Chapter 1

INTRODUCTION

1.1 PROJECT CONTEXT

The widespread use of e-signatures signifies a significant shift towards

digitalization in various sectors, offering convenience, efficiency, and security in

document signing processes. It enables remote signing, streamlines workflows, reduces

turnaround times, and minimizes administrative burdens. E-signatures also contribute to

cost savings by eliminating expenses associated with printing, mailing, and storing

physical documents. Furthermore, enhancing security through encryption, authentication

mechanisms, and audit trails, mitigating risks such as forgery and unauthorized access.

Overall, adopting e-signatures reflects the growing reliance on digital solutions to

modernize and streamline business operations.

According to the Ecommerce Act (2021), electronic and digital signatures are

allowed in the Philippines. As long as the electronic signature and the method of how it is

secured are in compliance with the requirements of the law, it will become legal and

binding and can be presented as evidence in any legal dispute in court. With the

challenges presented by the pandemic regarding the physical and manual signing of

documents, many businesses and organizations are planning to switch to the use of

electronic or digital signatures in transactions.

Furthermore, using e-signatures in government transactions is officially

sanctioned by the Commission on Audit’s (COA) Circular No. 2021-006. Issued on

September 6, 2021, this circular sets the guidelines for using electronic documents,

electronic signatures, and digital signatures in government transactions. It emphasizes

 2

that electronic documents with e-signatures are considered equivalent to paper documents

with handwritten signatures, provided that appropriate control mechanisms are in place

(COA, 2021).

One of the risks associated with e-signatures is vulnerability to manipulation and

extraction using software like Photoshop. This means that unauthorized parties could

potentially alter or remove e-signatures from documents, compromising it’s integrity and

authenticity. To mitigate this risk, It is crucial to use secure e-signature platforms that

employ encryption, authentication mechanisms, and tamper-evident features to protect

against such unauthorized alterations. Additionally, organizations should implement strict

access controls and audit trails to monitor and track any changes made to e-signed

documents.

E-signatures can be used safely and effectively with the implementation of

appropriate control mechanisms. These mechanisms ensure the integrity and authenticity

of the signatures and the documents they represent. Control measures may include

encryption, authentication, audit trails, and access controls. By implementing these

controls, organizations can confidently use e-signatures for various purposes while

maintaining security and compliance with legal requirements.

Pangasinan State University San Carlos Campus was among the first campuses

established in the PSU System by virtue of Presidential Decree No. 1497 which was

promulgated on June 11, 1978. It started as the College Department of the Speaker

Eugenio Perez National Agricultural School (SEPNAS). It was the offering the two-year
 3

post-secondary Agricultural Technician (ATT) course and four-year Agricultural Teacher

Education (BSAEd) program. (Wikipedia, 2024)

Pangasinan State University San Carlos Campus (PSU SC) utilizes e-signatures

for various administrative processes, such as handling absences for convenience or when

the signatory is unavailable to sign documents physically. This adoption of e-signatures

streamlines administrative tasks, enhances efficiency, and facilitates remote

documentation management, contributing to the campus’s commitment to leveraging

technology for improved operations and service delivery.

Pangasinan State University San Carlos Campus faces challenges related to

counterfeit e-signatures due to inadequate control mechanisms. Without proper

authentication and verification protocols, the risk of unauthorized manipulation or

duplication of e-signatures becomes a significant concern. This threatens the integrity and

authenticity of digital documents, potentially leading to legal and administrative

complications. To address this challenge effectively, PSU SC needs to prioritize the

implementation of robust control mechanisms, including encryption, authentication, and

audit trails, to ensure the security and validity of e-signatures across its administrative

processes.

Implementing a Document Web-based secured e-signature verification system

using QR codes for Pangasinan State University San Carlos Campus would indeed serve

as a valuable control mechanism. This system would enhance the security and

authenticity of e-signatures by providing a reliable method for verifying their validity. By

integrating QR codes into the e-signature process, the system can generate unique
 4

identifiers linked to each document, making it easier to detect and prevent counterfeit

signatures. Additionally, the system can incorporate encryption, authentication, and audit

trail features to further bolster security measures. Overall, deploying such a system would

significantly mitigate the risks associated with counterfeit e-signatures, ensuring the

integrity of digital documents across PSU SC’s administrative processes.

1.2 PURPOSE AND DESCRIPTION

In the capstone project titled “Secured E-Signature for Pangasinan State

University San Carlos Campus,” the purpose and description are as follows: The goal of

this project is to provide Pangasinan State University San Carlos Campus with an

advanced, yet approachable, Secured E-Signature verification system that makes use of

QR code technology. The purpose of this system is to improve and expedite a digital

signature verification procedure for the administrative and academic processes of the

university. Enrollment forms, academic transcripts, and administrative approvals are just

a few of the documents and transactions for which users will be able to securely generate

digital signatures using the system. To ensure data integrity and security, these signatures

will be encrypted and incorporated into QR codes.

The system will offer a centralized platform that can be used to scan QR codes for

e-signature verification, doing away with the need for manual verification procedures.

The ability to instantaneously confirm the legitimacy of signatures will be available to

authorized staff, such as administrators, faculty, and students. This will reduce

paperwork, increase efficiency, and improve overall security measures at the university.
 5

The implementation of Secured E Signatures has revolutionized the way

businesses and individuals handle documentation. By leveraging digital encryption and

authentication techniques, Secured E Signatures ensure the integrity and authenticity of

electronic documents. This not only streamlines the signing process but also enhances

security, reducing the risk of fraud and tampering.

