Skip to main content
NEW Didit KYC Identity Verification is live, verify signers with government ID & biometrics for eIDAS Advanced signatures Learn more
πŸ›‘οΈ Enterprise-Grade Security

Compliance & Legal Validity

WPsigner electronic signatures are legally binding under ESIGN Act, UETA, and eIDAS. Built with security and compliance at its core.

βœ“ ESIGN Act
βœ“ UETA
βœ“ eIDAS
βœ“ RFC 3161
βœ“ PKI/AATL
βœ“ Didit KYC (AdES)

Full Compliance

WPsigner meets all legal requirements for electronic signatures in the US and Europe.

πŸ‡ΊπŸ‡Έ

ESIGN Act

United States

βœ“ Fully Compliant Since 2000

Electronic Signatures in Global and National Commerce Act. Federal law that grants legal recognition to electronic signatures and records.

  • Intent to sign recognized
  • Consent to electronic transactions
  • Attribution of signatures
  • Record retention requirements
πŸ‡ΊπŸ‡Έ

UETA

United States (50 States)

βœ“ Fully Compliant Since 1999

Uniform Electronic Transactions Act. Adopted by all 50 states, provides legal equivalence between electronic and paper signatures.

  • State-level enforcement
  • Electronic records validity
  • Attribution methods
  • Retention and production
πŸ‡ͺπŸ‡Ί

eIDAS

European Union

βœ“ Fully Compliant Since 2014

Electronic Identification and Trust Services Regulation. EU regulation for electronic ID and trust services, including electronic signatures.

  • Simple Electronic Signature (SES)
  • Advanced Electronic Signature (AdES) via Didit KYC ✨
  • Cross-border recognition
  • Legal admissibility

Security Features

Enterprise-grade security built into every signature.

Digital ID (PKI)

Upload your organization's .p12/.pfx digital certificate. Documents are signed with your organization's verified identity, visible in Adobe Reader.

RFC 3161 Timestamping

Documents receive cryptographically secure timestamps from trusted Time Stamp Authorities, proving exactly when signatures occurred.

SHA-256 Hashing

Every document is hashed using SHA-256 algorithm. Any tampering is immediately detectable and invalidates the document.

Complete Audit Trail

Every action is logged: IP address, geolocation, user agent, timestamp, and consent records. Exportable for legal proceedings.

Self-Hosted Data

Your documents never leave your server. Complete data sovereignty and control, essential for GDPR and industry-specific compliance.

AATL Certificates

Support for Adobe Approved Trust List certificates. Documents show as 'Signed and Verified' in Adobe Reader without warnings.

KYC Identity Verification

Verify signer identity with Didit, government ID, facial biometrics, and liveness detection, before signing. Elevates signatures to eIDAS Advanced (AdES) level.

Complete Audit Trail

Every signature includes a comprehensive audit trail that can be used as evidence in legal proceedings. All data is securely stored and exportable.

πŸ“

IP Address

Client IP captured at signing time

🌍

Geolocation

Country, city, and coordinates

πŸ–₯️

Device Info

Browser, OS, screen resolution

⏰

Timestamps

Precise UTC timestamps for all actions

βœ…

Consent Records

When user agreed to terms

πŸ”

Authentication

How signer was verified

audit_trail.json 
{
  "document_id": "DOC-2024-001",
  "signer": {
    "name": "John Smith",
    "email": "john@example.com"
  },
  "signature_event": {
    "type": "signed",
    "timestamp": "2024-01-15T14:32:18Z",
    "ip_address": "203.0.113.42",
    "geolocation": {
      "country": "United States",
      "city": "New York"
    },
    "device": {
      "browser": "Chrome 120.0",
      "os": "Windows 11",
      "screen": "1920x1080"
    },
    "consent_accepted": true,
    "consent_timestamp": "2024-01-15T14:31:55Z"
  },
  "hash": "sha256:a1b2c3d4e5f6..."
}

Industry Standards

WPsigner implements security controls for industry-specific compliance. Additional requirements may apply based on your organization.

HIPAA

Ready

Health Insurance Portability and Accountability Act

WPsigner implements required security controls including audit logs, access controls, and encryption. Healthcare organizations must ensure a Business Associate Agreement (BAA) with their hosting provider.

SOC 2

Ready

System and Organization Controls

Security controls are implemented following SOC 2 Trust Service Criteria. Formal audit documentation available upon request for enterprise customers.

ISO 27001

Ready

Information Security Management

WPsigner follows ISO 27001 security best practices. ISMS documentation and security policies available for enterprise compliance requirements.

GDPR

Ready

General Data Protection Regulation

Self-hosted architecture ensures data sovereignty. Organizations must implement their own consent mechanisms and data processing agreements.

Ready for Compliant E-Signatures?

Join thousands of businesses using WPsigner for secure, legally-binding electronic signatures.

Get Started Read Documentation