Data protection, data security, traceability and comprehensive support for national identification and signature technologies are essential prerequisites for the success of AFS. Sensitive data is often recorded and displayed using AFS forms.
The aforms designer and the aforms inbox support authentication using Windows Authentication, PVP and USP of the Austrian e-government, eIAM of the Swiss Confederation and OpenID Connect. Two-factor authentication is also offered.
AFS supports essential OWASP requirements for Password Security Requirements, General Authenticator Requirements, Authenticator Lifecycle Requirements and Credential Recovery Requirements. Our customers' regular audits confirm that AFS has a high level of security, even for critical areas of application
An AFS form can be used anonymously or identified by applicants. The mode, no, optional or mandatory identification, is determined depending on the form. If the identity of the applicant is known, the personal data in the form can be pre-filled and specific completions can be enabled (e.g. sending without signature).
AFS forms can accept identification information from various national systems such as ID Austria (AT), Handysignatur (AT), Portalverbund (AT), Unternehmensserviceportal (AT), SwissID (CH) and lisign/lilog (FL). For use cases with lower security requirements, AFS provides low-threshold "identification" mechanisms with mTAN procedures and mail confirmation. Identification with Open ID, such as Google ID, is also supported.
The use of a change log makes adjustments to the form traceable. This function is particularly useful for forms that display data that has already been entered. This data can be corrected as required. The change log is displayed on the control page and in the aforms inbox as an attachment to the application
Types of submission
Different submission types are available for AFS forms. Depending on the technical requirements or legal requirements, applications can be submitted with or without a signature. The submission type is defined for each form and can be combined and easily changed. AFS supports the following submission types:
Of course, it is possible to send applications directly without a signature (send directly). Optionally, a verification of the e-mail address or telephone number specified in the form can be activated here (e-mail and mTAN confirmation).
If a signature is required, it can be affixed manually to the printed application and an electronic version of the application can also be sent. With this procedure, known as "dual sending", it is possible to process the application data electronically in addition to printing it out.
Every AFS form can be signed electronically. Various national systems such as ID Austria (AT), Handysignatur (AT), SwissID (CH) and lisign (FL) are currently supported.
If the applicant is identified at the time of submission, a waiver of mail/mTAN confirmation or electronic signature can be configured. In this case, the application is sent directly.
AFS supports the application signature with different country-specific technologies.
Multiple signatures: With AFS, it is also possible for an application or notification to be signed by several people. After the first signature, the request is initially saved in the aforms inbox and can be called up and signed by other signatories. This means that signatures can be applied independently of time and place.
The inbound signature is created using the MOA signature components (modules for online applications) provided by the Austrian Federal Chancellery as open source software. Alternatively, other signature components can also be connected.
More on the topic of "Security"