by combining advanced encryption technology, timestamp function and multi-factor identity authentication, and meets the high standards of modern digital transactions and document management.

100: Electronic signature system

110: User interface

120:Signature verification module

130: Document generation module

150: Encryption module

160: Timestamp module

170:Authentication module

Figure 1 is a schematic diagram of an electronic signature system of one embodiment of the present invention.

References to "an embodiment" and "in an embodiment" in this specification indicate that the embodiment described may include a specific appearance, feature, structure or characteristic, but do not limit each embodiment to include the specific appearance, feature, structure or characteristic. Moreover, this term may but does not necessarily refer to the same embodiment mentioned in other parts of the specification. In addition, when describing a specific module, appearance, feature, structure or characteristic and combining it into an embodiment, regardless of whether it is clearly described in the specification, a person with common knowledge in the art can still combine the module, appearance, feature, structure or characteristic with other embodiments. In other words, any module, element or feature can be combined with other elements or features in different embodiments, unless they have obvious or inherent incompatible characteristics or are specifically excluded.

Figure 1 is a schematic diagram of an electronic signature system of one embodiment of the present invention. Please refer to the above figure for the following description.

The present invention relates to an electronic signature system 100, which includes the following elements: a user interface 110: used to receive the signature input of the signatory. The user interface 110 can be a touch screen, a keyboard input or other suitable input device, which is used to provide the signatory with a handwritten signature or a typed signature. The signatory inputs the signature through the user interface 110, and the signature input is then transmitted to the signature verification module 120.

Signature verification module 120: used to verify the similarity between the signature input of the signatory and the pre-stored signature sample. The signature verification module 120 calculates the similarity between the signature input and the sample signature based on a specific algorithm, such as an image matching algorithm or a feature point comparison technique. When the similarity reaches a preset threshold, the signature is considered valid.

Document generation module 130: After the signature verification is passed, the document generation module 130 is responsible for generating an electronic document containing the signature input. The module can generate an electronic document 140 according to a preset document template or a user-specified format, and embed the signature in an unmodifiable form.

Encryption module 150: used to encrypt signature input and generated electronic documents. Encryption module 150 uses asymmetric encryption technology, including encryption using a public key and decryption using a private key, to protect the data integrity and security of signatures and documents.

Timestamp module 160: used to add timestamps to electronic documents to record the exact time when the signature is entered. The timestamp module 160 obtains time data from a trusted time source and embeds it into the generated electronic document to ensure the immutability and legal validity of the signature.

Identity verification module 170: used to verify the identity of the signatory before receiving the signature input. The module 170 supports multi-factor verification technology, including password verification, fingerprint recognition, facial recognition, etc., to enhance the security of the signatory's identity confirmation.

The system 100 receives a signature through a user interface 110, which is then verified by a signature verification module 120. The verified signature is generated by a file generation module 130 as an electronic file 140 containing the signature. The encryption module 150 encrypts the signature and the electronic file to ensure their security. The timestamp module 160 adds an accurate signature timestamp to the electronic file 140, and the identity verification module 170 ensures that the identity of the signer is fully verified throughout the process. The modules of the system 100 are directly or indirectly electrically connected to each other.

This new implementation method can be applied to various scenarios that require electronic signatures, such as contract signing, digital certificate issuance, electronic payment transactions, etc., and can significantly improve the security and efficiency of transactions.

Furthermore, the present invention relates to an improved electronic signature system 100 and related methods thereof, which are intended to improve the security, accuracy and ease of use of electronic signatures. The various components of the system cooperate with each other in function to achieve a complete electronic signature process and ensure the security and integrity of the signature and the electronic document generated throughout its life cycle. In order to explain the implementation of the present invention more clearly and comprehensively, the structure, function and technical details of each component will be described separately below.

1. User interface 110: The user interface 110 is the part of the electronic signature system that directly interacts with the user. Its main function is to receive the signature input of the signatory. According to the specific application scenario and the needs of the signatory, the user interface can be implemented in a variety of ways, including but not limited to a touch screen, a digital pen input device, a keyboard, a mouse, and other input devices that can be used for signature operations. The user interface 110 includes:

1. Touch screen input: In modern digital devices, touch screens are increasingly used, especially in portable devices such as tablets and smartphones. The signer can sign directly on the touch screen using a finger or stylus. In order to improve the accuracy of the signature, the touch screen should have high-precision sensing technology that can capture every subtle movement during the signature process, such as the strength, speed, and angle of the strokes. These data will help the subsequent signature verification process.

