OneSpan Sign
by OneSpan · eSignature
Enterprise electronic signature and digital agreement platform with bank-grade security
- Works with
- Oracle Cloud, Salesforce, Microsoft Dynamics 365, Workday, SAP and other ERP systems
- Deployment
- Cloud, On-premise
- Company size
- Mid-market, Enterprise
- Pricing
- Subscription, tiered (Professional and Enterprise plans); annual commitment
- Founded
- 1984
- Headquarters
- Boston, Massachusetts, United States
Overview
OneSpan Sign is an enterprise electronic signature solution from OneSpan, a security and digital identity company that traces its roots to Vasco Data Security (founded 1984). The product lets organizations prepare, send, sign, and store legally binding agreements across web, mobile, call center, and in-branch channels, with a focus on the security, authentication, and audit requirements of regulated industries such as banking, insurance, and government.
The platform combines a no-code sender interface and reusable templates with a developer layer (open REST API and .NET, Java, and APEX SDKs) for fully embedded and white-labeled signing experiences. Every transaction produces a single, tamper-sealed audit trail embedded in the signed PDF, and OneSpan Sign supports the full range of e-signature assurance levels defined under the EU eIDAS regulation (Simple, Advanced, and Qualified electronic signatures) as well as the U.S. ESIGN Act and UETA. Optional capabilities extend the core into identity verification with liveness detection, remote online and in-person notarization (RON/IPEN), and low-code Smart Forms.
OneSpan Sign is offered primarily as a cloud service hosted in SOC 2, ISO 27001, FedRAMP, and HIPAA-compliant data centers across the US, Canada, the EU, and Australia, with an on-premises deployment option for organizations that require it. It integrates with major CRM, HRIS, content, and vertical business systems through prebuilt connectors, and connects to ERP and 1,000+ other applications via the Workato iPaaS platform or its public API.
Screenshots & demo
Demo video from the vendor's YouTube channel.
Features & capabilities
Signing experience
Remote and in-person signing across devices and channels.
- Click-to-sign, type, or draw handwritten signature options
- Mobile-optimized signing with automatic small-device detection
- Mobile signature capture for handwritten signatures on touch devices
- In-person signing for call centers and branches
- Co-browsing for guided, simultaneous document review
- Integrated video conferencing for live transaction completion
- WCAG 2.0 Level AA accessibility support
- Signer experience available in 21 languages
Sender workflow and document preparation
- Reusable templates and document layout blueprints
- Serial and parallel signing with customizable signing order
- Text tags for automatic signature and field placement
- Conditional (If/Then) fields for dynamic documents
- Recipient permissions (sign, approve, delegate) and document visibility controls
- Automated reminders and expiration settings
- Bulk send to multiple recipients from imported lists
- Fast Track URLs and QR codes for high-volume repeatable processes
Authentication and identity verification
Layered signer authentication options before and during signing.
- Email, SMS one-time passcode, and Q&A (shared secret) authentication
- Knowledge-based authentication (KBA) via Equifax
- Government ID document verification with facial comparison
- Active and passive liveness detection
- Digital certificates, smart cards, and derived credentials (CAC/PIV)
- FIDO passkeys using device biometrics
- SAML-based single sign-on (SSO)
Security, audit, and compliance
- Tamper-sealing of documents after each signature
- Single, unified audit trail embedded in the signed PDF
- Qualified timestamp binding signature data to a trusted time source
- Standards-based signatures meeting eIDAS SES, AES, and QES levels
- Virus and malware scanning of signer attachments
- Encryption in transit and at rest with key management options
- Document validity verification by clicking signature blocks
Developer, administration, and analytics
Embedding, governance, and reporting for enterprise deployments.
