How it works

Insurance Signing creates cryptographically verifiable signatures with complete audit trails — designed for legal accountability.

Policy document preparation

When a policy is ready for signature:

• Document is hashed (SHA-256) to create a unique fingerprint
• Hash is stored immutably in the evidence chain
• Policy version is assigned and linked to any prior versions
• Required signers are defined (policyholder, agent, underwriter)

Signature workflow

Each signer receives a secure link to review and sign the policy:

• System records when they opened the document
• Tracks how long they spent reviewing it
• Captures their explicit consent (checkbox + signature)
• Records their IP address and device information (for audit)

The signature itself is a cryptographic operation:

• Signer's identity is authenticated (email verification, 2FA, or SSO)
• A signature event is created with timestamp, actor, and document hash
• The event is cryptographically signed by the system
• Optional: External timestamp authority (TSA) provides legally-recognized timestamp

Multi-party coordination

Insurance policies often require multiple signatures in sequence or parallel:

• Sequential: Policyholder signs first, then agent, then underwriter
• Parallel: All parties receive links simultaneously
• Conditional: Certain signatures trigger others (e.g., if policyholder approves, agent is notified)

The system tracks completion status and sends automated reminders.

Policy amendments

When a policy needs to be amended:

• The original policy and all signatures are preserved
• A new version is created with changes highlighted
• New signatures are collected on the amended version
• The amendment is linked to the original in the evidence chain

This creates a complete audit trail from initial policy to current version.

Revocation and cancellation

If a policy is cancelled or signatures are invalidated:

• A revocation event is added to the evidence chain
• The reason and authority for revocation are documented
• Original policy and signatures remain in the system
• Revoked status is clearly marked in all exports

Evidence exports

Generate compliance-ready PDFs that include:

• The policy document as signed
• All signatures with timestamps and actor details
• Complete version history (if amended)
• Consent records (when document was viewed, for how long)
• Cryptographic hashes and verification data
• Optional: TSA timestamps for legal recognition

Integration model

Insurance Signing is API-first:

• REST API: Create policies, send for signature, check status
• Webhooks: Receive real-time notifications when signatures complete
• Embedded UI: Drop signing interface into your platform
• SSO: Integrate with your identity provider (SAML, OAuth)