2. Digital pen input: In some scenarios where precise signatures are required, such as signing legal documents or documents with high security requirements, digital pen input is a more appropriate choice. Digital pens are usually equipped with pressure sensing functions, which can record the changes in the thickness of the pen strokes when signing, and transmit the signature data to the system via Bluetooth or other wireless technologies. This method can not only simulate the feeling of traditional handwritten signatures, but also provide richer signature data, further improving the accuracy of verification.

3. Keyboard and mouse input: For some scenarios where touch or digital pen is not suitable, such as remote signature or devices without touch screen, keyboard and mouse are also feasible signature input tools. The signer can enter the name or other identification symbols through the keyboard, and then use the mouse to draw the signature pattern on the screen. To enhance security, the system can design a multi-step verification process, such as requiring the signer to confirm again or select a pre-stored signature sample after keyboard input.

4. Integration of biometric technology: In order to improve the security of the system and the uniqueness of the signer's identity, this new user interface can integrate various biometric technologies, such as fingerprint recognition, facial recognition or iris recognition. During the signing process, the system can require the signer to perform biometric verification first to ensure the legitimacy and validity of the signature operation.

2. Signature verification module 120: The signature verification module 120 is one of the core technologies of the present invention. Its main function is to verify whether the signature entered by the signatory matches the pre-stored signature sample. The module uses a variety of technical means to ensure the accuracy and reliability of the verification, including but not limited to image processing, pattern recognition and machine learning technology. The signature verification module 120 includes:

1. Image processing technology: When the signature is input through a touch screen or digital pen, the signature verification module will first perform image processing on the signature. This includes pre-processing of the signature image, such as binarization, denoising, edge detection, etc., to obtain a clear signature outline. Subsequently, the module will extract the signature's feature points, including the starting and ending points of the stroke, turning points, curvature changes, etc. These feature points will be used to compare with the pre-stored signature samples.

2. Pattern recognition technology: For signatures entered by keyboard or mouse, the signature verification module uses pattern recognition technology to analyze the structure and shape of the signature. By analyzing the geometric shape, stroke sequence, and writing movements of the signature, the system can determine the similarity between the input signature and the sample signature. To improve the accuracy of verification, the system can use the Dynamic Time Warping (DTW) algorithm to handle the time difference between different signatures.

3. Machine learning technology: With the development of machine learning technology, the signature module can also use deep learning algorithms, such as generative AI, to perform signature recognition and comparison. By training convolutional neural networks (CNN) or recurrent neural networks (RNN), the system can automatically learn and extract complex features of signatures and improve the ability to recognize signatures of different signatories. This technology is particularly suitable for dealing with scenarios with diverse signature styles.

4. Signature sample management: In the system, the management of signature samples is also crucial. The signature verification module needs to access the signatory's signature sample library for comparison. These signature samples can come from previous signature records or be pre-set in the system by the signatory. In order to ensure the accuracy of the signature samples, the system should regularly update the sample library and make dynamic adjustments based on the signatory's latest signature behavior.

3. File generation module 130: The file generation module 130 is responsible for generating an electronic file containing a signature after the signature verification is passed. This module not only needs to handle the generation of the file, but also needs to ensure that the signature embedded in the file cannot be changed, thereby maintaining the integrity of the file. The file generation module 130 includes:

1. Generation of electronic files: When the signature verification module confirms that the signature is valid, the file generation module will generate the final electronic file according to the user's needs. The file can be in PDF format, Word document or other formats that support electronic signatures. The system supports automatic generation of files with default templates and allows users to upload custom templates. The file generation module can also embed the signature into the specified location of the file according to the user's choice and ensure that the signature image will not be changed by subsequent operations.

2. Signature embedding technology: During the file generation process, the system will embed the signature into the electronic file in digital form. In order to prevent the signature from being tampered with, the system can encrypt the signature image and embed the encrypted signature data into the data stream of the file. In addition, the system can also generate a unique digital fingerprint for each signature, such as generating a corresponding hash value through the SHA512 algorithm. This fingerprint will constitute the integrity verification data of the file together with other parts of the file.

3. Document version management: The document generation module also has a version management function. After each signing operation, the system will automatically generate a new version of the document for future query and audit. This version management function is particularly important for documents that need to be revised multiple times, such as contract signing, and can clearly display the change records of each version.

4. Encryption module 150: Encryption module 150 is used to encrypt signatures and generated electronic documents to protect the security of data during storage and transmission. The module uses asymmetric encryption technology, which includes encryption using a public key and decryption using a private key. Encryption module 150 includes:

1. Application of asymmetric encryption technology: The encryption module uses asymmetric encryption technology to ensure the security of signatures and files. When a user signs in the system, the system automatically generates a public-private key pair. The signature data and the generated files will be encrypted by the public key, and only authorized personnel holding the corresponding private key can decrypt and view these data. In this way, even if the file is intercepted during transmission, it cannot be accessed by unauthorized third parties.

