Recipients are first made aware of the agreement via an email notification which contains a Review and sign button to access the agreement contents:
What's New
Get Started
- Quick start guide for administrators
- Quick start guide for users
- For Developers
- Video tutorial library
- FAQ
Administer
- Admin Console Overview
- User Management
- Adding users
- Create function-focused users
- Check for users with provisioning errors
- Change Name/Email Address
- Edit a user's group membership
- Edit a user's group membership through the group interface
- Promote a user to an admin role
- User Identity Types and SSO
- Switch User Identity
- Authenticate Users with MS Azure
- Authenticate Users with Google Federation
- Product Profiles
- Login Experience
- Account/Group Settings
- Settings Overview
- Global Settings
- Account tier and ID
- New Recipient Experience
- Self Signing Workflows
- Send in Bulk
- Web Forms
- Custom Send Workflows
- Power Automate Workflows
- Library Documents
- Collect form data with agreements
- Limited Document Visibility
- Attach a PDF copy of the signed agreement
- Include a link in the email
- Include an image in the email
- Files attached to email will be named as
- Attach audit reports to documents
- Merge multiple documents into one
- Download individual documents
- Upload a signed document
- Delegation for users in my account
- Allow external recipients to delegate
- Authority to sign
- Authority to send
- Power to add Electronic Seals
- Set a default time zone
- Set a default date format
- Users in Multiple Groups (UMG)
- Group Administrator Permissions
- Replace recipient
- Audit Report
- In Product Messaging and Guidance
- Accessible PDFs
- New authoring experience
- Healthcare customer
- Account Setup
- Add logo
- Customize company Hostname/URL
- Add company name
- Post agreement URL redirect
- Signature Preferences
- Well formatted signatures
- Allow recipients to sign by
- Signers can change their name
- Allow recipients to use their saved signature
- Custom Terms of Use and Consumer Disclosure
- Navigate recipients through form fields
- Decline to sign
- Allow Stamps workflows
- Require signers to provide their Title or Company
- Allow signers to print and place a written signature
- Show messages when e-signing
- Require signers to use a mobile device to create their signature
- Request IP address from signers
- Exclude company name and title from participation stamps
- Digital Signatures
- Electronic Seals
- Digital Identity
- Report Settings
- New report experience
- Classic report settings
- Security Settings
- Single Sign-on settings
- Remember-me settings
- Login password policy
- Login password strength
- Web session duration
- PDF encryption type
- API
- User and group info access
- Allowed IP Ranges
- Account Sharing
- Account sharing permissions
- Agreement sharing controls
- Signer identity verification
- Agreement signing password
- Document password strength
- Block signers by Geolocation
- Phone Authentication
- Knowledge-Based Authentication (KBA)
- Allow page extraction
- Document link expiration
- Upload a client certificate for webhooks/callbacks
- Timestamp
- Send settings
- Show Send page after login
- Require recipient name when sending
- Lock name values for known users
- Allowed recipient roles
- Allow e-Witnesses
- Recipient groups
- Required fields
- Attaching documents
- Field flattening
- Modify Agreements
- Agreement name
- Languages
- Private messages
- Allowed signature types
- Reminders
- Signed document password protection
- Send Agreement Notification through
- Signer identification options
- Content Protection
- Enable Notarize transactions
- Document Expiration
- Preview, position signatures, and add fields
- Signing order
- Liquid mode
- Custom workflow controls
- Upload options for the e-sign page
- Post-sign confirmation URL redirect
- Message Templates
- Bio-Pharma Settings
- Workflow Integration
- Notarization Settings
- Payments Integration
- Signer Messaging
- SAML Settings
- SAML Configuration
- Install Microsoft Active Directory Federation Service
- Install Okta
- Install OneLogin
- Install Oracle Identity Federation
- SAML Configuration
- Data Governance
- Time Stamp Settings
- External Archive
- Account Languages
- Email Settings
- Migrating from echosign.com to adobesign.com
- Configure Options for Recipients
- Guidance for regulatory requirements
- Accessibility
- HIPAA
- GDPR
- 21 CFR part 11 and EudraLex Annex 11
- Healthcare customers
- IVES support
- "Vaulting" agreements
- EU/UK considerations
- Download Agreements in Bulk
- Claim your domain
- Report Abuse links
Send, Sign, and Manage Agreements
- Recipient Options
- Cancel an email reminder
- Options on the e-signing page
- Overview of the e-sign page
- Open to read the agreement without fields
- Decline to sign an agreement
- Delegate signing authority
- Restart the agreement
- Download a PDF of the agreement
- View the agreement history
- View the agreement messages
- Convert from an electronic to a written signature
- Convert from a written to an electronic signature
- Navigate the form fields
- Clear the data from the form fields
- E-sign page magnification and navigation
- Change the language used in the agreement tools and information
- Review the Legal Notices
- Adjust Acrobat Sign Cookie Preferences
- Send Agreements
- Authoring fields into documents
- In-app authoring environment
- Create forms with text tags
- Create forms using Acrobat (AcroForms)
- Fields
- Authoring FAQ
- Sign Agreements
- Manage Agreements
- Manage page overview
- Delegate agreements
- Replace Recipients
- Limit Document Visibility
- Cancel an Agreement
- Create new reminders
- Review reminders
- Cancel a reminder
- Access Power Automate flows
- More Actions...
