Sign Upload

About

Sign Upload is a secure virtual signature built by Leegality that enables you to digitise your paperwork while also letting you:

  1. Collect specimen signatures 
  2. Compare the eSign against your customer’s specimen signature
different eSign types

Sign Upload is a quick and easy way to eSign any electronic document using one’s own physical signature. Here is how it works:

  1. Customer authenticates her identity with OTP received through Whatsapp, SMS and email and views the document
  2. Customer signs physically on a piece of paper
  3. Customer uploads a picture of their signature from their camera, gallery or computer folder
  4. Signers can finalise the signature image that will be affixed on to the document from the options provided on screen
  5. The signed copies are instantly sent to you and the signer

Sign Upload is a secure way of eSigning documents as we have built in additional layers of authentication into it:

  1. OTP Authentication: Mandatory authentication via phone/Email/Whatsapp before uploading their signature
  2. Ensure that the right person is signing your documents through Face and GPS Capture, Face Match, Geofencing and Smart User Liveliness Check
  3. Multi-factor Authentication: An optional feature for further security.
  4. Secured via neutral digital signature: Leegality affixes its digital signature in the backend to protect the document being signed from being tampered without knowledge.
  5. Secure Audit Trail: The signature event and document details are meticulously recorded in a secure, digitally signed audit trail

Legal Validity

Under Section 10A of the Information Technology Act, 2000, a document eSigned using Sign Upload is legally enforceable in India, with two exceptions. Sign Upload can't be used to sign:

  1. Documents specified in the First Schedule of the IT Act, 2000.
  2. Any document that must, by law, rule, or regulation, be signed (here the law, rule or regulation must specifically use the word “sign”, “signed” or “signature”. Most documents do not fall under this bracket)

Here is a handy table which tells you where can you legally use Sign Upload:

eSign type
A document which must mandatorily be signed under any law, rule or regulation
Documents listed in the First Schedule of the IT Act
ALL other types of documents
Sign Upload
Image
Image
Image
eSign type
Sign Upload
A document which must mandatorily be signed under any law, rule or regulation
Image
Documents listed in the First Schedule of the IT Act
Image
ALL other types of documents
Image

Legal Enforceability

The legal enforceability of any eSign type depends on:

  1. How well it can establish the identity of the signer (Authentication)
  2. Whether the document can be altered after the signatures are affixed (Integrity)
  3. Whether the parties can deny their acceptance of the terms and conditions at a later stage (Non-repudiation)

A Sign Upload eSign is easy to enforce because it performs these 3 functions very well.

eSign type \ Goal
Authentication
Integrity
Non-repudiation
Sign Upload
Image
  • OTP verification, Face and GPS capture work together to establish a “virtually irrefutable” trail of identity.
Image
  • Sign Upload is secured by affixing a neutral digital signature, which acts as a security procedure under the IT Act to ensure that the document cannot be altered or modified without alerting the parties.
Image
  • Added security layers make it extremely hard for signers to repudiate their Sign Upload eSign.
eSign type \ Goal
Sign Upload
Authentication
Image
  • OTP verification, Face and GPS capture work together to establish a “virtually irrefutable” trail of identity.
Integrity
Image
  • Sign Upload is secured by affixing a neutral digital signature, which acts as a security procedure under the IT Act to ensure that the document cannot be altered or modified without alerting the parties.
Non-repudiation
Image
  • Added security layers make it extremely hard for signers to repudiate their Sign Upload eSign.

To dispute or deny a document eSigned via Sign Upload, the other party would need to:

  1. Deny and prove that the OTP was not authenticated on a device/email in their possession
  2. Deny and prove that the signature impression was not performed by them
  3. Deny and prove that they were not present for signing even though their face has been captured (in case of optional layer of Face Capture, Face Match and User Liveliness Check)
  4. Deny and prove that they were not present for signing even though their GPS coordinates were captured (in case of optional layer of GPS Capture and Geofencing)
  5. Deny and prove that they did not possess and authenticate the document via their alternate contact coordinate (in case of optional Multi Factor Authentication layer)
  6. Deny and prove that the entire series of events captured by the Secure Audit Trail are false

Doing all of the above is extremely hard to do - making Sign Upload a highly enforceable form of electronic signature.

Want to try out eSigning for your own documents?