Digital identity management is how organisations verify, track, and control who can access and sign documents. In e-signing, it is the difference between "someone signed this" and "this specific person signed this, and here is the proof."
Digital identity management (DIM) is the set of processes and technologies used to create, verify, maintain, and monitor digital identities across systems. It covers:
In the context of e-signing, DIM answers two questions: Who is allowed to send documents for signature? and How do we verify the identity of the person signing?
Sender-side identity management controls who in your organisation can create and send documents for signature. Without it, any team member could send a contract, commitment, or agreement on behalf of the company — potentially without proper authority.
Signer-side identity management verifies that the person signing is who they claim to be. This is the foundation of every electronic signature's legal validity. A signature without reliable identity verification is just a mark on a page.
Post-signing identity records provide evidence that can withstand legal scrutiny. If a signer later claims "that was not me," the identity evidence in your audit trail is what proves otherwise.
Identity verification in e-signing operates on a spectrum:
Level 1: Email-based identity. The signer receives a unique link at their email address. Accessing and signing from that link constitutes basic identity verification. This works for most business documents where the parties are known to each other.
Level 2: Multi-factor verification. The signer must provide something beyond email access — typically an SMS code sent to their phone. This confirms possession of both the email account and the phone number associated with the signer.
Level 3: Biometric verification. The signer uses a physical characteristic — fingerprint, facial recognition, or a hardware security key — to verify their identity. This ties the signature to the signer's physical person.
Level 4: Certificate-based identity. The signer uses a digital certificate issued by a trusted authority. This is the highest level of identity assurance and is required for qualified electronic signatures under the EU's eIDAS regulation. The certificate is typically stored on a physical device (smart card, USB token) or issued by a government authority.
Each level adds assurance but also adds friction. The right level depends on the document type, regulatory requirements, and the relationship between the parties.
Identity management is not just about signers — it is also about your internal team:
Access control. Not everyone in your organisation should have the same access to documents. A junior team member should not be able to send a major contract without approval. An HR manager should see HR documents but not financial agreements.
Audit accountability. When multiple people can send documents from your account, you need to know who sent what. Identity management creates a trail of internal accountability.
Onboarding and offboarding. When a new team member joins, they need access to the right documents. When someone leaves, their access needs to be revoked promptly. Managing these transitions is a core function of identity management.
GoodSign takes a practical approach to identity management — strong verification for signers, simple access for your team.
Signer identity verification. Multiple methods available per signer:
Team access. Add unlimited team members to your GoodSign account. Each team member has their own login, and all document activity is logged to the individual who initiated it. No per-user fees — your team size does not affect your costs.
Account security. Two-factor authentication (2FA) is available for team member logins, ensuring that account access is protected beyond just a password.
Activity logging. Every action taken within GoodSign — documents created, sent, viewed, signed — is logged with the user who performed it. This creates internal accountability and supports compliance audits.
Audit trail per document. Each signed document carries a complete identity record for every signer: email address, IP address, device information, timestamp, and verification method. This record is permanently attached to the document.
All identity management features are included at $1.50 per envelope sent. No extra charges for SMS verification, passkey authentication, or additional team members.
Some use cases require identity verification beyond what a standard e-signing platform provides:
Government-level identity (eIDAS qualified). If your documents require qualified electronic signatures, the signer needs a digital certificate from a qualified trust service provider. This typically involves government-issued ID verification and a certificate stored on a secure device. GoodSign does not provide qualified certificates — for these specific requirements, you need a platform that integrates with EU trust service providers.
KYC (Know Your Customer) verification. Financial services and other regulated industries may require document-based identity verification (passport, driving licence) before a person can sign. This is separate from e-signing and typically handled by specialised KYC providers, though some enterprise e-signing platforms include it.
Identity proofing. For one-off transactions with unknown parties — such as opening a new account or onboarding a new customer you have never met — you may need to verify the signer's identity against an external database or government records before they sign.
For most business relationships — where you know your clients, partners, and employees — email verification with optional SMS or biometric authentication provides sufficient identity assurance. Reserve the heavyweight identity management for situations where regulation demands it or the stakes justify the additional friction.
All rights reserved © GoodSign Limited 2026
2 Stuart St, Ponsonby, Auckland 1011, New Zealand..