- How search works
- View an agreement
- Create a template from an agreement
- Hide/Unhide agreements from view
- Upload a signed agreement
- Modify a sent agreement's files and fields
- Edit a recipient's authentication method
- Add or modify an expiration date
- Add a Note to the agreement
- Share an individual agreement
- Unshare an agreement
- Download an individual agreement
- Download the individual files of an agreement
- Download the Audit Report of an agreement
- Download the field content of an agreement
- Audit Report
- Reporting and Data exports
- Overview
- Grant users access to reporting
- Report charts
- Data Exports
- Rename a report/export
- Duplicate a report/export
- Schedule a report/export
- Delete a report/export
- Check Transaction Usage
Advanced Agreement Capabilities and Workflows
- Webforms
- Reusable Templates (Library templates)
- Transfer ownership of web forms and library templates
- Power Automate Workflows
- Overview of the Power Automate integration and included entitlements
- Enable the Power Automate integration
- In-Context Actions on the Manage page
- Track Power Automate usage
- Create a new flow (Examples)
- Triggers used for flows
- Importing flows from outside Acrobat Sign
- Manage flows
- Edit flows
- Share flows
- Disable or Enable flows
- Delete flows
- Useful Templates
- Administrator only
- Agreement archival
- Webform agreement archival
- Save completed web form documents to SharePoint Library
- Save completed web form documents to OneDrive for Business
- Save completed documents to Google Drive
- Save completed web form documents to Box
- Agreement data extraction
- Agreement notifications
- Send custom email notifications with your agreement contents and signed agreement
- Get your Adobe Acrobat Sign notifications in a Teams Channel
- Get your Adobe Acrobat Sign notifications in Slack
- Get your Adobe Acrobat Sign notifications in Webex
- Agreement generation
- Generate document from Power App form and Word template, send for signature
- Generate agreement from Word template in OneDrive, and get signature
- Generate agreement for selected Excel row, send for review and signature
- Custom Send workflows
- Share users and agreements
Integrate with other products
- Acrobat Sign integrations overview
- Acrobat Sign for Salesforce
- Acrobat Sign for Microsoft
- Other Integrations
- Partner managed integrations
- How to obtain an integration key
Acrobat Sign Developer
- REST APIs
- Webhooks
Support and Troubleshooting
Enable a method of recipient authentication using government issued documents.
Overview
Powered by advanced machine learning algorithms, Adobe Acrobat Sign's Government ID process empowers companies across the globe with the ability to secure a high-quality authentication of their recipient's identity.
Government ID is a premium identity authentication method that instructs the recipient to upload the image of a government-issued identity document (driver's license, national ID, passport) and then evaluates that document for authenticity.
