Our Digital Signature Solution

CoSign Central is an enterprise grade turnkey solution which allows any number of ‎employees ‎to ‎sign ‎any ‎‎‎‎document within any business process within the company. It ‎includes the ‎highly ‎secured CoSign Central ‎appliance ‎‎‎‎(black ‎box) which is installed within the organisation’s own computing infrastructure, and provides the necessary digital signing services to all users, applications, and business processes across the organization.

The CoSign Client for Windows includes ‎desktop plug-in’s to MS ‎Office and ‎Adobe PDF. ‎Alternatively, you can install internally the CoSign Web Application to allow users to sign documents ‎from any device without having to install any software. You can also use the CoSign Mobile native apps (iOS/Android) to sign documents “on the go”.

CoSign digital signatures are 100% compliant with the PKI standard, which is the only signature standard published, maintained and accepted by the US Federal Government, EU Governments, the European Telecommunications Standards Institute (ETSI), and independent bodies such as ISO, OASIS, IETF, W3C, etc.

The vast majority of the world’s countries already enacted laws which address Digital Signature related issues, based on the guidelines and models published by UNCITRAL (United Nations Commission on International Trade Law). CoSign creates legally enforceable digital signatures in accordance with all legislations modeled on UNCITAL.

CoSign is a certified standard solution, and offers enterprise grade hardware features such as High Availability and Load Balancing options.

CoSign Architecture

Key practical benefits

    • Digital Signatures infrastructure which is sufficiently secured to be trusted, and, together with appropriate standard operating procedures, can meet any regulatory requirement for document signing, worldwide.
    • Compatibility with all/any “PKI-aware” system such as MS Office, Adobe PDF, AutoCAD, etc.
    • CoSign Signatures can be fully verified and validated by any external party without having to connect to the CoSign appliance or use any CoSign service.
    • Guaranteed privacy – the entire signing process is accomplished internally, content is never exposed to any 3rd party. Even if deployed in the Cloud, the document content itself is never transmitted or exposed; only the document “fingerprint” is sent to the CoSign Central Appliance.
    • Low risk, no vendor tie-in. The signatures produced by CoSign are valid and verifiable even in the event CoSign is no longer used within the organization.

User management & authentication options

    • Automatic synchronization with Active Directory (or any LDAP).
    • Active Directory Federation Services (ADFS) and claims-based authentication using SAML tokens.
    • Directory independent mode:
        • Manual user management using CoSign Admin Client for Windows.
        • Bulk upload / manual sync with external SQL user directories.
        • Programmatically using CoSign API.
    • Support for 2-Factor Authentication 3rd party products, such as One-Time-Password (OTP), Biometric and Smartcard/USB Token authentication products (RSA, Vasco, SafeNet, VeriSign VIP, Cidway, Digital Persona, Saflink).
    • Support for one-time external signers authenticated by email and one-time SMS tokens.


CoSign Central runs internal Certification Authority (CA) software. In most cases, the CoSign secured appliance acts as the internal CA of the organization, issuing (and automatically renewing) end-user certificates.

As a turnkey solution, CoSign is inclusive of all the components and infrastructure required to implement digital signing:

    • CoSign securely (and automatically) generates the Private/Public key pair for each user, and stores these keys in its encrypted internal database. The keys are non-extractable. CoSign is certified to provide the same key protection level as found in smartcards.
    • CoSign issues X509 Digital Certificate for each user, and its internal CA signs these certificates as per the PKI standard. The user certificates are also stored securely within the CoSign appliance.
    • The Root Certificate of CoSign internal CA can be extracted and published on CoSign Nation (https://cn.arx.com) and made available to external parties to download so they can automatically trust any signature generated by any of the organizations’ CoSign users.

CoSign can also work with externally issued certificates, instead of using its own internal CA. CoSign provide interfaces for commercial CAs such as Comodo, Quovadis, or operate as a sub-ordinate internal CA under the root of GlobalSign, and Netrust.

Signing options

    • CoSign Windows Client: Provides add-ins to MS Office and Adobe PDF; allows the conversion of any “Print” stream to signed PDF; supports any PKI-Aware application (Outlook, AutoCAD, BlueBeam, etc).
    • CoSign Web Application: Web interface for signing of documents stored on the local device or in the Cloud (GDrive, SkyDrive, Dropbox, Box, etc). Automatically converts Office documents to PDF. Supports both standard desktops (Win, Mac, Linux) and mobile-touch interfaces (iOS, Android).
    • CoSign Mobile: Native mobile apps for iOS and Android.
    • CoSign Connector for SharePoint: Embeds options for signing Office documents, PDF documents, SP Lists Items, and InfoPath Forms, within the SP web interface. Supports workflows developed in SP Designer, Nintex, K2, and Visual Studio.
    • CoSign BatchSign Application: A Windows Service application designed for batch signing of large volumes of documents in un-attended batch jobs. Supports PDF, TIF, or XML file formats.
    • CoSign Click Application: Designed to operate within the organization own DMZ to manage one-time external signers who are not registered in the organisation’s internal User Directory. Authentication via email + one-time SMS token.

Integration options

    • CoSign Web Agent (CWA) is a REST API technology which allows seamless integration of the CoSign Web Application with any web portal, using simple HTTPS POST standard. The whole user experience of the CoSign Web Application can be integrated rapidly within any portal. CWA supports both standard desktops (Win, Mac, Linux) and mobile-touch interfaces (iOS, Android).
    • CoSign Signature API (SAPI) API for programmatically Signing/Verifying PDF, Word, Excel, TIF, XML, or any data buffer (available in .NET and SOAP/WebServices, and SAP/Abap).

Connectors to Document Management and Workflow Systems

CoSign offers 3rd party connectors to the following document management and workflow systems. These connectors integrate the CoSign functionality within their respective web interfaces and also allow embedding of signing activities within their workflow design patterns.

    • OpenText Content Server
    • Oracle WebCenter Content
    • Siemens TeamCenter
    • Alfresco
    • Documentum

Contact CMCS For Additional Details