PenOp adds a new data type (the handwritten signature) to on-line transactions. Thus, in order to truely evaluate the capabilities of this Plug-In, you shall require functionality at your Web server to receive and interrogate captured signatures. Technically speaking, PenOp is a software component that works with other software, known as the "client application" (Netscape). The client application manages documents to be signed and displays them to a user. Then PenOp governs the capture of the user's signature information and the linking of that information to the document controlled by the client. Subsequently, PenOp can be used to verify the user's signature.
PenOp can be used to attach signatures to electronic forms and documents, and can detect whether a document has been modified since it was signed. PenOp can also be used to authenticate the claimed identity of a user, by means of their dynamic signature metrics.
PenOp has a number of built-in safeguards which anticipate the rich variety of situations in which signatures might be used, with particular emphasis on data security, privacy, and legal issues.
A supported graphics tablet (e.g. Wacom ArtPad) is required for signature capture.
Refer to the white paper "PenOp Netscape Plug-in Architecture and Usage" for an in-detail discussion of how PenOp can be used in an on-line transaction. The local help file nspenop.hlp contains information on the plug-in capabilities.
To download a demonstration of the PenOp Netscape Plug-In in action click here
application/penop-btk and the associated file extension btk. See your server documentation on how to do this.
application/penop-btk
To test the plug-in, you can sign an HTML document containing an embedded command to the PenOp plug-in, like the examples below.
Two rectangles should be displayed below, one should contain a signature, the other should contain an area for signing.
Troubleshooting : The PenOp NSPI relies on the fact that your PC is licensed with PenOp/Sign. You will not be able to capture a signature unless you purchase a license string from PenOp.
| Test 1 : View a Captured Signature | Test 2 : Capture A Signature |
|---|
<EMBED src=data.btk width=200 height=100
action_url=http://hoohoo.ncsa.uiuc.edu/cgi-bin/query
method=GET"
claimed_id="John Doe"
prompt="Sign Contract..."
gravity="I am signing to agree to the terms and conditions identified in this document">
The tag values are as follows :
| Tag | Description |
|---|---|
| src | Defines a file containing a signature to be displayed. If a signature is to be captured then an empty file should be supplied. |
| width, height | Define the netscape html units for the PenOp hot spot area |
| action_url | Defines the cgi-bin/NSAPI script which will run in response to the captured signature being submitted. The PenOp/Software Development Kit is required at the receiving server for it to decode and interrogate/verify a captured signature. The server script identified will be POSTed the captured signature in the variables 'BTOKEN' and 'BTOKENLEN'. All variables are url encoded. The sample destination identified is a test site which will echo back the variables sent to it. |
| method | (Optional) How the biometric token will be sent to the script on the server. Possible values are GET and POST. Default is GET. |
| prompt | Defines the text displayed when the cursor is placed in the hot spot area |
| gravity | Defines the string to be displayed while a signature is being captured |
| claimed_id | (Optional) Defines the name of the signatory who will sign the document. If this tag is missing, the name of the signatory will be taken from the user name, specified in the Netscape Mail & News preferences |
Note : In addition to these tags, if the embed syntax contains additional values which were unknown to the PenOp Netscape Plug-In, the tag values are passed onto the 'action_url' as additional variables. This mechanism allows a back-end script to receive additional information (e.g. a transaction identifier).
tel : In US (800) 286-4137
Elsewhere +44 1373 452755