Supported documents include:
- Global Passport
- All ICAO-compliant passport books
- Driver license / National ID / Residence Permits
Country | Driver's License | Identification Card | Residence Permit |
---|---|---|---|
Australia | Supported | ||
Austria | Supported | Supported | |
Belgium | Supported | Supported | Supported |
Bulgaria | Supported | ||
Canada | Supported | Supported | |
Croatia | Supported | ||
Czech Republic | Supported | ||
France | Supported | Supported | Supported |
Germany | Supported | Supported | Supported |
Hungary | Supported | ||
Ireland | Supported | ||
Italy | Supported | Supported | |
Latvia | Supported | ||
Lithuania | Supported | ||
Malta | Supported | ||
Mexico | Supported | ||
Netherlands | Supported | Supported | Supported |
New Zealand | Supported | ||
Poland | Supported | Supported | |
Portugal | Supported | Supported | |
Romania | Supported | Supported | |
Slovakia | Supported | ||
Spain | Supported | Supported | Supported |
Sweden | Supported | ||
Switzerland | Supported | Supported | |
United Kingdom | Supported | Supported | |
United States of America | Supported | Supported |
The service evaluates the document image for authenticity by validating dozens of elements within the document, including:
- Document structure
- Biographical data
- PDF417 barcode (if applicable)
- Machine-readable zone (if applicable)
- Security features
- Photo zone
- Signature
Availability:
Government ID authentication is available for enterprise ETLA license plans only. VIP license plans don't have access.
Government ID is a premium authentication method that has a per-use charge:
- Transactions must be purchased through your Adobe sales representative.
- Transactions are an account-level resource. All groups consume from the same global pool.
Configuration scope:
The feature can be enabled at the account and group levels.
Biometric comparison: In addition to the document verification, an optional biometric comparison can be enabled upon request. The biometric comparison guides the recipient to take a real-time image (a "selfie") and then evaluates that image relative to the image on the uploaded document. The biometric comparison requires the recipient to respond to on-screen prompts to display "liveness," ensuring previously taken static images are not used.
How it's used
-
The authentication challenge is triggered when the Review and sign button is selected.
-
The recipient is prompted to provide a phone for a smartphone that can accept text messages.
This is required for the image-capturing application that compares the ID document to the government database.
- A 15-minute time limit to complete the verification process starts once the email link is selected.
- Once the text message is sent, a blue message appears indicating the message is sent, and the link in that message has a five-minute expiration.
Note:This phone number step is skipped if the signature process is started on a smartphone.
-
A text message is delivered to the provided phone number with a link to the ID service.
Once the link is selected, the recipient can authenticate with either a Driver's License / ID card or a Passport.
Note:During the process of gathering and verifying the document content, the original notification page displays a status message that the details are being verified:
-
When using a driver's license or ID card, the app prompts the recipient to take an image of:
- The front of the card
- The back of the card
- Themselves (Optional based on account configurations)
If using a Passport, only one image of the passport is required.
-
Optional real-time self-image for biometric comparison to the document image.
If the real-time "selfie" option is enabled for the account, the recipient is instructed to perform some live action to demonstrate that the recipient is real and reacting to the prompts of the image capture application.
When the "liveness" test is passed, the app captures the image and performs the biometric comparison to the identity document's image.
-
Once the identity is verified, the recipient can interact with the agreement on the original device where the email was opened.
- The recipient's name, as presented on the ID, is imported to the signature field and can not be edited.
The recipient has five attempts to verify their ID successfully. If they all fail five attempts, the agreement is canceled, and the sender is notified.
Layer 1 - Document validation:
The first layer of technology provides a seamless and secure method to validate an identity document presented in a digital transaction, ensuring that the document is genuine and unaltered.
Combining a best-in-class capture experience with a proven ID document verification engine ensures trusted digital identity proofing with a seamless user experience.
Government ID verification is available for all Latin-based languages and supports thousands of international and domestic identity documents, including:
- Passports
- ID Cards
- Driver's Licenses
To achieve reliable results, the service delivers each of the following:
- Guided document capture - Users are instructed on how to take a quality photo for optimal processing.
- Document classification – "Computer vision" algorithms recognize and classify thousands of government-issued documents, allowing for reliable data extraction and document validation.
- Data extraction - Going beyond simple optical character recognition, this service deconstructs the document and analyzes the content of each field.
- Evaluation of authenticity elements - A combination of artificial intelligence techniques validates dozens of elements within the identity document, including:
- Document structure - Physical attributes of the ID document are evaluated for the correct size, material, shape, color, layout, etc.
- Biographical data - Printed data that identifies the individual is evaluated for font usage, color, acceptable values, etc.
- PDF417 barcode (if applicable) - OCR results of the biodata from the front are compared with the data extracted from the PDF417 barcode at the back.
