Skip to content
Close
SEARCH
LANGUAGE – en
de
SIGN
REGISTER
en
de
SIGN
REGISTER
QUALIFIED TRUST SERVICES

Legally compliant digital signatures (eIDAS) to drive forward the digitalization of your business processes.

READ MORE
CORPORATE TRUST SERVICES

Cryptography-based trust services
to protect your digital identities,
data and business secrets.

READ MORE

Qualified electronic signature products based on eIDAS - legally binding and secure.

INDIVIDUAL
ENTERPRISE
OEM
PRODUCTS
BG_CRYPTAS_100_SQ

Easy-to-use, legally secure and flexible. Simple as that.

ONLINE SHOP
API GUIDE

Upgrade your application with electronic signatures by primesign.





SHOW ALL
DOCUMENT SIGNING API

Signing of PDF documents. primesign handles document processing and adds a visual signature stamp.

READ MORE
HASH SIGNING API

Signing of hash values. Your application handles document processing and provides the document viewer.

READ MORE
CASH BOX API

RKSV-compliant JWS- or raw signatures for cash box receipts.





DOCUMENTATION
Developer_SQ
primesign SUPPORT

Our offer regarding support & service.





OVERVIEW
CERTIFICATE REVOCATION

Suspicion of certificate misuse?





REVOKE
SERVICE STATUS

Up-to-date operational status of all primesign services.




SHOW STATUS
PREMIUM SUPPORT PORTAL

Visit our Support Portal for customers with Service Level Agreement (Premium SLA or Standard SLA).

PREMIUM SUPPORT
FAQ

Find your answers to frequently asked questions.





FAQ
BASIC SUPPORT

Support contact for general support requests.





BASIC SUPPORT
primesign TRUST CENTER

All documents for our qualified trust services, certificate revocation list, root-/CA- certificates, etc.

TRUST CENTER
RESOURCES

Fact sheets, product documentation and more.



RESOURCES
BG_ICON_ARROW_3
BG_ICON_ARROW_3
primesign ONE-TIME-SIGNING

UPGRADE YOUR TRANSACTION

Create legal validity and trust.

Perfectly suited to eIDAS Identity Providers

primesign ONE-TIME SIGNING

Let users sign immediately & qualified based on their verified identity using a one-time signature. If desired, primesign will stay in the background and your are in full control over the user experience and visual representation for your customers.

LEGALLY BINDING

LEGALLY BINDING

Your added value when closing contracts online: Documents signed with primesign are legally binding. Thanks to qualified signatures in accordance with eIDAS, they are equivalent to handwritten signatures.

We are on the EU trusted list, so all signatures are automatically trustworthy in Adobe Acrobat Reader and other applications.

  
SIMPLE

SIMPLE

You provide us with the user data you have verified. Based on the provided identity data, we immediately issue a qualified signing certificate during the signing transaction. The signing certificate can only be used for this specific transaction. No additional user interaction required (no setting of passwords, no revocation).

  
SEAMLESS INTEGRATION

SEAMLESS INTEGRATION

Easy to integrate into applications. We stay in the background. UI-free integration is supported. As the IdP, you display the documents to be signed in your application and handle the signing process.

Alternatively, you as the IdP integrate the primesign UI in your application to display the documents to be signed and authorize signing.

  
DATA PROTECTION

DATA PROTECTION

When using hash signing,
documents always remain with
of your application. primesign only receives the hash values and cannot
draw any conclusions about the content of the documents.

Identity data required for issuing certificates is always stored securely in our infrastructure in certified data centers located in Austria.
Data storage for 30 years+
to allow for long-term verifiability.

  
INTERNATIONAL

INTERNATIONAL

A single provider for many countries. primesign is an eIDAS Trust Service Provider with international focus and worldwide availability. Reduce the complexity of your service and address many target markets with primesign.

eIDAS guarantees the mutual recognition of qualified signatures within the EU and EEA countries.

  
FLEXIBLE IDENTIFICATION OPTIONS

FLEXIBLE IDENTIFICATION OPTIONS

Integrate the primesign signature into your existing identification processes (eIDAS level Substantial or High). primesign already covers numerous use cases where, for example, bank data from account opening processes can be used to issue certificates. Video identification and point-of-sales processes are further examples. Contact us for more information.

  
OUR OFFER FOR IDENTITY PROVIDERS

primesign ONE-TIME SIGNING

Qualified Signature according to eIDAS
AML & KYC compliant
Certificate issuance fully integrated in your process -
no user name / no password
Batch signing with 1 or more documents
PDF signature (PAdES)
or CSC Hash-Signing
LTV-enabled
Green check mark in Adobe Acrobat
Qualified time stamps on request
99.8% guaranteed uptime
PREMIUM support (24/7) on request

 

Directly integrable for all eIDAS-compliant identity providers that offer identification with eIDAS level Substantial or High .

Use primesign API for transmitting the identity data and creating one-time signature. If desired, primesign takes the back seat and you provide the UI presentation for your customers.

 

primesign ONE-TIME SIGNING

primesign ONE-TIME SIGNING in your application.
Contact us for a demo.
SCHEDULE DEMO

FREQUENTLY ASKED QUESTIONS

Why qualified signing?

