Ascertia Ltd

SigningHub - Digital Signature Solution

SigningHub provides a complete solution for digital signatures, flexible document workflow, approval and status tracking - designed to save substantial time and paper related costs. Integrated with business applications or used in standalone mode, SigningHub optimises how organisations deliver, review and sign documents with long-term eIDAS compliant legally binding signatures.


  • Quickly enables people and applications to electronically sign documents
  • Prepare documents, Templates, Bulk Signing & Sending, Workflow Evidence Report
  • Secures documents using strong user authentication, integrity, non-repudiation and encryption
  • Creates long-term signatures that are valid for 20+ years
  • Compliant with ISO PDF standards and interoperable with Adobe® Reader
  • Mobile App, Re-branding, EU eIDAS Regulations and FDA21CFR Part11 compliant
  • Support for existing PKI based digital certificates
  • Delivered as a private cloud or on premise solution
  • Integration with SharePoint and other key business applications and CRM
  • EU eIDAS (910/2014) compliant qualified eSeals and remote/local eSignatures


  • Interface is very intuitive, user friendly and prevents mistakes
  • Comply with the latest EU eIDAS Regulation which supersedes previous
  • SigningHub makes it easy to achieve rapid business process transformation
  • Save time and costs associated with paper, printing postage, scanning
  • Fully traceable and auditable business signature processes
  • Enables easy business adoption by supporting all common document types
  • Enables users to quickly sign from anywhere using mobile devices
  • Minimises disputes by showing documents clearly and securely
  • Prevents data leakage using policy controls and data encryption
  • Future proofed using common industry standards and tracking emerging trends


£12 per user per month

Service documents

G-Cloud 9


Ascertia Ltd

Sam Crook

+44 7796 952668

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to SigningHub has rich API functionality and can be integrated into core business applications OR used in a standalone mode. SigningHub also supports special connector apps for Microsoft SharePoint, Salesforce and Dynamics.
Cloud deployment model Public cloud
Service constraints None
System requirements
  • Use any HTML5 browser Including Chrome, Firefox, Safari, Edge, IE9+
  • SigningHub supports mobile web browsers on mobile devices including phones
  • The optional SigningHub mobile app (free) supports iOS and Android

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Weekdays: Within 4 hours.
Weekends: Reasonable efforts.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard None or don’t know
How the web chat support is accessible A standard web browser interface is used to login to the on-line Kayako based support ticketing system. The browser being used is therefore responsible for the WCAG accessibility features. A simple form is presented that asks for details of the support being requested.

The alternative is to use a standard email client or webmail interface to send an email to that details of the support services being requested. WCAG accessibility is the responsibility of the email client.

Skype is also available as a means of communication;
SkypeID: -
In this case Skype is responsible for the WCAG accessibility criteria.
Web chat accessibility testing N/A
Onsite support Yes, at extra cost
Support levels Support is provided from 6am to 6pm GMT.
Access to our support service is included at no extra cost -
using email or web-based support requests.
Skype chat and escalation to a telephone meeting
or web-conference session, if required.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Online how-to training videos can be accessed on The full online manual is available by selecting help with SigningHub. If demand is high then an onsite training session can be arranged.
Service documentation Yes
Documentation formats HTML
End-of-contract data extraction The SigningHub service plan will be downgraded upon contract expiry, limiting the capability to sign documents and start new workflows. Any documents or workflow evidence reports that are still residing within the SigningHub account can be downloaded in bulk. User details and contact details can be deleted.
End-of-contract process The SigningHub service plan will be downgraded upon contract expiry, limiting the capability to sign documents and start new workflows. Any documents or workflow evidence reports that are still residing within the SigningHub account can be downloaded in bulk. Core functionality is included in the price of the contract. Additional costs to the customer may be incurred for on premise or private cloud deployment, remote signing feature with eIDAS Level 2 Sole Control, local signing feature using smartcard or eID, adding individual or corporate AATL certificates from third parties, use of an external public CA.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service SigningHub Web (the desktop browser) displays more information on a wider landscape user interface than SigningHub Mobile Web which uses a portrait layout. SigningHub Mobile App looks the same as Mobile Web but has the benefit of being an app rather than a browser page.
On non-Android or iOS devices the Mobile Web must be used.
Accessibility standards None or don’t know
Description of accessibility Standard desktop and mobile Browsers are used
Mobile apps for Android and iOS are also available
Accessibility testing SigningHub provides a complete solution for advanced long-term digital signatures, flexible document workflow and approval and status tracking. SigningHub can be integrated into core business applications or used in standalone mode to optimise how businesses deliver, review, approve and sign documents.

Useful "how-to" videos can be found here:

Quick guide:
What users can and can't do using the API SigningHub provides a REST architectural style API that supports over 100 different methods. The API allows full document preparation, sharing, review and signing (electronic and digital) operations. Along with user enterprise management. Control of personal settings such as visible signature appearance, locale, and delegated signing are all available through the API. All signature workflow can be controlled via the API and updated in real time as required.

