The SmartSign API is implemented as a RESTful web service. To make integrating SmartSign into your application as simple and as quick as possible we provide language-specific wrapper APIs in a variety of languages. Combine this with comprehensive developer documentation and sample code that works out of the box and you have a solution that couldn't be easier.
Security & Encryption
SmartSign has been developed by a company with a long history in software and IT security. All SmartSign communications are secured by SSL/TLS using 2048-bit keys. This includes this website, the Management System, the API and the OOB authentication mechanism the SmartSign app uses. Our servers refuse to serve non-HTTPS traffic and are maintained with the latest security patches installed.
SmartSign is built around the industry leading authentication algorithms developed by the Initiative for Open Authentication (OATH). These include OTP and the OATH-based Challenge-Response Algorithm (OCRA).
Comprehensive Browser Support
The SmartSign widget is delivered as pure HTML that you embed in your site. It's HTML 4 & 5 compatible and is supported in all major web browsers.
Challenge-response authentication boosts security by requiring an authentication device to produce the correct response to a unique, server-generated challenge code. This prevents hackers pre-calculating authentication responses.
2-Factor Authentication OOB
SmartSign employs Out-Of-Band (OOB) Authentication which builds security outside of the webserver↔browser channel. Establishing this secure 2nd channel of communication directly with the SmartSign servers protects against security breaches of the user's browser or connection such as man-in-the-middle attacks.
No Flash or Java
SmartSign does not embed any Adobe Flash® content or Java® applets in the client-side widget.
Register for a free developer account and get 10 free user licences.