Yes, the document will be available for download 30 days before it is removed.
In the signature, your full name will be recorded. In the embedded signing certificate, the last four characters of NRIC will also be embedded in the document.
Yes, if the signer is legally authorised to sign on behalf of another person. The signer would use his own Singpass account to sign, similar to what he would do for wet ink signature.
No. Singpass is required. This is because the Electronic Transactions Act recognises signatures made using certificates issued by Accredited Certificate Authorities (CA) as . Sign with Singpass uses signing certificates issued by an accredited CA, Assurity.
If the document is not deleted by the admin through the platform or APIs, they will be available for 30 days after all signatories have signed the document.
While the invitation to sign can be sent to more than 1 person, only one person can sign at a given time. There will be an error message that pops up to try again later if a signing session is ongoing.
This is not supported at the Sign with Singpass protocol does not allow signing on multiple documents or place multiple signatures at a time yet. If this is made possible in future, we will also consider!
Signify is a Singapore government product to allow agencies to collect Sign with Singpass signatures on documents.
All government agencies, as well as public healthcare institutions in Singapore, can use Signify. You can log in with your agency email address at .
The documents can be sent to anyone with a Singpass account for signing.
No, there is no cost. Signify is free of charge.
All government agencies, as well as public healthcare institutions in Singapore, have been automatically whitelisted and there is no need to request for whitelisting. Log in with your agency email address at .
If you are unable to log in and wish to apply for whitelisting, please contact us at: .
Sign with Singpass signatures are recognised as under the Electronic Transactions Act. This means that the signature may benefit from certain legal presumptions that (a) the secure electronic signature is the signature of the person to whom it correlates; and (b) the secure electronic signature was affixed by that person with the intention of signing or approving the electronic record (refer to the ).
As we are unable to provide legal advice, please consult your agency legal department for legal advice on Secure Electronic Signatures and the Electronic Transactions Act.
Yes. When the owner sends the link to them, there is an email address included in the email.
Currently no as it is required for Sign with Singpass to get secure electronic signatures.
Unfortunately no as there are no Corppass certificates available yet. The individual can still represent the organisation to sign. You could consider adding a line on the document itself which says Company Representative under the signature.
The data is hosted in Singapore.
You may use the "Get Single Document" API which will include expiry dates, document status, signees signing statuses.
It is likely the intranet has a firewall which does "Content disarm and reconstruction (CDR)". When the file goes through the firewall, the firewall processes and rewrites the content in what it considers to be a "safer format". However, that unfortunately modifies the Singpass signature and renders it invalid. You may need to ask your IT department to help with this, and either disable the CDR functionality for such pdf files, or else update their CDR code so that it does not modify Singpass signatures in PDF files.
You can create the document using our UI and inspect the network call.
Yes. The signature is signed using Sign with Singpass. The signing certificates are issued by Assurity, an Accredited Certificate Authority under the Electronic Transactions Act (2010), and signatures made using Sign with Singpass are recognised as Secure Electronic Signatures.
You can refer to on verifying signatures. Please ensure that the agency you are sending to does not modify the file in transit (content disarm and reconstruction).
If you see "Certificate validity is unknown", this is because you do not have the Singpass root signing certificate on your device. Please refer to this to install the Singpass root signing certificate.
After a document has been signed, if there are any edits made, there will be a warning that the signed document has been edited after it was signed, when you open the file in Adobe PDF reader.
You will also be able to see the exact copy of the document that was signed, before the changes were made.
Signatures do not expire. Documents are signed by Signify using the PDF Advanced Electronic Signatures Long-Term Validation (PAdES-LTV) standard.
Yes. The document can be traced back to the signer.
Signing in through Singpass on FormSG only provides Ordinary Electronic Signatures (OES) and not Secure Electronic Signatures (SES).
Ordinary Electronic Signatures (OES) is a broad category that refers to electronic signatures that are not SES.