2. Digital signature and certificate management: The encryption module can also be combined with digital signature technology to further improve the security and legal validity of the file. Digital signature is a technology based on public key infrastructure (PKI), which can generate a unique digital fingerprint for each electronic file and attach it to the file. The certificate authority (CA) in the system is responsible for issuing digital certificates to each signatory and certifying the legitimacy of the signature.

3. Data encryption process: During the data encryption process, the system will first perform a hash operation on the signature data and the electronic file to generate a hash value of a fixed length. Subsequently, the hash value will be encrypted together with the original data through the public key to generate the final encrypted file. The decryption process is the opposite. The authorized user uses the private key to decrypt the file and verify whether the hash value matches to ensure that the file has not been tampered with.

4. Encrypted storage and transmission: In addition to static encryption of data, the system also strengthens the security of data transmission. By using the Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocol, the system can protect the confidentiality and integrity of data during network transmission. In addition, the system also supports encrypted storage of electronic files to ensure the security of files in the cloud or local storage.

5. Timestamp module 160: Timestamp module 160 is an important component of the present invention, which is used to add an accurate timestamp of the signature to the electronic document to enhance the legal effect and non-tamperability of the signature. Timestamp module 160 includes:

1. Generation of timestamp: When the signature verification is passed, the timestamp module will automatically generate a timestamp to record the exact time when the signatory completed the signature. This timestamp usually includes the date and specific time (accurate to the second), which helps to ensure that the signing time of the document is legally certain. The timestamp data will be encrypted together with the signature data and embedded in the electronic file.

2. Trusted time source: To ensure the accuracy and credibility of timestamps, the system obtains time data from one or more trusted time sources. These time sources can include the International Standard Time (UTC) server, an authorized third-party time server, or a company's internal time server. The system synchronizes time regularly and uses the latest time data when generating timestamps to prevent time tampering.

3. Application scenarios of timestamps: Timestamps play an important role in many scenarios, especially in contract signing, evidence preservation, and the issuance of digital certificates. Through timestamps, the signing time of a document can be clearly determined, which is of great significance for resolving legal disputes and ensuring the validity of signed documents. In addition, timestamps can also be used for document version management, recording the generation time of each version, which is convenient for subsequent inquiries and audits.

4. Timestamp verification: During the verification process of the file, the recipient can check the legitimacy and accuracy of the timestamp. The system can compare the time source with the timestamp data embedded in the file to confirm whether the signing time is authentic. If the timestamp does not match the file content, or if the timestamp is detected to be tampered with, the system will issue a warning and refuse to verify the file.

6. Identity verification module 170: The identity verification module 170 is responsible for verifying the identity of the signer before signing, ensuring that only authorized personnel can sign. The module supports multiple identity verification methods to meet the needs of different security levels. The identity verification module 170 includes:

1. Password verification: The most basic form of identity verification is to use a password. The signatory needs to set a strong password in the system and enter the password for identity confirmation every time he signs. The system requires the password to be complex, such as containing letters, numbers and special symbols, and to be updated regularly to prevent the password from being cracked.

2. Biometric verification: Biometric verification technology can provide higher security. The system supports multiple biometric technologies, including fingerprint recognition, facial recognition, and iris recognition. Signers can verify their identity by scanning fingerprints or taking facial images. The system uses advanced algorithms to analyze biometric features to ensure the accuracy and reliability of the verification process. These biometric data will be encrypted and stored in the system and will only be used for identity verification.

3. Multi-factor authentication: To further improve the security of the system, the authentication module supports multi-factor authentication (MFA). Multi-factor authentication requires the signer to pass two or more verification steps at the same time when signing. For example, the signer may need to enter a password first, and then perform a second verification through fingerprint or facial recognition. This method greatly reduces the risk of unauthorized signatures, and even if the password is leaked, it is difficult to sign illegally.

4. Implementation of two-factor authentication: In the two-factor authentication (2FA) scenario, the signatory first needs to pass the password verification, and then the system will send a one-time password (OTP) to the signatory's mobile phone or email. The signatory needs to enter the OTP in the system to complete the signing operation. This method can effectively prevent the risk of account theft, especially in the case of remote signing and sensitive document signing.

