Technological features

Swiss Life (Luxembourg) S.A., before making the customer adhere to the EVA solution, carries out the identification of the customer by means of an original and valid identity document and, at the time of each subscription, checks the identification made.

The unambiguous connection of the signature to the signatory is guaranteed:

• Both from the certain identification of the customer by the sale employee or intermediary of Swiss Life (Luxembourg) S.A. who, by law, always checks the identity of the person who is carrying out the operation, 
• Both by the fact that the signature is affixed by the signatory with a unique crypto SMS code received on the signatory’s registered phone number.
  
  

During the signing phase, the signature generation system is under the exclusive control of the signatory. The screen connected to the signature device, tablet or PC, shows the complete document, allowing the signee to personally verify his or her own data and contract text by scrolling and zooming in.

To generate the advanced electronic signature, we use a self-signed root certificate, from which we generate a certificate for the signatory. This allows us to technically sign the document. Additional to that, the Signature Property states that:

• “Document has not been modified since this signature was applied.” This gives you the assurance that the document has not been modified since it was signed. 
• “The signature includes an embedded timestamp.” This indicates that the signature includes a timestamp from an external third-party server.
• Any changes made to the document after the self-signed root certificate is issued, makes the signature, the certificate and the documents automatically invalid.
  

Before affixing his signature, the client/signatory can view the content in all its parts, with special positioning and enlargement functions. The features of the advanced electronic signature device are suitably chosen to guarantee the best readability (for example, especially for contracts and tablets with a colour screen of at least 10 inches with a resolution of 1024 x 600 dots). Subsequently, the signatory may, in any form agreed with Swiss Life (Luxembourg) S.A., view the electronic document by means of a standard IT tool, of which he will have full availability, on a durable support that will allow the document to be stored and printed at any time (e.g. free PDF Reader software).

Swiss Life (Luxembourg) S.A. is the provider of the advanced electronic signature solution.

The advanced electronic signature solution chosen by Swiss Life (Luxembourg) S.A. uses only computerised documents in formats that guarantee the absence of any suitable element in the object of the subscription.

To generate the advanced electronic signature, we use a self-signed root certificate, from which we generate a certificate for the signatory. This allows us to technically sign the document.

The Signature Property states that:

• “Document has not been modified since this signature was applied.” This gives you the asssurance that the document has not been modified since it was signed. 
• “The signature includes an embedded timestamp”. This indicates that the signature includes a timestamp from an external third-party server.
  
  

The legal value of an advanced signature produced by crypto SMS is brought by:

• The embedded timestamp.
• The audit logs in EVA and EVA Portal.
• The fact that to be able to sign the document, the signatory has input the signature code sent by SMS on his/her mobile phone.
  - As the code is sent on signatory’s mobile phone, only the signatory is able to input it.
  - As signatory has input the signature code, he/she marked his/her consent to sign the document
  
  

EVA Portal: is the web signing portal that enables asynchronous signing of a group of documents by a set of signatories with a defined type of electronic signature (eg. Qualified, Advanced). For each user, it

• displays documents to be signed per document group;
• gives feedback on the signature status of all signatories;
• forces the signatory to reach the end of the document before signing;
• enables the validation of special conditions per document before signing; 
• locks the documents for signing for a limited time; 
• generates an audit trail of the action performed.

Clients may request, free of charge, [from their direct sale or intermediary of reference] a paper copy of the signed document via email.

This document, containing information on the characteristics of the advanced electronic signature service and the technologies on which it is based, is published on the Swiss Life Global Solutions website, www.swisslife-global.com/global-solutions/footer/Technological_features.html, and is thus always available to Clients and the general public.

The Customer may obtain copies of all documentation relating to the EVA service.

In particular, it is possible to obtain a copy or a duplicate of:

• The Model undersigned by the client to subscribe to the service and any other information;
• The documents signed with the Advanced Electronic Signature.

The documents in question are provided to the client at the request of the same to the Intermediary of reference.

“EVA Platform” means the application that provides an ergonomic, secure and remote way of signing documents with smartcards (such as eID) or CryptoSMS. The platform produces eSignatures compliant with eiDAS and eSignature Directive, i.e. legally equivalent to handwritten signature. The platform also provides WebServices to prepare a document and sign it, validate and extend affixed signatures. EVA Platform is a technical solution to support the eSignature management.

• ego-idp-web & ego-backend-web
• eva-insign & eva-services
• eva-portal-web & eva-portal-server
• eva-portal-domain-admin & eva-portal-api-proxy-server
• diffusion

E-Go is an authentication solution (IdP) that implements the CAS protocol. It is composed of two software components: ego-idp-web deployed in DMZ and ego-backend-web deployed in back-end network.
EVA is a signature solution that allows users to sign documents with SMS OTP and DigitalSign amongst others. It is composed of two software components: eva-insign deployed in DMZ and eva-services deployed in back-end network.
EVA Portal allows groups of documents to be signed, signatories for each document and allowed signature modes for each document. It is composed of two software components: eva-portal-web deployed in DMZ and eva-portal-server deployed in back-end network. In addition, eva-portal-domain-admin deployed in DMZ and eva-portal-api-proxy-server deployed in back-end network allows administrators and power-users to manage their domain (create new administrators, power-users, signatories, document groups, etc.).
Diffusion is a pure back-end application that is used by above applications to send mails and SMS.

The client may at any time revoke the consent to use the EVA service by means of a registered letter with return receipt or by e-mail (at [-]@[-].com). Swiss Life (Luxembourg) S.A. will deactivate the signing procedure within 7 working days after receiving the notice of revocation.

Clients who require assistance, additional information on the EVA service or request the termination of the service may contact Swiss Life where they have asked to use this form of signature.

Swiss Life (Luxembourg) S.A. intends to allow its customers to use EVA only for executing contractual documents relating to insurance policies through intermediaries of Swiss Life (Luxembourg) S.A.
If the client does not intend to use EVA, he/she can opt to sign the contractual documents in handwritten form.