To protect sensitive data and stop illegal access or tampering, the system will also have

advanced security measures like authentication procedures and encryption algorithms.

1.3 OBJECTIVES OF THE PROJECT

Generally, this project aims to design and develop and design “Web-based secured

e-signature verification system using QR codes for Pangasinan State University San

Carlos Campus” in order to secure the situation of e-signature. Specially, it aims the

following:

1. Identify the existing E signature utilization process at Pangasinan State University

San Carlos;

2. Determine the features in terms of functional and non-functional requirements of

the system; and

3. Test the acceptability of the system to the users.

1.4 SIGNIFICANCE OF THE STUDY

In the digital age, the necessity for secure and efficient electronic signatures (e-

Signatures) has become increasingly prominent. E-Signatures are essential for validating

the authenticity and integrity of digital documents across various sectors, including

finance, healthcare, and legal industries. To enhance security and streamline verification
 6

processes, the integration of QR codes into eSignature systems has emerged as a

promising solution.

Campus officials: will benefit from a streamlined and secure method for

managing and overseeing document signatures. This system ensures compliance with

campus policies and objectives while significantly reducing administrative overhead,

allowing officials to focus on strategic initiatives and decision-making rather than time-

consuming paperwork.

Stakeholders: Stakeholders including regulatory bodies and accreditation

agencies associated with PSU San Carlos Campus, will benefit from the improved

accountability and traceability provided by the secure e-signature system. This enhances

trust and facilitates smoother collaborative agreements with other institutions, ensuring

all interactions are transparent and verifiable.

Employees: will benefit from the ability to sign official documents, approve

requests, and complete administrative tasks electronically. This streamlines workflows,

reduces the burden of manual paperwork, and enhances overall productivity within the

university, allowing staff to focus more on their primary responsibilities.

Students: will experience increased convenience and efficiency through their

administrative interactions with the university. The e-signature system allows for quick

and easy signing of documents related to enrollment, academic petitions, and other

processes, saving time and reducing the need for physical paperwork, thus enhancing

their overall campus experience.

 7

Developers: Developers will benefit by applying their skills and knowledge in the

creation of the e-signature system, gaining valuable experience and professional growth.

They will be responsible for designing, developing, and maintaining a secure, user-

friendly, and functional system tailored to the campus’s specific needs, which provides a

significant professional development opportunity.

Future developers: will benefit from the foundation laid by the initial system,

allowing them to build upon and enhance the e-signature system over time. This ensures

the system remains relevant and effective in the face of evolving technological trends and

campus requirements, providing continuity and opportunities for further innovation.

1.5 SCOPE AND LIMITATIONS

This section outlines the project’s scope and limitations, clarifying its operational

boundaries and potential limitations that could affect its execution and results.

The project focuses on developing a secure e-signature exclusively for Pangasinan

State University employees. Key features include encryption to prevent unauthorized

access and tampering. This project entails developing and implementing a Secured E-

Signature Verification System with QR code technology exclusively for Pangasinan State

University employees. The users can access this project are the secretaries, Deans, Head

Administrator at Pangasinan State University San Carlos Campus.

The system streamlines administrative processes through key features: efficient

electronic signature management and swift verification using QR codes, ensuring

 8

document authenticity and minimizing fraud risks. Comprehensive audit trail logs

maintain transparency, tracking all signature activities. Additionally, users can assign

authorized representatives within departments, facilitating smoother approval workflows.

The system also simplifies department office and user account management, empowering

administrators to control access effectively. Overall, this initiative marks a significant

stride towards modernizing and digitizing administrative operations at Pangasinan State

University.

While the Secured E-Signature Verification System offers substantial benefits, it’s

important to recognize its limitations. Firstly, advanced document editing capabilities are

not within the system’s scope, requiring users to employ separate software for extensive

document modifications. Secondly, the system currently lacks a dedicated mobile

application, limiting accessibility and convenience for users who require on-the-go

access. Additionally, document versioning functionality is not integrated into the system,

potentially complicating revision management processes.

However, despite these constraints, the system remains highly effective in

facilitating secure e-signature verification and streamlining administrative procedures. As

future developments unfold, addressing these limitations by incorporating advanced

document editing features, mobile app development, and document versioning

capabilities could further enhance the system’s utility and user experience.

1.6 DEFINITION OF TERMS

Acceptability: refers to stakeholders’ willingness to use and trust the e-signature

system, ensuring its adoption and effectiveness. High acceptability is essential as it

 9

guarantees that campus officials, employees, students, and external partners will utilize

the system regularly. When stakeholders trust the system’s security, ease of use, and

reliability, they are more likely to embrace it, which leads to increased efficiency, reduced

paperwork, and better adherence to institutional policies and objectives.

Existing Process: The existing process describes the current method or procedure

used by PSU San Carlos for signing and managing documents, which traditionally

involves manual, paper-based processes. Understanding the existing process is crucial for

identifying inefficiencies and areas for improvement. By highlighting the time-

consuming nature and potential for errors in the traditional method, the new e-signature

system can be justified as a means to streamline operations, reduce administrative

burdens, and enhance overall productivity.

Features: Features are the specific functionalities and capabilities of the e-

signature system, such as document signing, authentication, encryption, and audit trails.