+ Qualified signatures are legally equivalent to handwritten signatures throughout the EU and are therefore the first choice for signing contracts online.

+ primesign offers qualified certificates only to always ensure the highest level of legal certainty for customers.

+ Our credo: to make qualified signing as easy as possible!
I have customers in different countries. Do I need a separate TSP for each country?

+ There is no need to search for a local VDA in each country

+ eIDAS guarantees mutual recognition of qualified signatures and seals within EU/EEA countries

+ Reduce complexity and rely on primesign as your eIDAS TSP with international focus and worldwide availability

+ Available globally - users from 169 countries
How do one-time signatures work?

+ You transmit the user's identity data via API. In response, you receive a so-called artefact from us, which entitles you to issue a one-time signature certificate for this user.

+ In the next step, you send us a signature request via API with the documents to be signed and the previously received artefact.

+ During signing, we issue a one-time signing certificate with a validity of 10 minutes. This happens directly during signing. The issued certificate can only be used once for this transaction.

+ After signing, you retrieve the signed documents via API and continue the process in your application.
What identity data do I need to provide to primesign?

+ Mandatory data of the natural person are full name, date of birth and e-mail address. Furthermore, we require a reference to your identification process.

+ Depending on the type of previous identification, additional data such as ID scan, audio recording of an authentication, proof of registration via electronic ID may be required (clarification with primesign required).
I want to use one-time signatures from primesign. What do I have to do?

+ You close a contract with us that states you as a primesign Registration Authority. Don't worry, the contract is standard for us.

+ In parallel, you can already integrate one-time signing via API using our test system.

+ As soon as all contractual and technical requirements have been met, a joint acceptance test is carried out and you receive the credentials required for Go-Live.
What requirements do I have to fulfill as an IdP to be allowed to use this form of one-time signing?

+ Ideally, you are an eIDAS-compliant identity provider and carry out identifications with eIDAS level Substantial or High. In this case, connecting the primesign one-time signature is standard for us and can be done quickly for you.

+ Contact us if you are not an eIDAS-compliant identity provider but still carry out secure identifications of your users.
Do my end users need passwords or similar?

primesign issues a qualified one-time signature certificate for the user as part of the signing process. The certificate can only be used for this specific transaction. Users do not need a password or revocation password from primesign.
System requirements for end users.

+ In the simplest case, the one-time signature takes place without user interaction with primesign (UI-free integration).

+ Alternatively, if the documents to be signed are displayed and the signature is additionally authorized by primesign, the primesign UI must be integrated. This can be done in the browser (desktop, Android, iOS) in all common browser versions.
What options are there for API integration?

+ REST API for transferring the natural person's data. These are transmitted as a JSON structure (incl. JWS signature).

There are two options for the subsequent signature request:

+ Hash Signing is ideal for partners and applications that already have know-how in the field of PDF preparation and signature generation. They use the CSC-compliant signature API of primesign (OAuth 2.0 and REST).

+ For Document Signing (PDF), primesign takes over the correct creation of the PDF signature, the visual preparation of the signature (stamp), as well as the insertion of LTV information and, if desired, the additional insertion of a qualified timestamp. You use a SOAP API from primesign for this.

+ In both cases, we support UI-free integration for a seamless integration into your application.

More information on request.
Can I also sign several documents in one step?

Yes, when using a primesign signing certificate multiple documents can be signed in one single step, i.e. with just one signature authorization. Each of the uploaded documents gets signed.
What do I need to consider in my workflow?

+ Your application must display primesign's terms of use, general terms and conditions and data privacy statement to the user before signing. Furthermore you must obtain the user's consent for this signature.
Are transactions charged per signature or per document?

+ primesign allows to sign several documents in one step (batch signing).

+ Billing per signature transaction, regardless of whether 1 or 10 documents are signed in one step. 
What SLA does primesign offer? + primesign guarantees an availability of 99.8% for the primesign one-time signature.
If something does happen. Who can I contact if I have a problem? What support contracts does primesign offer?

+ Register at https://status.prime-sign.com to receive automatic notifications about maintenance windows and updates.

+ Premium support contract (24/7) available.

+ Contact for customers with a Premium Support contract: premiumsupport.cryptas.com

+ Alternatively: basicsupport@cryptas.com
Data protection is very important to me. What do I need to consider when using primesign signatures?

+ When using hash signing, documents always remain with your application. primesign only receives the hash values and cannot draw any conclusions about the content of the documents.

+ Identity data required for issuing certificates is always stored securely in our infrastructure in certified data centers in Austria. Data storage for 30 years+ to allow for long-term verifiability.
Does primesign also offer qualified timestamps? When using Document Signing, eIDAS-compliant qualified time stamps can be added to the PDF document on request.
What do signatures with primesign cost? Contact us for an offer.
What standards does primesign meet with its signatures?

+ primesign is eIDAS-compliant

+ PDF signatures created by primesign are PAdES compliant and LTV-enabled.

+ Support for timestamps and ETSI TS 103 172 V2.2.2.2 Level "LT".

ONE-TIME-SIGNING FOR eIDAS IDENTITY PROVIDERS

All benefits for eIDAS Identity Providers - summarized in our fact sheet.
FACT SHEET