Nexus GO PDF Signing is a cloud service that enables all your users to make secure digital signatures on PDF documents. The documents are uploaded to and signed in the Nexus GO PDF Signing Portal.
You can either let your users sign documents with the built-in methods Nexus Personal Mobile or Swedish BankID, or use existing identities in your corporate directory to let users sign documents with any type of credential. To use your existing identities, you need to connect the service to an identity provider, such as Nexus Hybrid Access Gateway.
You can also have the PDF signing built into your own applications using the PDF Signing API.
An administrator logs in with Nexus Personal Mobile to the Nexus GO PDF Signing Portal, uploads a pdf document, invites persons to sign, and selects the required signing method for each person. An email is sent to each person.
Each signer follows the link in the email to the Nexus GO PDF Signing Portal, and signs the document with the required method. For each signer, the following steps take place in Nexus GO:
A one-time RSA key pair is created.
The signer is associated to the key pair with two-factor authentication.
A hash of the PDF document is generated and signed with the private key of the key pair. The private key is then discarded.
The identity of the signer is securely bound to the key pair in a certificate, issued by the CA of the service, through the use of an HSM.
The signed document hash, the newly generated certificate, and a time stamp is built into the PDF file.