The features determine the system’s effectiveness and appeal to users. Key functionalities

like secure document signing, robust authentication mechanisms, data encryption, and

comprehensive audit trails ensure that the system meets user needs and regulatory

requirements, providing a secure and efficient solution for document management.

Functional Requirements: Functional requirements describe the specific actions

and behaviors that the e-signature system must perform, such as capturing signatures,

generating QR codes, and sending notifications. These requirements are essential for

ensuring that the system can handle all necessary operations effectively. By clearly

defining these requirements, developers can create a system that meets stakeholder
 10

expectations, facilitates smooth workflows, and supports the campus’s administrative

processes.

Non-functional Requirements: Non-functional requirements refer to the criteria

that the e-signature system must meet regarding performance, security, reliability, and

usability, such as response time, data encryption, system availability, and user interface

design. These requirements are critical for ensuring the overall performance and user

satisfaction of the system. High standards in these areas guarantee that the system is not

only functional but also secure, reliable, and easy to use, which is essential for gaining

stakeholder trust and ensuring long-term success.

PSU San Carlos: PSU San Carlos refers to Pangasinan State University – San

Carlos Campus, the specific campus where the e-signature system is being implemented.

Identifying PSU San Carlos as the implementation site provides context for the project,

highlighting the unique needs and goals of this campus. Tailoring the system to address

these specific requirements ensures that it meets the administrative processes and

stakeholder expectations effectively, leading to a successful implementation.

QR Code: A QR code is a two-dimensional barcode that contains information

encoded in it, used in the e-signature system to provide a unique identifier for documents

and facilitate verification. Integrating QR codes into the system enhances document

security and verification efficiency. By offering a quick and reliable method for

confirming the authenticity of signed documents, QR codes reduce the risk of fraud and

streamline document management processes, thereby maintaining the integrity of digital

transactions.
 11

Secured E-signature: A secured e-signature is an electronic signature protected

by robust security measures to ensure its authenticity, integrity, and confidentiality,

typically achieved through encryption, authentication mechanisms, and tamper-evident

features. Ensuring that e-signatures are secure is vital for maintaining the trustworthiness

of digital transactions. Robust security measures prevent unauthorized access and

alterations, making the system reliable for high-stakes documents and fostering

stakeholder confidence.

Verification System: The verification system is the component of the e-signature

system responsible for confirming the authenticity and validity of e-signatures, often

utilizing QR codes, encryption keys, and authentication protocols. A strong verification

system is essential for maintaining the credibility of the e-signature process. It ensures

that signatures are genuine and documents are unaltered, which is critical for legal

compliance and institutional integrity.

Web-based refers to software applications or systems that are accessible through

a web browser over the internet, allowing users to interact with them remotely without

needing local installation or specific hardware requirements. A web-based system offers

flexibility and accessibility, enabling users to sign and manage documents from any

location. This convenience is particularly valuable for large institutions like PSU San

Carlos, where users need to interact with the system from various locations and devices.
 12

Chapter 2

REVIEW OF RELATED LITERATURE AND SYSTEMS

 13

This chapter provides an overview of the technical background and related

literature discovered through an extensive search conducted by the developers.

Additionally, it includes a synthesis of findings and conceptual mapping encountered

during the project.

2.1 TECHNICAL BACKGROUND

This section delves into the technical aspects of the project, providing insight into

the software and programming languages used in creating the system. A web-based

secured e-signature verification system using QR codes integrates digital signatures with

QR codes for enhanced security. It employs asymmetric encryption to create and verify

signatures. The QR code encapsulates the encrypted signature and document hash,

allowing verification by decoding the QR code and comparing the hashes to ensure

document integrity and authenticity.

2.1.1 Hardware and Software Requirements for System Development

Every computer program needs hardware or software already installed on the

computer to function properly. These requirements are known as system requirements.

While they may offer some flexibility, system requirements are generally not strict rules.

Developers ensure that the hardware and software needed for the "Secured E-Signature"

system meet these requirements to guarantee smooth operation.

Table 2.1 Minimum Hardware Requirements for the Development of the System
 14

Hardware Component Minimum Requirements

Processor Intel Core i3

RAM 8GB or higher

Storage 1TB or higher

Display 1280x800 resolution or higher

This table outlines the minimum hardware specifications required for developers

to create the Secured E-signature Verification System using QR codes. It includes

components such as the processor, RAM, storage, display, and input devices. These

specifications ensure that developers have a suitable environment for coding and testing

the system

Table 2.2 Minimum Software Requirements for the Development of the System

Software Component Minimum Requirement

Operating System Windows 10 or up This
Integrated Development
Visual Studio Code
Environment (IDE)
Programming Language PHP
Frontend Technologies HTML, CSS, Bootstrap
Bootstrap (for responsive design),
JavaScript Frameworks Custom JavaScript for essential
system functionalities
Database MYSQL
Local Server Environment XAMPP
table outlines the essential software components for developing the Secured E-signatures

Verification system using QR codes. It encompasses the Integrated Development

 15

Environment (IDE), programming language, frontend technologies (HTML, CSS, and

Bootstrap), JavaScript frameworks, database, and a local server environment (XAMPP).

Each of these software components plays a vital role in facilitating the creation, design,

and testing of the system’s code and user interface.

Furthermore, developers utilized different software applications and programming

languages to develop the system. This application is as follows:

PHP. PHP stands for Hypertext Pre-processor, it is a server-side scripting

language widely used for creating dynamic and interactive web applications. It allows

developers to embed code directly into HTML, facilitating tasks such as form processing,

database interaction, and content generation. PHP is known for its flexibility, scalability,

and extensive community support, making it a popular choice for web development

projects.