5. Authentication log: The system records the details of each authentication, including the time, method and result of the authentication. These log data will be stored in a secure database and provided to managers for audit when necessary. Authentication logs play an important role in tracking signature behavior, detecting potential security threats, and maintaining the overall security of the system.

VII. Application scenarios of the system: The new electronic signature system 100 can be widely used in various scenarios requiring electronic signatures. The following are several typical application scenarios.

1. Contract signing: In business transactions, contract signing is a crucial link. This new system can be used for signing bilateral or multilateral contracts. The system can automatically generate contract documents and allow signers to sign through the user interface. After signature verification and encryption processing, the final contract document will be timestamped and stored in the cloud to ensure the validity and security of the contract. Every step in the signing process will be recorded and saved for future audits and inquiries.

2. Legal document authentication: This system also plays an important role in the signing and authentication process of legal documents. Lawyers and legal institutions can use this system to electronically sign and authenticate documents. The system's identity verification module can ensure that only authorized lawyers can sign, while the timestamp module can provide proof of the signing time of the document, ensuring the legitimacy and immutability of the legal document.

3. Digital certificate issuance: In the process of issuing digital certificates, security and the validity of the signature are crucial. This system can ensure that the signature of the digital certificate will not be tampered with and the signing time is accurate through the encryption module and the timestamp module. The system can also automatically store digital certificates in the cloud and generate a unique digital fingerprint for each certificate for verification and tracking.

4. Electronic payment transactions: With the popularity of electronic payment, signatures have become an important means of authenticating the legitimacy of transactions. This system can be used for signature verification of electronic payments. The system's multi-factor verification technology can effectively prevent unauthorized payment behavior. Each transaction will generate an encrypted electronic file with a signature and timestamp to ensure the authenticity and security of transaction records.

5. Cloud storage and management: This new system supports automatic storage of generated electronic documents in the cloud and provides convenient file management functions. Users can retrieve, view and download signed documents through the system's file management interface. The system also supports multi-user collaboration, allowing multiple users to sign and review the same document. Cloud storage not only improves the traceability of documents, but also simplifies the file management process.

8. System security and scalability: The new electronic signature system 100 is highly secure and scalable, and can adapt to application scenarios of various scales, from personal signatures to enterprise-level document management, and can provide reliable solutions.

1.*System security: The system adopts multiple layers of security protection measures, including data encryption, identity verification, timestamp and digital signature technology to ensure the security of signatures and files throughout their life cycle. Whether in the signing process or in the file storage and transmission process, the system can effectively prevent data leakage and unauthorized access.

2. System scalability: This new system has good scalability and can be customized and expanded according to user needs. The system supports multi-user, multi-role management mode, allowing different users to have different access rights and operation rights. The system also supports integration with third-party applications and services, such as integration with the enterprise's ERP, CRM system, or integration with the government's digital government platform to meet a wider range of application needs.

3. User-friendliness of the system: Although the system contains complex technologies and algorithms, it provides an intuitive and easy-to-use interface for end users. Users can complete signatures and file management through simple operations without the need for professional technical background. In addition, the system also provides detailed operation guides and technical support to help users get started quickly.

In order to better illustrate the technical effect of this new model, the following specific implementation examples are used to demonstrate the practical application of this system.

Implementation Example 1: Business Contract Signing: A company needs to sign a business contract with its supplier, and both parties decide to sign the contract through this new electronic signature system. The company's legal staff first uploads the contract template to the system and sets the signing order. After receiving the signature invitation, the supplier's representative enters his signature through the user interface 110. The system then performs signature verification 120. After confirming the legitimacy of the signature, the file generation module 130 generates an electronic contract containing the signature. Subsequently, the encryption module 150 encrypts the contract and adds the precise signing time through the timestamp module 160. Finally, the contract is automatically stored in the system's cloud storage space, and both parties can access and view it at any time.

Example 2: Legal Document Authentication: A lawyer needs to sign a legal document for his client to ensure the legal validity of the document. The lawyer performs a two-factor authentication in the system, first entering the system password and then completing the authentication through fingerprint recognition. The lawyer then completes the signature on the touch screen using a digital pen. The system generates the final legal document after signature verification and encrypts the file through the encryption module. The timestamp module then adds the signature time to the file and stores the file to the lawyer's cloud storage space. Both the client and the lawyer can view and download the signed document through the system.

Embodiment 3: Electronic payment transaction: When a user conducts a high-value electronic payment transaction, the system requires him to perform identity verification. The user first entered a password and received a one-time password (OTP) for two-factor authentication. After passing identity verification, the user completes the payment signature through the system, and the system encrypts and timestamps the signature and transaction files. Ultimately, the system generates a transaction record containing the payment signature and automatically stores it in the cloud, where it can be accessed and viewed by both the user and the bank.

