Templates Information Security Estimated reading: 4 minutes 114 views This chapter describes information security options in the template.Also, apart from the identification options shown in this chapter, there are additional security settings under Projects. For more information read here.Activate OTPActivating this option will generate a random 4-digit one-time password for entering the form by the person filling out the form. The password will be sent to the destination to which the action was sent.In case the operation cannot be sent through Cellosign in SMS or email, it is not possible to use the OTP.Default OTP validity is 5 minutes. Selecting the OTP option allows you to set a validity between one minute and 1440 minutes (which is a day).eIDASThe eIDAS standard implemented in the template generates a log of activity in the signature fields. Every event of signing or deleting a signature is saved in the system log and exported together with the results of the operation in an archive to email or to the core systems of your organization.The sample output below is a sample of a signature deletion event:Add browser timestamp to signature fieldWhen set to ON the timestamp of the browser will be added to signature field:Clone graphic signature for approvalWhen set to ON it will use the last signature added by the customer and insert it into the signature field for the customer’s approval.Note: Although this is a signature that requires approval, it is recommended to consult the legal department to validate the solution of the process.Combining input fields from the form to the signature fieldIn addition to a digital signature that is embedded in the product, it is also possible to embed input fields from the form into the signature field. In this way a signed document can be presented when the signature fields contain identifying details of the client.Require passwordWhen activated the client will be asked to fill in data that was inserted by the agent into the form, for example an ID Number. To activate this option, you must select an input field from the list of fields in the form. The field label will also serve as a guide to the client regarding what to type.Expiration in hoursA working assumption is that a form contains sensitive information such as personal details, photographs of sensitive documents and signatures. Each operation has a predefined lifetime, according to the following hierarchy:At the project level: valid for 24 hours [1 day], unless otherwise applied.At the template level: valid for 48 hours by default. Valid values between 1 to 960 hours. This value overrides the project default.At the operation level [in integration only] that overrides all defaults.If the form is not sent by the client, the token [the unique link to the action] will be deleted automatically after the action is expired and will no longer be accessible. The message to the customer “404”.Additional parametersInitialize controls on form loadWhen set to ON will clear all values when client opens a form. (Pre-populated values will also be cleared).Collect geolocation dataWhen set to ON will collect geolocation data.Input validationCellosign forms comprised of various input fields, images and datasets. Some of the inputs, such as paragraph may include rich text editor features as: html, css and javascripts.In order to secure your forms and restrict inputs it is advised to use the proper data types where needed. For example, use “Number” controls instead of plain “Text” fields to ensure that number value will be collected. Use “Email” for the same reason.In addition, Cellosign template studio include rich configuration to limit the allowed input values. For example Text field includes variety of configuration options to make sure that the right data is collected.In addition, you may also use REGEX to narrow down input options even further. ArticlesSafe Templates - Previous Configuration Next - Templates Integrations