Visual Studio Code. VS Code is a free, open-source code editor developed by

Microsoft. It supports various programming languages and features extensions,

debugging tools, and Git integration, making it a versatile tool for developers. It runs on

Windows, macOS, and Linux, offering cross-platform compatibility.

HTML. The Hypertext Markup Language is the standard language used to create

the structure and content of web pages. It consists of a series of all elements, each with its

own purpose and meaning that define the layout and presentation of information on the

internet. HTML documents are interpreted by web browsers to render text, images, links,

and other media elements, forming the backbone of the World Wide Web.
 16

CSS. The Cascading Style Sheets is a style sheet language used to control the

presentation and layout of HTML documents. It allows developers to define styles for

individual elements or groups of elements, specifying properties such as colors, fonts,

margins, and positioning. CSS enables the creation of visually appealing and responsive

web designs that adapt to different screen sizes and devices, enhancing the user

experience across various platforms.

Bootstrap. The bootstrap is a front-end framework for building responsive and

mobile-first websites and web applications. It provides a collection of predesigned

components, templates, and utilities that simplify the process of creating modern and

visually appealing user interfaces. Bootstrap’s grid system, CSS styles, and JavaScript

plugins help developers quickly prototype and customize designs, ensuring consistency

and compatibility across different browsers and devices.

MySQL. The MySQL is a popular open-source relational database management

system known for its reliability, performance, and scalability. It allows developers to

store, retrieve, and manipulate structured data using SQL (Structured Query

Language), making it an essential component of dynamic web applications. MySQL is

widely used in conjunction with PHP and other server-side technologies to create

dynamic and data-driven websites, online stores, and content management systems.

XAMPP. The Xampp is a free and open-source cross-platform web server

solution stack that includes Apache, MySQL, PHP, and Perl. It provides developers with

a complete and easy-to-install environment for testing and developing web applications

locally. XAMPP allows developers to emulate a production server environment on their

 17

own computers, enabling them to develop, debug, and deploy web projects without the

need for internet connectivity or external hosting services.

Table 2.3 Minimum Hardware Requirements for Deployment or Implementation of

the system

Hardware Components Minimum Requirement

Processor Intel Core i3

RAM 8GB or higher

Storage 1TB SSD or higher

Network Stable internet connection for

remote access

This table outlines the minimum hardware specifications required for deploying

or implementing the Document Tracking System in a production environment. It includes

components such as the processor, RAM, storage, and network connectivity. These

specifications ensure that the deployed system can handle the expected workload and

provide reliable service to users.

 18

Table 2.4 Minimum Software Requirements for Deployment or Implementation of

the system

Software Component Minimum Requirement

Operating System Windows 10 or up

Apache (included in
Web Server
XAMPP)

Database Server MYSQL

Other Tools Git for version control

This table lists the necessary software components to deploy or implement the

Secured E-signature on a server. It includes the operating system, web server (Apache),

database server (MySQL), and other tools like Git for version control. These software

components form the infrastructure for hosting and running the system in a production

environment.

Overall, these tables provide a comprehensive overview of the hardware and

software requirements for both the development and deployment phases of the Secured

E-Signature.

2.1.1 RELATED LITERATURE

This section presents the related literature on Secured E-signature Verification

using QR codes, encompassing studies, books, articles, and essays that delve into the

expanse of existing processes, features, and the acceptability of such systems. It aims to
 19

provide a comprehensive understanding of how secured e-signature have been

conceptualized, deployed, and received across various domains.

2.1.1.1 Existing Process of Secured E signature

According to Erdogan & Saran (2020), investigates a server-based electronic

signature structure as a centralized e-signature method applicable to Turkey’s current eID

system. The study evaluates existing e-signature methods in Turkey to determine the

potential advantages and disadvantages of the proposed server-based solution.

Specifically, it examines Austria’s server-based eID approach and assesses its

compatibility with Turkish eID use cases. The research proposes a server-based eID

structure for Turkey and evaluates its effectiveness in simplifying e-signing practices.

Steps necessary for successful integration into the current infrastructure are outlined.

Ultimately, the study concludes that a server-based signature approach could enhance

online identification and bring Turkey closer to international e-signature standards.

A research article published by Vilma et al., (2019) this article explores the

development of electronic signatures, or e-signatures, in Albania, starting with the

National Authority for Electronic Certification's formation in 2009 and the execution of

directives since 1997. It evaluates how e-signatures are currently used in the public and

private sectors, with an emphasis on e-government initiatives. The essay also discusses

how the eIDAS rule affects non-EU nations like Albania, highlighting the necessity of

paperless processes and the difficulties associated with putting e-documents into practice.

The paper emphasizes the advantages of creative and safe techniques, such as distant e-
 20

signatures, using observation and case studies of Albania's e-customs, e-prescription, and

e-permit systems as well as research from foreign organizations.

In a study conducted by Huang (2023), the article presents a dynamic signature

verification technique (DSVT) for online and offline electronic signature (E-)

authentication using biometric technologies. Mutual compliance (MC) between the

biometric device and the security system is necessary for this strategy to work. The

security system is in charge of authorizing signatures based on user-provided personal

inputs. These signatures are subsequently compared to offline and online signatures that

have been stored using certificates for authentication. Certificate-based authentication

works for both offline circumstances involving individuals and online representation

within a session. The method uses classifier learning to validate security parameters like

signing bit, key, and size and uses a traditional tree classifier to distinguish between

offline and online signatures. To improve dynamicity in the segregated mode, these

indicators must be unanimously validated.

