At APEGA’s annual general meeting on April 22, 2022, a registrant submitted a resolution requesting a thorough review of APEGA’s digital signature process, including a comparison of costs, features, and security with at least two other digital signature providers.
In response to the registrant request, APEGA staff conducted a thorough review of APEGA’s digital signature process. The analysis found that Notarius is currently the only provider to offer an efficient, cost-effective, software-as-a-subscription
option that meets all requirements for an acceptable certificate authority under APEGA’s Authenticating Professional Work Products practice standard. Therefore, APEGA will continue to use Notarius as its only approved vendor to issue APEGA’s digital signatures.
Digital signatures are essential to ensuring public safety through the professions: they guarantee the integrity of signed documents and prevent their falsification, and they serve as proof that the signer is in good standing with APEGA and has the right to practise in Alberta. Since 2010, Notarius has been APEGA’s chosen vendor of digital signatures, with more than 10,000 APEGA registrants, working for 800 permit holders, having signed up to use its digital signature process.
More about Notarius
Notarius is APEGA’s only approved provider of APEGA’s digital signatures. Its software contains:
- a function to issue digital signatures without third-party agreements or integrations
- an online portal that enables registrants to request a professional digital signature and track the status of their request
- a face-to-face identity verification using two government-issued IDs and a professional designation validation before digital signatures are issued
- approval workflow, including online access for APEGA staff to approve or reject an application
- a private digital signing key that includes a registrant’s professional designation and the ability to apply an APEGA-designed and approved custom digital stamp to a signed document
- a signing platform (ConsignO Desktop) accessible on or offline, featuring authentication capabilities designed specifically for the professions
- the ability for APEGA to revoke a digital signature if a registrant is no longer in good standing, is non-practising, or has cancelled their membership
In reviewing APEGA’s digital signature offering, staff considered the following options and compared how each met APEGA’s requirements:
- Notarius (current provider for APEGA’s digital signatures)
- two certificate authority providers
- three electronic signature providers
- an APEGA-managed hybrid model
While certificate authority providers meet certificate issuance and management service requirements, they do not:
- license and manage the certificate authority
- provide cybersecurity measures
- offer a signature-enabling platform
- offer an online portal to process requests, approvals, or the issuance of digital signatures
Although electronic signature vendors offer an online signing platform, they do not offer:
- an online portal to process requests
- a workflow for APEGA staff to approve, reject, or revoke a digital signature
- certificate authority provider functionalities such as issuing certificates (this requires custom integration with a third party)
The following table shows a comparison of the various requirements needed to be an acceptable certificate authority as per APEGA’s requirements in the Authenticating Professional Work Products practice standard.
|Requirements||Notarius||Certificate Authority Providers||Electronic Signature Providers|
|Experience in providing authentication technology to registrants of other professional associations||Yes||Partially|
(to members, not associations)
|Resources, technical support, and systems to provide continued service to users||Yes||Yes||Yes|
|Protocols ensuring only APEGA licensed professionals are granted the authority to own and use an electronic image of their stamp with their personalized digital certificate*||Yes||Partially||No|
|Protocols enabling APEGA to withdraw or suspend an APEGA licensed professional’s ability to use the digital certificate||Yes||Partially||No|
|A platform that offers flexibility and ease-of-use for a wide range of purposes and applications (e.g., compatibility with different file formats)||Yes||Yes||Yes|
|A public-key infrastructure, which is a combination of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and withdraw digital signatures||Yes||Partially|
(managed by APEGA)
|A digital certificate compliant with the International Telecommunication Union X.509 v.3 standard||Yes||Yes||Partially|
|Ability for APEGA licensed professionals to maintain the sole control and possession of their digital certificate||Yes||Partially|
(managed by APEGA)
|Ability to store the digital certificate on the medium of the APEGA licensed professional’s choice (e.g., hard drive or memory stick)||Yes||Yes||No|
|Interfaces between the technology and software used by APEGA licensed professionals so the image of the APEGA stamp with signature and date appears when printing or viewing the professional work product||Yes||No||Partially|
* A digital certificate verifies a digital signature. The certificate keeps the information related to the signature that authenticates the identity of the user.
An APEGA-managed hybrid model
APEGA could combine several platforms to build its own service to issue digital signatures. However, this would require additional equipment and staffing, as well as service coordination from at least three providers. APEGA would also have to assume the
associated risks and costs of purchasing, managing, and supporting the certificate authority and maintaining cybersecurity and custom integrations.
Currently, a Notarius digital signature costs $185 annually, plus a one-time sign-up fee of $140. Most engineering and geoscience regulators across Canada issue their digital signatures through Notarius, so registrants practising in other jurisdictions can acquire a second signature for $75.
Under an APEGA-managed hybrid model, registrants would pay 260 per cent more for a digital signature, starting at $660 annually. As mentioned, APEGA would also incur additional costs.
The following table shows the cost comparison between the current Notarius model versus an APEGA-managed hybrid model.
|Digital Signature System Components||Notarius||APEGA-Managed Hybrid Model|
|Certificate authority provider||Included||$3601|
|E-signature provider||Included||$240 to $630|
|First signature||$1853||$660 to $1,0504|
|Annual total||$260||$845 to $1,2355|
1: Cost for licensing only, not including personnel, hardware, or insurance.
2: Cost for licensing only, not including development.
3: Recurring annual fee; does not include Notarius one-time sign-up fee of $140.
4: Recurring annual fee; does not include an initial sign-up fee.
5: Note: These figures were derived from public information and did not include a detailed estimate of the work.
APEGA endeavours to provide the tools and resources best suited to help our registrants meet their professional obligations while ensuring the best possible use of the dues they pay to maintain professional membership in Alberta.
This review of APEGA’s digital signature offering found that Notarius remains the best—and only—option for digital signatures under the requirements outlined in APEGA’s Authenticating Professional Work Products practice standard.
If you have any questions about APEGA’s digital signature process, please email [email protected].
Learn More About APEGA’s Digital Signatures
- Read the FAQs about APEGA’s digital signature.
- Attend a free webinar to learn more and earn two continuing professional development hours.
- Watch Notarius’s video on digital signature alternatives and learn why e-signatures are inadequate for signing official documents.
- Watch Notarius’s video on the cost of a digital signature to learn about the affordability of a digital signature.
- Check out Notarius’s current promotion for APEGA registrants, and waive your one-time sign-up fee of $140.