- Machine-readable zone (if applicable) - The Machine Readable Zone (MRZ) printed area is checked for font usage, presence, check digits, etc.
- Security features - Both visual and invisible security features of the ID are checked for presence, position, content, etc.
- Photo zone - Portrait, or main picture, is evaluated for having a human face, orientation, color, etc.
- Signature - The signature section is checked for presence, font type, matching with known samples, etc.
Layer 2 - Biometric comparison:
The second layer of authentication matches the portrait extracted from the ID document with a "selfie" from the user through a biometric facial comparison, affirming that the user submitting the ID document is its rightful owner.
Anti-spoofing techniques
- Video frame analysis ensures the user can take a quality selfie in optimal capture conditions.
- While capturing the selfie, the recipient is instructed to perform an action (e.g., Smile!) to demonstrate "liveness."
- Lighting, focus, and alignment are some of the conditions evaluated.
Configuring the Government ID authentication method when composing a new agreement
When Government ID is enabled, the sender can select it from the Authentication drop-down to the right of the recipient's email address.
If Government ID isn't on the list, then Government ID isn't enabled for the group from which the user is sending the agreement, and an admin will have to enable it.
Consumption of premium authentication transactions
Government ID authentication is a premium authentication method that has a per-recipient charge.
- Government ID transactions must be purchased and installed before the option can be used.
- Government ID transactions are consumed per recipient configured with the Government ID authentication method.
- One agreement configured with three recipients, two of which authenticate with Government ID, consumes two authentication transactions.
- Authentication transactions are deducted from the account total when the agreement is sent to authoring (as a draft agreement) or sent to the first recipient (as an in-progress agreement).
- Canceling a draft agreement refunds the authentication transactions to the account's total.
- Canceling an in-progress agreement does not refund any authentication transactions.
- Changing an existing authentication method to Government ID consumes one license.
- Changing the authentication method from Government ID does not refund the authentication transaction.
- Changing the authentication back and forth with Government ID only ever consumes one transaction (for any given recipient).
Signer Identity Report (SIR)
Acrobat Sign does not retain the identity information gathered during a Government ID authentication by default. However, account-level admins can request to store the identity information in the Acrobat Sign system via the Signer Identity Report (SIR).
The SIR contains data collected during Government ID verification (e.g., signers’ Government ID image, face image, phone number, data extracted from Government ID, etc.).
The SIR:
- persists alongside the audit report
- can be accessed by the Sender using the Manage page interface or a v6 REST API call
- can be destroyed through the same data governance or GDPR delete actions that delete the audit report
Audit Report
The audit report clearly indicates that the recipient's identity was verified with a Government ID authentication:
The reason is explicitly stated if the agreement is canceled due to the recipient's inability to authenticate.
Best Practices and Considerations
- If second-factor signature authentication isn't required for your internal signatures, consider using the Acrobat Sign Authentication method instead of Government ID to reduce the friction of signing and save on the consumption of the premium authentication transactions.
- Government ID:
- Isn't intended for regulated or high-value electronic signature workflows and use cases.
- Cannot identify all fraudulent or "fake" identification documents.
- May not replace the need for human review.
Configuration Options
Enable the authentication method under Send Settings
Access to Government ID authentication requires that a contract is in place for an annual volume of recipients. The option isn't visible in the administrator's interface until this is configured on the back end.
Once the purchase of the identity transactions has been entered into the system, admins will find the controls for exposing Government ID authentication on the Send Settings page with the other identity authentication methods.
Enable the method by checking the Government ID authentication box.
- Once the method is enabled, the admin can set Government ID authentication as the default value for new agreements. The option is not visible until the method is explicitly enabled:
Optional "Selfie" biometric comparison
Customers who would like to include the biometric comparison between the identity document and a real-time selfie of the recipient can contact the support team to have the feature enabled.
Automatic agreement cancellation when a recipient fails to authenticate
The Government ID service is configured to allow up to four consecutive failed attempts to authenticate the recipient's identity. After the fifth failure, the agreement is automatically canceled in the system, and the agreement owner is notified of the agreement being canceled due to an authentication failure.
The option to configure this threshold is not in the customer-facing interface. Account admins can request that the cancellation threshold be adjusted to another value through the support team.