According to Indriyawati et al., (2021) a web-based degree document certification

system with a digital signature in Semarang University has a purpose to support academic

to do online document certification through a system. The main problem which occurs in

academic administration is a long document certification process that causes an

ineffective and inefficient certification process. To solve the problem, a system that can

encrypt a document for better security is required. This system is built with the advanced

encryption standard algorithm with a 128-bit sized key to encrypt confidential

information inside the document. During the encryption process, this algorithm operates
 21

using 4x4 bit array blocks and passing many encryption processes for at least 10 (ten)

times. The application is analyzed with object-oriented analysis and modeled withunified

modeling language. The result of this research is a system which can secure document

with AES algorithm with a 256-bit sized key. The security element in this algorithm will

make easier to identify the owner of the document. The secured document is easily

accessible through PHP-based web or available QR code. When decrypting the

document, the application will activate the camera function and decrypt the information

document.

2.1.1.2 Features of Secured E-signature

According to Edisherashvili (2019), discusses the profound impact of information

technologies, particularly the Internet, on human life, with e-commerce becoming a

significant component of civil turnover. E-contracts, facilitated by e-signatures, play a

crucial role in this landscape, determining the existence or absence of written form. The

article addresses the legal status, technical safety, and reliable application environment of

e-signatures, necessitated by the shift away from paper-based operations. It emphasizes

the importance of authentication and signer identity verification in various models of e-

signatures, underscoring the need for a secure environment. The article examines the

legal framework governing e-signatures in Georgia, Russia, Continental Europe,

Common Court member states, and international directives and guidelines.

A research article published by Smejkal and Kodl (2021), both Digital Biometric

Signatures (DBS) and Certificate-based Electronic Signatures (CES) exhibit satisfactory

performance across key features such as data security, counterfeiting prevention, time
 22

limitations, and ease of use. However, DBS outperforms CES overall, despite current EU

legislation favoring CES due to its qualified certificate requirement. The authors argue

that CES’s preference lacks legal and technological justification, as electronic signature

requirements are inherently stricter than those for paper signatures. DBS, seen as a

traditional method augmented by unique biometric attributes, offers a compelling

alternative.

In a study conducted by Dantes et al., (2022) highlight the increasing use of

electronic signatures in shareholder meetings, facilitated by technological advancements.

However, despite the widespread adoption of electronic signatures, their legal force in the

context of electronic General Meetings of Shareholders (e-GMS) remains ambiguous.

The study aims to analyze the legal validity of electronic signatures in e-GMS of Limited

Liability Companies. Electronic signatures, defined by Law Number 1 of 2016, serve as

essential authentication tools in shareholder meeting minutes. The study emphasizes

several points: (1) Electronic signatures should ideally be officially certified by a

Certificate Authority (CA) to ensure their legal validity, (2) Minutes of e-GMS must be

notarized by a physically present Notary to comply with relevant laws, and (3)

Transactions involving electronic signatures carry the same legal weight as authentic

deeds, provided they adhere to legal requirements.

According to Burganova et al., (2023) the purpose of this study is to develop a

method for two-factor authentication of electronic documents using an enhanced

encrypted non-certified digital signature with the use of a security token with biometric

data (fingerprint image). In order to achieve the goal, the method of comparative analysis
 23

was used. Existing algorithms for the electronic signature operation were studied. The

method of multi-factor authentication of an electronic signature using biometric data has

been studied in detail. Biometric data included: a handwritten password, an autograph,

typing biometrics when typing a pass phrase, a facial image, typing biometrics when

typing a free text. An external storage medium with a biometric authentication method

based on a fingerprint image was also studied. Information on this media was accessed by

scanning a fingerprint image. After conducting a comparative analysis and studying in

detail these methods, a method for two-factor authentication of an electronic signature

using a security token with biometric data was developed.

2.1.1.3 Acceptability of Secured E-signature

According to Griffin (2019), highlights the growing acceptance of e-signatures

across various sectors, especially amid uncertain times like the Covid-19 pandemic.

However, existing literature lacks comprehensive studies on e-signature awareness and its

benefits. To address this gap, Griffin developed the AoE-sign scale, consisting of 16 items

and two sub factors: “Awareness” and “Benefits,” validated through exploratory factor

analysis. The scale demonstrates high reliability and validity, with Cronbach’s Alpha

values of .888 for Awareness, .790 for Benefits, and .889 overall. This indicates its

usefulness for top-level managers, particularly in developing countries like Cyprus, to

gauge user awareness and organize effective e-signature training in organizations.

A research article published by Solms (2020), while the adoption of electronic

signatures offers significant cost and time savings for organizations, it also presents

cybersecurity risks. Many companies are in early stages of adoption, leaving room for
 24

potential manipulation and exploitation. The paper explores different types of electronic

signatures, their vulnerabilities, and proposes security measures for individuals and

organizations to enhance the secure use of electronic signatures.

In a study conducted by Yıldırım (2022), emphasizes that electronic signature

technology has addressed the needs of security, reliability, and legal acceptability in

various applications, including supply chain management. The legal foundation for

electronic signatures began forming in the late 20 th century, with many countries enacting

laws to govern tthe use. Supply chain systems, characterized by their complexity and

international scope, require seamless integration of legal and economic systems. Both

public and private sectors have implemented electronic signature technology in supply

chain processes, impacting operations significantly. The research examines the legal and

technical aspects of electronic signatures and their influence on supply chain

management.

