Nov 20, 2024

QSS FAQs

About the Service:

The Qualified Signing Service (QSS) is a cloud-based service for applying eIDAS-compliant Qualified Electronic Signatures and Seals. The service will offer:

1. Qualified Signing for the hash of any document or digital transaction in a PKI setup
2. Issuance of Qualified Signing Certificates
3. Key Generation and Management
4. High Scalability

What is Qualified Signing Service (QSS)?

The Qualified Signing Service (QSS) is a cloud-based signing service that produces Qualified Electronic Signatures or Seals for Employees within an organization. It allows an Enterprise or Service Provider to deploy Qualified Electronic Signatures or Seals into their signing application with a simple REST API integration and uses a mobile app for real-time employee authentication.  

Who can use the QSS services?

Currently, it’s only available for employees within the organization. Employees can apply for Qualified Signatures or Seals. Per the eIDAS regulation, the signing party must demonstrate sole control of the signing keys, and we ensure this by requiring the Employee to authenticate via the mobile app (2FA) at the time of signing.

What are the main components for QSS services?

• APIs
• mTLS Certificate
• Mobile app for Authentication

Does the app allow customers to sign on their mobile?

The mobile app is only for authentication purposes and cannot be used as a signing application.
At the time of signing, users will authenticate using the mapped mobile app.

Does this support XML & Batch Signing in QSS?

 XML:  

Yes; however, each transaction needs user authentication.

Batch Signing:

Yes, up to 100 hashes in one go are allowed.

Does this allow us to get a signature from an external individual?

No, as of now, this solution only supports users within the company.

Does this service have a front end?

No, this is an API-based service. An enterprise may integrate this into their platform or custom signing workflow.
A provider may integrate with this service and bring in new enterprises.

Can I use the same service for sealing and signing?

While the APIs for both sealing and signing are the same, you will still need to create separate service packs for sealing and signing.

What does QSS not offer?

• Document Signing Workflow

• Document Manipulation or Management

• ID Verification Service is provided on a large scale directly by GlobalSign.

• Provisioning of Private Keys

Common Errors or Issues:

What if an OTP is not received for mobile app user registration?

• If only the mobile OTP is not being received, please check your mobile number (used for registration), check your mobile network, or try again after a few minutes.
• If OTP is not received by email, please confirm your email address or check your spam inbox.
• If you are still experiencing the same issue, please send an email to support-atlas@globalsign.com.

API connection failure:

This could be because of the following reasons:

1. Invalid Login Credentials
2. mTLS Certificate not used for connection establishment or expired mTLS
3. Too many requests: in this scenario, you need to wait a bit and then send the requests or speak to Sales if you want to increase your limit. A "too many requests" error may happen if you are trying to send the request for signing too many times or too many documents (more than 100) in one go.

Response time is too slow:

There could be a rare occurrence where our servers get too many requests in one go, and they are queued.
In this scenario, some of the requests may be delayed in processing.

Related links:

1. How to use the mobile app
   https://media.globalsign.com/how-to-use-qss-mobile-app

2. QSS API Documentation
   https://www.globalsign.com/en/resources/apis/api-documentation/qss_api_v1.html