Remote Digital Signature

Remote Digital Signature Service Guide

The remote digital signature service allows you to digitally sign your documents and administrative acts of the University of Bologna.

Frequently Asked Questions (FAQ)

Check our FAQ for answers to frequently asked questions.

  • What it is for

    The remote digital signature service allows you to digitally sign documents and is the electronic equivalent of a traditional handwritten signature on paper.

    The remote digital signature is currently issued by the University to:

    • faculty members who, as part of the digital exam recording project and/or for register compilation, need to use a digital signature
    • administrative and technical staff who require a digital signature for the performance of their duties.

    The digital signature has the following characteristics:

    • Authenticity: guarantees the identity of the signer
    • Integrity: ensures the document has not been altered after signing
    • Legal validity: grants full legal validity to the signed document.
  • How it works

    The remote digital signature is a secure, practical and reliable system that can be used without a smart card or dedicated hardware installation.

    It also allows you to sign using mobile devices.

    The remote digital signature requires a user-linked certificate that is stored remotely on the systems of the Certification Authority Intesi Group S.p.A.

    The service uses a mechanism called strong authentication, which ensures the correspondence between the user and the digital signature certificate being used.

    Strong authentication requires the combined use of a personal PIN, which the user sets when the signing certificate is issued, and single-use codes (OTP – One Time Password) associated with the user’s digital signature certificate.

    Single-use codes can be sent via SMS or generated by an APP installed on the user’s smartphone.

    The choice between the SMS token and the APP token is at the user’s discretion and is made when the certificate is issued.

    In practice, when a user needs to sign a document in a University system (for example, Almaesami for recording exam results), the user:

    • authenticates with their institutional credentials
    • is recognised by the system and, if they hold a remote signing certificate, is asked to enter:
      • their personal PIN
      • the single-use code received via SMS or generated with the APP installed on their smartphone.

    A document signature is permanently associated with the electronic document on which it is applied.

  • How to request and issue the signing certificate with CIE

    If you have a CIE digital identity, you can independently request and immediately issue the remote signing certificate.
    Using CIE serves as identification of the applicant.
    During the procedure you will be redirected to the Intesi Group Certification Authority (CA) website.
    Keep at hand your credentials for CIE.

    Follow these steps:

    • connect to the application firma.unibo.it
    • click the “Request the service” button
    • select “Identification via CIE”
    • you will be redirected to the Intesi Group CA website
    • follow the on-screen instructions until the issuance is completed
    • return to the application firma.unibo.it if you want to use your remote signature.

    Warning

    The personal PIN must consist of numbers only and must be between 8 and 16 digits long.

    The personal PIN must be kept with the utmost care.

    If you forget your PIN, please consult the FAQ.

  • How to request/issue the signing service with remote identification

    How to request

    For information on how to request a remote digital signature, please refer to the University Intranet.


    How to issue

    After submitting the signing certificate request with remote identification, follow these steps to issue the certificate:

    • connect to the application firma.unibo.it
    • click the “Issue the certificate” button
    • choose the token type you intend to use to receive the single-use code (OTP)
    • set a personal PIN: it must be a numeric code between 8 and 16 digits
    • enter the OTP code received via SMS or generated by the APP
    • enter the security code you received by email from Certification Authority Intesi Group S.p.A. (www.intesigroup.com) with sender noreply@time4mind.com.

    Warning

    The personal PIN must consist of numbers only and must be between 8 and 16 digits long.

    The personal PIN must be kept with the utmost care.

    If you forget your PIN, please consult the FAQ.

  • What the token is for

    The “token” is the method by which a user obtains the single-use code (OTP) required each time they need to digitally sign a document.

    It consists of a code of 8 to 20 digits and is used to validate document signing operations together with the PIN chosen by the user when the signing certificate was issued.

    Two different methods (tokens) are available for the user to choose from to obtain the single-use code (OTP):
    • SMS: each time the user wants to digitally sign a document, the system will generate a code sent via SMS to the phone number provided when the signing certificate was issued
    • Mobile APP: the single-use code (OTP) will be generated directly by an APP installed on the user’s smartphone. OTP codes are continuously generated and are valid for 30 seconds.
      When a user needs to digitally sign a document, they can use the OTP code generated at that moment by the APP. The OTP code can only be used once to sign a single document.

    Warning

    If you choose SMS and later wish to switch to APP (or vice versa), you need to go to the “Manage your signature” page and select the “Change token".

  • Which token to choose between APP and SMS
    To choose the most suitable method, we recommend carefully reviewing the comparison summary between the two options:

    APP

    Advantages

    • After the initial setup, it does not require mobile coverage to work since the code is generated by the APP, not sent.

    Disadvantages

    • Password generation is linked to the physical phone device, not to the phone number. If you change your phone, you need to install the APP on the new phone and reconnect the certificate.

    SMS

    Advantages

    • It can be used with any mobile phone.
    • Password generation is linked to the phone number, not to the physical device.
      If you change your phone, no action is needed as long as the phone number remains the same.

    Disadvantages

    • Mobile coverage is required.
    • It may cause issues with foreign phone numbers.
    • Your mobile carrier settings may prevent SMS reception.
  • Unibo Pass app installation guide

    Unibo Pass is available for the following systems:

    • iOS version 8.0 and above
    • Android version 4.4 and above
    • (Not available for Microsoft Windows systems.)

    Installation and activation of the APP involves the following steps:

    • select the APP in the appropriate store
    • download the APP to the smartphone
    • install the APP and link it to your institutional @unibo.it credentials
    • for CIE identification, grant the APP permission to use the camera
    • activate the APP by entering the single-use code (OTP) received via SMS.

    Warning

    The APP cannot be activated on more than one device at a time.

    The stores where the Unibo Pass APP is available are:

    Download from App Store
    Download from Google Play