Configuring Policies For Virtual Signatures

An electronic signature is based on transaction details entered into the authenticator. The authenticator uses the transaction details and an embedded secret to generate and display an electronic signature. With virtual signature generation, the user supplies the transaction details directly to OneSpan Authentication Server, which will then generate the electronic signature, i.e. the virtual signature. Virtual signatures are delivered to the user via the Message Delivery Component (MDC).

Once a user receives the electronic signature, the user can then use it to sign a transaction, typically through a confirmation page, e.g. to finalize a transaction. This signature is validated by OneSpan Authentication Server. If the signature is incorrect or invalid, then the transaction will not be permitted to proceed.

To configure the virtual signature policy

1. Log on to the Administration Web Interface.

2. Select POLICIES > List.
3. Select the policy where you want to enable the use of virtual signatures.
4. Switch to the Virtual DIGIPASS tab.
5. Click Edit. The policy settings for virtual signatures are in the Virtual Signature section on that page.
6. Enable virtual signatures by selecting Yes from the Virtual Signature Mode list.
7. Select a Virtual Signature Delivery Method: Email, SMS, voice, or a combination thereof.
8. Specify the gateway definition to use. For more information about gateway definitions, see Gateway definitions.
9. Click Save.

Once the policy settings for virtual signatures are configured, you can edit the virtual signature message settings using the Administration Web Interface (via SERVERS > Global Configuration > Virtual DIGIPASS).