The key difference between a secure electronic signature and an ordinary electronic signature is that while both are accorded legal effect under the ETA, only secure electronic signatures are accorded the following presumptions:
It is the signature of the person to whom it correlates;
It is affixed by that person with the intention of signing or approving the electronic record; and
It is authentic and has integrity.
Login with Singpass in Signify provides proof of identity, since the login is verified against his Singpass account.
These presumptions are important in disputes over the validity of electronic signatures, as they will automatically apply for secure electronic signatures. The disputing party will then have to adduce evidence to the contrary if it is claiming that the electronic signature is not valid.
A digital signature consists of a transformation of an electronic record using an asymmetric cryptosystem and a hash function such that a person having the initial untransformed electronic record and the signer’s public key can accurately determine whether the:
transformation was created using the private key that corresponds to the signer’s public key and
if the initial electronic record has been altered since the transformation was made.
The digital signature is not the picture that we see affixed on the document. The signature is the electronic record behind the image. Hence, a printed copy of the document is not valid as the digital signature cannot be authenticated.
This is true for all platforms and all digital signatures governed under the Electronic Transactions Act.
Yes, PDFs uploaded onto Signify cannot be password protected, as this will change the file and make the signature invalid.
Here are some known errors and issues
If you experience errors uploading the PDF, the PDF might have been generated using an older version of PDF that cannot be signed.
To fix this, you will need to regenerate the PDF file. One way to do so is to open the PDF file in Chrome, click on Print, and then Save as PDF. This will fix any issues.
Example: Open and Print a PDF using Edge/Chrome
Step 1: Open the file in Chrome and click on Print
Step 2: Choose Save as PDF to regenerate the PDF file
Alternatively, you can also re-save the original .doc file using a newer version of Microsoft Word.
A possible reason is that the document was actually scanned / created in landscape first, and then rotated 90 degrees in Adobe Acrobat. There is a limitation currently in the Signify application that cannot handle this setup. To fix this, please re-scan the document in portrait A4.
Each document can have up to 30 signatures on it.
There is no limit on how many documents you can send out for signing. However, 1 signature using Signify can apply to the entire document. Hence it may be worthwhile changing processes (such as having 1 signature on each page).
There cannot be duplicated email addresses.
No, a signatory must have a Singpass account to sign on Signify. The reason is because the Singpass signing certificates are issued by Assurity, an under the Electronic Transactions Act (2010) (ETA), and signatures made using Sign with Singpass are recognised as Secure Electronic Signatures.
If a signature is made without a valid certificate under the ETA (e.g. if the signatory simply used an e-pen to sign digitally), this does not have the effect of a Secure Electronic Signature.
Currently, Signify's workflow is meant for every signer you sent out to sign. As a workaround, once you have enough signatures, you may download the in-progress document and then delete it on the dashboard so no one else can sign.
Yes, documents can be download for up to 30 days, after all the signatories have completed signing. Once the dates have passed, the document will be expired and it can no longer be downloaded from Signify. However, download documents' certificates are still .
Yes.
No it must be in PDF, hence you need to convert it to PDF.
This is currently not possible.
Yes the timestamp is included as part of the signature.
The full name, last 4 characters of NRIC and timestamp of signature.
Currently no as the Sign with Singpass signature follows a standard specification.
It is currently not possible.
It is not possible as this modifies the document and its validity.
This is not possible as Singpass only allows signing one at a time. As a Sign with Singpass signature is applied to the entire document, do consider making changes to your document to require less signatures. You may also clearly explain to the signer (verbally and/or within document) that by providing the signature, they are acknowledging that they have read and agreed to all the contents of the document.
Completed signatures will be sent by Signify from [email protected] instead.
This is the only document you should trust. If the signer sends you another document directly, you need to check and verify the authenticity. See image below and more information on .
In this case, our suggestion is to have clearer instructions to the signer via your personalised messages or uploaded document that you will only accept Singpass signatures.