2.1.2 RELATED STUDIES

This section presents the related studies that delve deep into the examination of

Secured E-signature from various perspectives, drawing insights from empirical research,

case studies, and detailed analysis. These selected studies aim to provide a

comprehensive understanding of the technological, operational, and organizational

nuances of Secured E-signature. By focusing on empirical data and real-world

applications, this section underlines the tangible impacts, challenges, and potentialities

associated with the deployment and acceptance of Secured E-signature.

2.1.2.1 Existing Process of Secured E-signature

 25

According to Ahmed et al., (2020), the use of technological tools helped judicial

systems to transform court working processes from paper-based conventional systems to

a modern electronic format that is more efficient and effective with the aim to deliver

better justice services to citizens. However, implementing a fully electronic paperless

court system can be achieved only if all relevant processes are digitized; and no paper is

used in the court workflows anymore. This requires a legal, valid electronic signature

(eSignature) to authenticate court users and to sign court documents electronically and

securely. This research investigates the case of the Sulaimaniyah Appellate Court

electronic court (eCourt) system in the Kurdistan Region of Iraq (KRI). An exploratory

case study research design is employed through a triangulation of multiple sources of

data, expert interviews with court users, personal observation, and document analysis of

relevant literature that is furthermore supported by comparison with the example of the

Estonian eCourt system. The results show an essential role of eSignature in eCourt

systems and aim to extend the body of knowledge and literature for academic researchers,

judiciaries, and practitioners concerning the implementation of eCourt systems.

A research article published by Turkanovic & Podgorelec (2020), Blockchain

technology is increasingly being considered among both private enterprises and public

services. However, it poses a challenge with regard to aligning its identity management

scheme with the Public Key Infrastructure and the Qualified Digital Certificates issued by

Qualified Trust Service Providers. To solve this challenge, we will present a solution in

the form of an architecture reference model, which enables enterprises and public

services to leverage blockchain technology by integrating Qualified Electronic Signatures

 26

with blockchain transactions. The evaluation of the architecture reference model is

provided through the design of a blockchain-based Trusted Public Service and a use-case

scenario example. The proposed architecture reference model is based on the CEF

building blocks EBSI, eSignature, and eID compliant with eIDAS.

In a study conducted by Ullah et al., (2021), the world is growing very rapidly

concerning technology. In the next-generation Internet, the existing architecture requires

to be upgraded from Host-Centric Networking paradigm to Information-centric

networking architecture. The unique aspect of information-centric networking is in-

network cashing. Due to the system augmentation and In-network cashing technique, this

novel system needs extremely high content security to ensure system integrity and

maintenance. 5G network may be supported by the Information-Centric Network due to

its high data transmission rate. In order to handle the serious security issues such as attack

on confidentiality, authentication and integrity of the content, a Digital Signature based

Access Control Mechanism in Information-Centric Network (DSAC) scheme is proposed

to enhance security of ICN. Briefly, this new scheme uses Digital Signature, hash

function, Trusted Third Party (TTP) and Proxy TTP. The client request for content, after

receiving a request, the content provider generates and encrypts content with the digital

signature and random value ‘k’ hash function and send it to TTP. After the signing

process, the TTP sends the encryption hash key to Proxy TTP. In this proposed scheme

authentication, confidentiality, the integrity aspects of the content security are improved.

2.1.2.2 Features of a Secured E-signature

 27

According to Yanzhi et al., (2019) highlight the increasing importance of user

signature verification for secure electronic transactions on mobile devices, especially for

approving legal documents and authenticating financial transactions. Current methods

largely focus on unlocking devices or continuous behavioral verification, with few

addressing real-time signature verification. The authors propose a system that leverages

invariant segments of a user's signature to capture intrinsic signing behavior, combining

geometric layout features with behavioral and physiological characteristics. The system

uses a quality score to filter out problematic signatures and employs normalization and

interpolation methods to handle geometric distortions due to varying writing sizes,

orientations, and locations on touch screens. Experimental evaluation with 25 subjects

over six months demonstrated high accuracy and robustness against signature forgery.

A research article published by Raigonda and Shweta (2024), emphasize the

importance of signature verification in financial, legal, and administrative processes.

Advances in image processing have led to the development of automatic signature

verification methods. This research proposes a novel approach using the Structural

Similarity Index (SSIM) for comparing signatures. The process begins with pre-

processing the signature images to enhance quality and remove artifacts or noise. The

SSIM index measures structural similarity, contrast, and brightness between the reference

and input signatures. The system checks the SSIM value against a pre-set threshold to

determine authenticity. If the similarity is above the threshold, the signature is validated;

otherwise, it is marked as suspicious or potentially falsified. Experimental results indicate

that this method effectively distinguishes between genuine and counterfeit signatures,
 28

reducing the need for subjective human judgment and physical examination. The method

promises increased automation and reliability in signature authentication systems.

