Key escrow for graphometric signature: the security eWitness offers

Key escrow for graphometric signature is a service that allows storage, in a secure and inaccessible manner, of private decryption keys for graphometric signature processes.

With this service eWitness undertakes to protect and store the mentioned keys and return them, through the Depositary (or Escrow Agent), to the Owner, in the following cases:

  • upon the completion of certain contractual conditions
  • upon explicit request by a Juridical Authority which sets forth a decryption process following repudiation of the signature.

In particular, eWitness, combines, not only maximum technical security but also maximum legal security regarding the integrity of the entire process. For this reason, eWitness offers companies the opportunity to protect strategic assets of their business by depositing them as collateral with a Notary.

The Notary (or rather the pool of Notaries) as a Public Official, oversees and certifies all stages of the process and the integrity of the process itself in an indisputable manner by means of a public deed valid  .

The stages of the process:

  • generation of the pairs of keys according to predefined technical standards
  • consignment of a public key
  • digital and fiduciary preservation of a private key
  • secure decryption of biometric data.

The adoption of our solution offers many advantages:

  • absolute probative effectiveness of the process and the operations carried out, certified with a report of findings in a public deed drafted up by a Notary
  • guaranteed operational continuity both by public act and by preservation of the private key in the eWitness digital storage system.

The extraction of the private decryption key, possible recomposition and the use of the decryption of biometric data can only take place upon request made by a Juridical Authority or upon the occurrence  of the conditions provided for in the escrow contract.

Two notaries are involved in an eventual key decipherment/decryption.

Data protection with key escrow for graphometric signature

Insurance companies or other entities that implement processes which use the graphometric signature, voluntarily opt out of the physical possession of decryption keys in order to ensure maximum protection of the biometric data (the graphometric signature is a particular case of AdES  – Advanced Electronic Signature ).

Should a handwriting expert be necessary in the case of signature repudiation, it can be possibile to proceed as follows:

  • extraction of the private decryption key from the eWitness Storage System with input of the Escrow Agent (and often its re-composition, usually divided among several Notaries in the pool to offer greater security)
  • extraction of biometric data by the holder of the graphometric signature attached.

All this will be possible if, and only if, the contractual conditions are fulfilled.