Common questions from IT, legal and operations teams

Frequently Asked Questions

Answers to common questions about technology, compliance and deployment of authentication and document approval solutions.

Are electronic signatures recognized in Malaysia?
In Malaysia, the Digital Signature Act 1997 provides the legal framework for certified digital signatures, and electronic signatures are commonly accepted for many business processes. Legal admissibility can depend on context and the signature method used. AstraTsign implements industry-standard encrypted techniques and audit logs to support evidentiary requirements, but organizations should consult legal counsel for transaction-specific advice.
How does AstraTsign authenticate users?
AstraTsign supports a range of authentication options including single sign-on (SAML, OIDC), multi-factor authentication (SMS, TOTP, hardware vouchers) and integration with corporate identity providers. Authentication policies can be tailored per application, workflow or user group to match security posture and usability needs.
Can AstraTsign integrate with our existing document management system?
Yes. The platform is built with an API-first approach and offers connectors and integration patterns for common document repositories and enterprise systems. Integration scopes are scoped during discovery to ensure metadata mapping, access controls and retention policies are preserved.
What audit and compliance features are available?
AstraTsign maintains tamper-evident audit logs for all signature and approval events, exportable reports for internal and external review, and configurable retention settings. These controls are intended to help compliance teams demonstrate controls over approval lifecycles and access histories.
How long does implementation take?
Implementation timelines vary with integration complexity and user volume. Typical pilots with standard integrations can be completed in a few weeks, while full enterprise rollouts with custom workflows and directory integrations may take several months. AstraTsign provides a phased project plan with milestones to manage deployment risk and adoption.
What support options are available after deployment?
Post-deployment support includes technical support tiers, regular health checks, optional managed services for administration and periodic security reviews. Service level details are established in the service agreement to match operational requirements.
Does AstraTsign store documents in the cloud?
AstraTsign offers flexible storage models: cloud-hosted storage with strong encryption, or hybrid configurations where sensitive documents remain on-premises or in a customer-managed storage account. Data residency requirements are discussed during onboarding to align with corporate and regulatory constraints.
How do you handle access for third-party approvers?
Third-party approvers can be provisioned with limited, consent-based access and time-bound credentials. Workflows can use invitation mechanisms and contextual verification to ensure that external signatories are authenticated appropriately for the transaction at hand.