- Open REST API with .NET, Java, and APEX SDKs
- Sandbox environment for development and testing
- Full white-labeling of the signing process and email notifications
- Centralized administration across accounts and sub-accounts
- Role-based signing rules, groups, and permissions
- Data retention and transaction-purging configuration
- Performance, velocity, and volume analytics dashboards
Extended capabilities
- OneSpan Notary for Remote Online Notarization (RON) and In-Person Electronic Notarization (IPEN)
- Session recording and eJournaling for notarized transactions
- Smart Forms low-code digital forms automation
- eVault document archiving via eOriginal integration
- Print Driver for signing documents from any Windows application
Common use cases
- Account opening and onboarding agreements in banking and financial services
- Insurance applications, policy changes, and claims documentation
- Sales contracts, quotes, and proposals signed from CRM
- HR onboarding and employee documents from HRIS systems
- Government and public-sector forms requiring high-assurance signatures
- Remote online notarization of deeds, affidavits, and legal documents
- B2B contract execution requiring tamper-evident audit trails
Strengths & considerations
Strengths
- Supports all three eIDAS assurance levels (SES, AES, QES) for EU and high-trust use cases
- Built-in identity verification with liveness detection and KBA in the same platform
- On-premises deployment option in addition to the cloud service
- Comprehensive signer authentication options including smart cards and FIDO passkeys
- Tamper-sealed audit trail embedded directly in the signed PDF
- Backed by OneSpan's broader security and digital identity portfolio
Considerations
- Reviewers on G2 and Capterra describe the sender interface as feeling dated
- Capterra reviewers note initial setup and configuration can be complex
- Pricing and annual commitment may be high for small teams
- No native prebuilt connector for SAP; ERP integration relies on the API or Workato iPaaS
ERP integrations
Embedded integration and a Salesforce CPQ app available on AppExchange
Connected via Workato low-code platform (1,000+ apps) or the OneSpan Sign REST API; no SAP-specific prebuilt connector advertised
Pricing
30-day free trial. OneSpan does not publish full pricing on its site; third-party listings cite a Professional plan, with an Enterprise plan for white-labeling, API automation, and high volume. Pricing not independently verified from the vendor. Get an independent shortlist with pricing guidance below.
Technical & security
- Hosting
- OneSpan-managed cloud data centers (US, Canada, EU, Australia); on-premises option available
- Data residency
- United States, Canada, European Union, Australia
- Compliance
- ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018, SOC 2 Type II, FedRAMP, HIPAA, GDPR, eIDAS, U.S. ESIGN Act, UETA
- Mobile app
- Yes
- Languages
- English (US), English (UK), French, German, Spanish (Spain), Spanish (Latin America), Dutch, Italian, Portuguese, Russian, Polish, Romanian, Bulgarian, Danish, Norwegian, Greek, Arabic, Chinese (Simplified), Chinese (Traditional), Japanese, Korean
About the vendor
- Founded
- 1984
- Headquarters
- Boston, Massachusetts, United States
- Ownership
- Public (NASDAQ: OSPN); formerly Vasco Data Security International
- Notable customers
- IBM, RBC, Standard Chartered, Generali, Tangerine Bank
Alternatives to OneSpan Sign in eSignature
OneSpan Sign — frequently asked questions
Does OneSpan Sign integrate with ERP and CRM systems?
It offers prebuilt connectors for Salesforce, Microsoft Dynamics 365, Workday, Oracle Cloud, and other business systems. For SAP and other ERPs without a dedicated connector, integration is handled through the Workato iPaaS platform or the OneSpan Sign REST API and SDKs.
Is OneSpan Sign legally compliant for electronic signatures?
Yes. It supports the U.S. ESIGN Act and UETA and all three e-signature levels defined under the EU eIDAS regulation: Simple (SES), Advanced (AES), and Qualified (QES). Each transaction includes a tamper-sealed audit trail embedded in the signed PDF.
Can OneSpan Sign be deployed on-premises?
Yes. In addition to the cloud service hosted in SOC 2, ISO 27001, FedRAMP, and HIPAA-compliant data centers, OneSpan offers an on-premises deployment option for organizations with strict data-residency or control requirements.
What identity verification options does OneSpan Sign provide?
Beyond email and SMS one-time passcodes, it supports knowledge-based authentication via Equifax, government ID document verification with facial comparison, active and passive liveness detection, smart cards and derived credentials, and FIDO passkeys.
Evaluating eSignature?
Tell us your ERP and requirements and we'll send an independent shortlist — including OneSpan Sign and the best-fit alternatives — with honest pros and cons.