This topic contains 3 replies, has 2 voices, and was last updated by  Hattabitos 1 week, 6 days ago.

  • Author
    Posts
  • Participant
    JonR
    Newbie
    Member since: 10.04.2018
    Number of posts: 2

    I have experienced that if I receive an eSignature mail requesting my signature, I can forward that mail to another person (not any delegation, just forwarding the mail) and this person can expand the eSignature link, get my signature fields displayed and completed with “click-to-sign”. When the document is completed it is my signature that will appear in the document, despite the fact that I have not signed it, but the person I forwarded the mail to. There is no trace anywhere that someone else than I have signed. Can this be correct?

    Participant
    Hattabitos
    Newbie
    Member since: 18.12.2015
    Number of posts: 15

    Score

    0

    That is expected behavior as the signingUrl has a signing token that is generated for you. It is your responsibility to keep track of the signing process if you forwarded the email.
    If someone else needs to validate the package with you, he can be added as a reviewer on the package.
    If you would like to assign signing responsibilities for someone else, you should use the change signer feature.

    If your concern is about security, and if someone else can listen to your emails, the solution will be:
    _ Either use 2 factor authentication like SMS or Q&A
    _ Or disable eSignLive emails, get the signingUrl through integration, and deliver it through your email system to your signers.

    Participant
    JonR
    Newbie
    Member since: 10.04.2018
    Number of posts: 2

    Score

    0

    Thanks.
    Yes, my concern is about security and I see that SMS will solve the authentication. But how can I disable eSignLive emails and use my own eMail distribution? What is to get the signingUrl through integration

    Participant
    Hattabitos
    Newbie
    Member since: 18.12.2015
    Number of posts: 15

    Score

    0

    To disable emails, you can send an email to support@esignlive.com and ask them to disable emails.
    Please check our documentation on how to get signingUrl through integration: https://docs.esignlive.com/content/c_integrator_s_guide/rest_api/signing_url.htm

You must be logged in to reply to this topic.