OpenTrust SPI


SPITrust - Digital Signature/eSign

Non-Repudiation Digital Signature/eSign and Proof Infrastructure in the Paperless world

Digital Signatures/eSign are as secure as the business processes and technology used to create them.

SPITrust product suite targets all organizations seeking to secure their paperless transactions. It provides an industrialized infrastructure with web-based platform for rapidly implementing and integrating electronic / digital signatures into business processes and managing legally recognized elements of proof.

SPITrust is a suite of highly secure “off the shelf” products that provide all functionality necessary to:

  • create and validate digital signatures/eSign
  • generate legally recognized elements of proof
  • Sign and Verify PDF documents
  • Timestamp PDF documents
  • Multiple Signer workflow


  • X.509 v3 Digital Signatures
  • PDF Signature format (ISO 32000-1, PAdES Basic/Enhanced/Long Term)
  • Generating signed timestamps with RFC 3161 TSP Specification.
  • Multiple Signer Profiles
  • Confidentiality, Integrity and Authenticity
  • Sign by individual or group
  • Long Term Validation
  • Proof Elements for legal purpose
  • Standard built-in connectors for other trusted services
    • Certification Authorities
    • Time Stamping Authorities
    • HSM Signing Key
    • Active Directory / LDAP
    • SMS Gateway
    • T-OTP
  • Audit Trails


  • Easy and User-friendly
  • Reduced Processing Time
  • Reduced Operational Cost
  • Use anywhere, anytime and on any device.
  • Streamline document-signing process.

Paperless Operations

SPITrust perfectly comply with organizations GOAL of paperless operations by performing digital signatures/eSign on the PDF documents within the frameworks of organizations systems and procedures.

Assurance level

  • It provides confidentiality, integrity and authenticity:
    • Confidentiality – Digital Signature/eSign creation data is used under a control environment.
    • Integrity – the document is/was not manipulated after the digital signing process.
    • Authenticity – the document is signed by the claimed identity
  • Uniquely connected to the signatory
  • Capable of identifying the signatory
  • It is secure and trusted


  • Digital certificate: X509 v3 (revocation by CRL or OCSP)
  • Signature format: XAdES, PDF (ISO 32000-1, PAdES Basic/Enhanced/Long Term), PKCS#7/CMS, RFC3161 TSP Specifications
  • Hash algorithms: SHA1, SHA-256, and SHA-512
  • Signature algorithm: RSA
  • Key length: 1024 - 4096 bytes

Legally Recognized

Documents like memos, contracts, purchase orders, etc. are legal instruments for organizations, SPITrust provides legally recognized element of proof which legally binds the documents and admissible as evidence in the court of law. The legality of electronic/digital signatures are governed based on jurisdiction.

  • UAE Law: Federal Law No.1 of 2006
  • US SEAL (1998), UETA (1999), ESIGN (2001)
  • European Directive 1999/93/CE, December 1999
  • German Act on Digital Signature 2001, Signature Ordonnance 2001
  • Croatia (Act on Digital Signature, NN 10/02, 80/08, 30/14)
  • French Loi n° 2000-230 Mars 2000, Décret n°2001-272 Mars 2001

Signer Profile

  • Server seal – This means that the certificate is issued in the name of a legal entity and not in the name of an end-user / individual. Using PKCS#12 or HSM Signing Key
  • On-the-fly certificates – end user signature with on-the-fly certificate following X.509 standard. Using OpenTrust PKI /ReTrust.Me-PKI

Sign by Individual or group

  • Self-Sign – Signer upload and Sign
  • Initiator-Signer – Initiator upload and request Signer to Sign.
  • Initiator-Group (n of n) – Initiator upload and request all the members of the group to sign.
  • Initiator-Group (1 of n) – Initiator uploads and request one member of the group to sign.

Built-in Connectors

Standard built-in connectors for automated exchanges with other trusted third-party services such as…

  • Certification Authorities – Vendor Independent
    Time Stamping Authorities – Internal or External
  • HSM for Signing Keys – nCipher nShield, Thales Luna, Utimaco CryptoServer
  • SMS Gateway – Vendor Independent
  • Time based OTP – Google Authenticator (default)

RNTrust (SPITrust) use digital certificates and PKI (Public Key Infrastructure) to help your global business meet region-specific requirements, such as those found in the European Union, as well as the requirements of regulated industries around the world, including Financial, Aviation, Healthcare, Government, and Energy and Utilities.

Digital Signature/eSign - Success Stories

  • KIBSTrust SignPlus - Digitally transform your business with SignPlus eSignature solutions. 


FREE WEBINAR on “eSignature Platform” – The key to your digital transformation (Meeting compliance, IT Security and local regulations guidelines)

  • 1 Hour Free Webinar
  • SCHEDULE: Every Monday
  • TIME: 11:00AM (GST)
  • **Sessions will be conducted through Microsoft Teams
  • Brochure Link



RNTrust - Free Webinar SPITrust


FREE WEBINAR on “Go beyond eSignature” - SPITrust lets you prepare, execute and manage the lifecycle of nearly every agreement digitally

  • 1 Hour Free Webinar
  • SCHEDULE: Every Wednesday
  • TIME: 03:00PM (GST)
  • **Sessions will be conducted through Microsoft Teams
  • Brochure Link




For further information, please contact us at, call +800-RNTrust (7687878) or whatsapp +97144465180.