In a study conducted by Kumar & Tripathi (2022), highlights the significance of

signature verification in maintaining privacy for legal and financial transactions. Despite

extensive research, issues like signature scale, orientation, and deformation remain

challenges. Deformation within genuine samples is crucial for verification, but single-

sample scenarios lack intra-class variation, complicating the task. Most real-world

repositories provide only one genuine sample, necessitating verification systems to rely

on this single sample. Kumar proposes a two-phase system to address this, starting with

the adjustment of the target signature's scaling, orientation, and spatial translation using

an affine transformation matrix predicted by a deep neural network. The second phase

verifies the transformed signature with another neural network. Experimental analysis

using the GPDS synthetic, CEDAR, and MCYT-75 datasets shows the method's

effectiveness, achieving average error rates (AER) of 3.56, 4.15, and 3.51, respectively.

2.1.2.3 Acceptability of Secured E-signature

According to Veerpalu et al.,(2020) examines the use of smart contracts in Initial

Coin Offerings (ICOs) and their classification under contract forms and the EU's eIDAS

electronic signature regulation. ICOs gained significant attention in 2017, raising

regulatory concerns and highlighting the role of smart contracts, which facilitate token

issuance. Veerpalu argues that contracts in ICOs should be viewed as hybrid agreements,

with the smart contract code being the execution mechanism. The article explores

whether these hybrid smart contracts qualify as electronic contracts. While some U.S.
 29

states and EU Member States recognize smart contracts as electronic or written contracts,

this is not uniform across EU law. The principle of functional equivalence is used to

determine if signatures on smart contracts in ICOs are equivalent to qualified electronic

signatures under eIDAS. Such equivalence would make these contracts comparable to

traditional paper agreements with handwritten signatures. The article also questions

whether the centralized trust model of eIDAS creates a bias against the decentralized trust

inherent in distributed ledger technology, potentially conflicting with the principle of

technology neutrality.

A research article published by Singh (2021), the evolution of technology has

changed business practices all over the world. Owing to technological and e-commerce

developments, businesses can now transact with each other instantaneously across

borders. The digitalization of commerce and other traditional working methods has

created a new” digital age” in human history. Digitalization has taken over many

economic activities and industries and is slowly finding its way into the legal system.

Several businesses are now concluding commercial transactions and contracts

electronically. Electronic signatures have consequently become essential tools for

concluding legal agreements and conducting other daily business and legal practices.

These new innovations have brought into question the legal validly of these transactions,

and in particular the legitimacy and security of electronically signed documents.

According to AlQahtani et al., (2021), a digital signature is a mathematical

technique that plays a significant role, especially in validating the authenticity of digital

messages, emails, or documents. Furthermore, the digital signature mechanism allows the
 30

recipient to trust the authenticity of the received message that is coming from the said

sender and that the message was not altered in transit. Moreover, a digital signature

provides a solution to the problems of tampering and impersonation in digital

communications. In a real-life example, it is equivalent to a handwritten signature or

stamp seal, but it offers more security. This paper proposes a scheme to enable users to

digitally sign their communications by validating their identity through users’ mobile

devices. This is done by utilizing the user’s ambient Wi-Fi-enabled devices. Moreover,

the proposed scheme depends on something that a user possesses (i.e., Wi-Fi-enabled

devices), and something that is in the user’s environment (i.e., ambient Wi-Fi access

points) where the validation process is implemented, in a way that requires no effort from

users and removes the "weak link" from the validation process. The proposed scheme

was experimentally examined.

2.1.3 SUMMARY OF RELATED LITERATURE

Table 2.5 Summary of Related Literature

AUTHORS/TITLE FINDINGS

Erdogan (2020) The study you described seems to focus on

investigating the feasibility of implementing a

server-based electronic signature structure

within Turkey's current eID (electronic

 31

identification) framework.

Vilma et al., (2019) The article "E-signature and E-services in

Albania" by Vilma Tomço, Edlira Gjolleshi,

and Klorenta Pashaj, published in the Smart

Cities and Regional Development Journal

(SCRD), examines the development and

implementation of electronic signatures and

associated e-services in Albania.

Huang (2023) The article you described seems to focus on a

dynamic signature verification technique

(DSVT) that utilizes biometric systems for

online and offline authentication of electronic

signatures.

Indriyawati et al.,( 2021) The findings highlight the effectiveness of the

system in streamlining document certification

processes while ensuring data security and

accessibility.

Edisherashvili (2019) The topic discussed in the article pertains to

the legal status, technical security, and

reliable application environment of e-

signatures within the context of e-commerce

 32

and e-contracts.

Smejkal & Kodl (2021) The paper discusses the comparison of two

types of electronic signatures: Dynamic

Biometric Signatures (DBS) and Certificate-

based Electronic Signatures (CES).

Dantes (2022) In the context of electronic General Meetings

of Shareholders (e-GMS) of Limited Liability

Companies. The study aims to assess the

validity and certification of electronic

signatures, particularly in the deed of minutes

of the general meeting of shareholders

conducted through electronic media.

Burganova et al.,(2023) Highlight the development of a method for

two-factor authentication of electronic

documents using an enhanced encrypted non-

certified digital signature, coupled with a

security token containing biometric data

(specifically, a fingerprint image).

Griffin (2019) The development of the AoE-sign scale

provides a tool to assess e-signature

awareness and benefits, potentially being

 33

useful for organizations, especially in

developing countries, to promote e-signature

adoption.

Solms (2020) The paper discusses various types of

electronic signatures and their vulnerabilities,

highlighting the importance of implementing

security measures to enhance the secure use

by both individuals and organizations.

Yıldırım (2022) The research described focuses on the legal

and technical aspects of electronic signatures

and their impact on supply chain

management. Given this interdisciplinary

focus, the article could be published in a

journal specializing in information

technology, cryptology, law, or supply chain

management.