10. Application of electronic signature system in contract lifecycle management: This new electronic signature system 100 can not only be used for a single contract signing process, but can also be seamlessly integrated with the Contract Lifecycle Management (CLM) system to provide comprehensive support for the entire contract management process. This integration greatly improves the efficiency, accuracy and compliance of contract management, thereby bringing significant value to the enterprise.

Contract drafting and review: In the initial stage of the contract life cycle, this system can be integrated with the CLM system to provide a secure collaboration platform. Multiple stakeholders can jointly draft, review and modify contracts in the system. The system's version control function ensures that all modifications are accurately recorded and the author and time of each change can be traced. The authentication module 170 ensures that only authorized personnel can access and edit the draft contract.

Electronic signature process: When the contract is ready, the system can automatically start the electronic signature process. The user interface 110 provides an intuitive signature interface for the signer, and the signature verification module 120 ensures the validity of each signature. The system supports complex signature workflows, including multi-party signatures, signatures in a specific order, etc., to meet the needs of different types of contracts.

Contract execution monitoring: After signing, the system can automatically store the signed contract in a secure central repository. The encryption module 150 ensures the security of storage, while the timestamp module 160 provides an irrefutable time certificate for each contract. The CLM system can use this information to monitor the execution of the contract, including key date reminders, performance status tracking, etc.

Contract update and renewal: When an existing contract needs to be updated or renewed, the system can automatically extract the original contract information and start a new review and signing process. The document generation module 130 can quickly generate an updated contract text based on a preset template, greatly shortening the contract renewal time.

Contract Termination and Archiving: When a contract expires or is terminated, the system can automatically move the contract to an archived state. All contract-related documents, signature records, and timestamps are securely stored for future inquiries and audits. The system's encrypted storage ensures that even archived contracts maintain their confidentiality and integrity.

Data analysis and reporting: Through integration with the CLM system, this electronic signature system can provide rich data analysis functions. Enterprises can generate various reports, such as signing efficiency analysis, contract performance statistics, etc., to optimize their contract management strategies.

Compliance assurance: Throughout the contract life cycle, the system strictly complies with the requirements of relevant laws and regulations. From the legal validity of electronic signatures to compliance with data protection and privacy regulations, the system provides comprehensive compliance assurance. This is especially important for multinational companies and organizations in regulated industries.

By integrating this new electronic signature system with the CLM system, enterprises can achieve digital management of the entire process from contract drafting to termination. This not only improves efficiency, reduces errors and risks, but also provides enterprises with better visibility and control, enabling them to better manage contractual relationships, optimize business processes, and obtain greater value from contracts.

The electronic signature system 100 plays a role in contract life cycle management, covering all stages from contract drafting to termination, improving efficiency, enhancing security, and providing enterprises with better contract management capabilities.

It should be noted that the above embodiments are given for the purpose of illustration. The scope of rights claimed by this new model should be based on the scope of the patent application, and is not limited to the above embodiments.

100: Electronic signature system

110: User interface

120:Signature verification module

130: Document generation module

150: Encryption module

160: Timestamp module

170:Authentication module

Claims (8)

An electronic signature system includes: a user interface for receiving a signature input from a signatory; a signature verification module electrically connected to the user interface for verifying the similarity between the received signature input and a pre-stored signature sample; and a document generation module electrically connected to the signature verification module for generating an electronic document containing the signature input after verifying the signature input. The electronic signature system as described in claim 1 further includes: An encryption module electrically connected to the user interface for encrypting the signature input and the generated electronic document to protect the integrity and security of the data of the signature input and the electronic document. An electronic signature system as described in claim 2, wherein the encryption module uses an asymmetric encryption technique to encrypt and decrypt the data. An electronic signature system as described in claim 3, wherein the asymmetric encryption technology includes using a public key for encryption and using a private key for decryption. The electronic signature system as described in claim 1 further includes: A timestamp module electrically connected to the signature verification module, used to add a timestamp of the signature input in the electronic document to record the time of the signature input. An electronic signature system as described in claim 5, wherein the timestamp module obtains the timestamp from a trusted time source to ensure the accuracy and non-tamperability of the timestamp. An electronic signature system as described in claim 1, wherein the user interface further includes an identity verification module for verifying the identity of the signatory before receiving the signature input. An electronic signature system as described in claim 7, wherein the identity verification module uses multi-factor verification technology to verify the identity of the signatory, including a password, fingerprint or facial recognition.