The API uses JSON for payloads and OAuth 2.0 for access and authorisation control. Initial authentication is based upon an Enterprise API Key. Enterprises in SigningHub support multiple API keys.

Both tight (embedding SigningHub functionality into the business application) and loose (browser redirect) integration models are supported as well as Authorised Remote Signing for level 2 sole control for remote signatures compliant with EN 419241 part 2.

SigningHub Mobile SDK allows developers to embed SigningHub functionality within their own mobile apps.
API documentation Yes
API documentation formats HTML
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Branding - logo and colour scheme, email notification content, set up of different roles and permissions.


Independence of resources SigningHub runs on Microsoft's Azure platform and additional resources are added as required to service the growing requirements.


Service usage metrics Yes
Metrics types Top Signers option will sort your enterprise users list with respect to those users, who have applied the highest number of signatures.
Top Senders option will sort your enterprise users list with respect to those users, who have sent the highest number of documents for approval processing.
Top Disc Storage option will sort your enterprise users list with respect to those users, who have consumed more account storage.
Reporting types Real-time dashboards


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Other
Other data at rest protection approach All user documents are AES-256 bit encrypted within the SigningHub application and then stored as encrypted Blobs within the SigningHub database. Only the owner or users they authorise can have this data decrypted and imaged within the browser session.
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Either via the SigningHub API or manually by selecting all documents and downloading them directly.
Data export formats Other
Other data export formats
  • PDF
  • PDF/A
  • Word 2013 if used
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats
  • BMP, and EMF.

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Other
Other protection between networks Various strong user authentication options are available.
For high trust requirements SigningHub can be delivered on-site or via other service providers that offer PSDN connectivity.
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network Various strong user authentication options are available.
For high trust requirements SigningHub can be delivered on-site or via other service providers that offer PSDN connectivity.

Availability and resilience

Availability and resilience
Guaranteed availability SigningHub is designed to offer 99.95% availability.
Planned maintenance occurs out of office hours and 5 days warning is provided of such activity.
Users are able to present their reasons for why a refund should be given in any circumstances.
Approach to resilience Microsoft Azure is used to provide the highest levels of application availability.
Outage reporting The web-site reports any outages.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
Other user authentication Authentication is required to access user accounts via SigningHub web, mobile web or mobile apps. Additional authentication can be enforced at the time of signing, providing greater assurance.
Different authentication types can be set, controlled via user roles and respective settings. No authentication or account is required for signers using basic electronic signatures but it is still possible to enforce authentication with document access protection via password or OTP via SMS. SigningHub supports:

SigningHub ID;
Active Directory;
Active Directory Federated Services;
Office 365;
Entrust IdentityGuard;
AET Consent ID;
Verisec Freja Mobile;
SAML v2.0 IdP;
Client TLS;
Access restrictions in management interfaces and support channels Only authorised staff are allowed access to SigningHub's Admin Screens. Role based access controls are used to restrict staff rights.
Strong mutual TLS security is used to authenticate operators and prevent unauthorised access.
Access restriction testing frequency At least once a year
Management access authentication Public key authentication (including by TLS client certificate)

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation No
Security governance approach The Ascertia Board and executive management is responsible for the security governance within the company. It defines the strategic goals for security management, assigns roles for security management, defines acceptable risks tolerance, approves security products and tools and providing adequate and sustained funding to all security resources. Within Ascertia security governance is handled alongside corporate governance and in terms of security management and implementation we follow the principles of ISO/IEC 27001.
Information security policies and processes At a high-level we follow the ISO/IEC 27001 security management principles. We have defined a Information Security Policy and then lower-level policies like access control policy, antivirus policy, network connection policy, password policy etc.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach The SigningHub Cloud service is under strict configuration and change management controls. These include restricting who can access the system and under which privileges. Any configurations changes are first planned and authorised by the Ascertia CTO and then implemented by the IT Team and verified by the QA Team. All security related changes are made under under dual control i.e. an IT administrator makes the changes and these remain pending until approved by the Security Officer role holder.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Ascertia conducts regular internal and external penetration testing exercises using both in-house and commercial testing tools. During development there is extensive peer reviews and QA testing of each product change. Product patches can be made available within 1 to 5 days depending on severity/complexity.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Potential compromises are identified through internal reviews and testing, external 3rd party security reviews as well as customer testing. Ascertia always handled potential compromise with highest priority by assigning relevant resources for immediate analysis and resolution of the issue. We ensure all affected customers are notified in a simple and clear manner. Our objective is to respond to incidents within 24 hours.
Incident management type Supplier-defined controls
Incident management approach We follow a formal approach to incident management which involves logging the incident with a unique ID and date/time. The incident is then categorised and prioritised. The response to the incident is then prepared and provided to all affected parties.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No


Price £12 per user per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Everything is included as per the needs of the organisation trialling the service.
Link to free trial


Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