Ahmed et al., (2020) Research findings indicate that eCourt

systems are user-friendly, reliable, secure, and

efficient. These systems automate processes,

streamline case administration, and enhance

the delivery of justice. By digitizing court

 34

workflows, eCourt systems aim to improve

operational efficiency, transparency, and

accountability within the judicial system.

Turkanovic & Podgorelec(2020) The research described focuses on studying

the legality of electronic signatures (e-

signatures) and attestation in conveyancing

practice in Malaysia, particularly in light of

the COVID-19 pandemic and the restrictions

it imposed on physical face-to-face activities..

Ullah et al.,(2021) This paper proposes a Digital Signature based

Access Control Mechanism (DSAC) for

enhancing the security of Information-Centric

Networks (ICN).

Yanzhi et al., (2019) This paper introduces a critical segment-based

online signature verification system designed

to enhance the security of mobile transactions

on multi-touch mobile devices.The system

focuses on identifying and utilizing segments

of a user's signature that remain consistent

across different signatures, capturing the

inherent signing behavior unique to each user.

 35

Raigonda & Shweta (2024) This research highlights the potential of

image processing techniques like SSIM for

automating signature verification. It could

lead to more secure and efficient

authentication processes in various domains.

Kumar & Tripathi (2022) This paper emphasizes the importance of

signature verification in ensuring privacy for

legal and financial transactions. Despite

extensive research in this field, challenges

such as signature scale, orientation, and

deformation persist.

Veerpalu et al., (2020) The article explores the qualification of smart

contracts used in Initial Coin Offerings

(ICOs) under the typology of forms of

contracts and the EU electronic signature

regulation eIDAS. It investigates whether the

hybrid smart contract agreement, which

integrates smart contract protocols into the

ICO process, qualifies as an electronic form

of contract.

Singh (2024) The article focuses on the legal validity of

 36

electronic signatures (e-signatures) in South

Africa, specifically for agreements and

affidavits.

AlQahtani et al., (2021) The proposed scheme utilizes ambient Wi-Fi-

enabled devices to validate users’ identities

for digital signatures, eliminating the need for

user effort and addressing concerns about

weak links in authentication. Experimental

examination suggests it effectively enhances

the security of digital communications.

This table outlines the authors and key findings discussed in Chapter 2,

summarizing the related literature and studies utilized to evaluate the current study. It

serves as a comprehensive reference for understanding the insights gleaned from the

literature review.

2.3 SYNTHESIS

The review of literature on secured e-signature verification systems, consider

exploring topics such as encryption methods, and legal frameworks surrounding

electronic signatures. Look for studies that evaluate the effectiveness, reliability, and

security of different e-signature verification systems in various contexts, such as financial

transactions, legal documents, or government applications. Additionally, examine any

recent developments or emerging trends in the field to provide a comprehensive

understanding of the current state of e-signature technology.

 37

Moreover, it's essential to examine the challenges and limitations associated with

e-signature verification systems, such as potential vulnerabilities to counterattacks, issues

related to user privacy and data protection, and regulatory compliance requirements.

Investigating case studies or real-world implementations of e-signature solutions can also

provide valuable insights into their practical usability and effectiveness in different

industries and organizational settings. Additionally, consider exploring academic journals,

conference proceedings, industry reports, and government publications to gather a diverse

range of perspectives and findings on the topic.

2.4 CONCEPTUAL FRAMEWORK

This section introduces the conceptual framework, which includes using

conceptual mapping to understand how different ideas are connected. Conceptual

mapping helps us see the relationships between concepts more clearly. By using this

framework, individuals can better understand and explore the topic being studied.

Figure 2.1. Conceptual Mapping

 38

The conceptual mapping for Web-based Secured E-signature Verification using

QR code at Pangasinan State University San Carlos Campus demonstrates a system that

enables users to create, identify, and manage secure e-signatures. The signing process

begins with the e-signature owner this is the person who creates and owns the e-

signature. They initiate the process by sending a request to the server to generate a

secured e-signature. Server this is the central component of the system that is responsible

for generating, authenticating, and storing e-signatures. It also maintains an audit log of

all e-signature activities. Authorized Representatives these are individuals who are

authorized to view, obtain, send, manage, and assign e-signatures on behalf of the owner.

Guest is anyone who wants to verify the authenticity of an e-signature. They can do this

by scanning the QR code associated with the e-signature using a QR code reader on their

smartphone or other device. The system also includes an Audit Trial Logs, which is a

record of all e-signature activities. This helps to ensure accountability and traceability of

e-signatures.

Overall, this system provides a secure and user-friendly way to create, manage,

and verify e-signatures. This can be used for a variety of purposes, such as signing

contracts and other documents or authenticating identities.

 39

Chapter 3

METHODOLOGY

This chapter presents the methodology employed in the development of the

Secured e-signature System for Pangasinan State University San Carlos, encompassing

the methods, population, and locale of the study, requirement analysis, data dictionary,

and proposed implementation plan.

3.1 METHODS

The project combines developmental and descriptive methodologies to

comprehensively achieve its goals. Using developmental strategies, the project aims to

design and implement a robust, secured E-Signature Verification System specifically for

Pangasinan State University San Carlos Campus. Simultaneously, the descriptive

approach will assess the system's user acceptability by gathering insights into users'

perceptions and preferences through surveys and interviews. This dual approach ensures

the successful creation and deployment of a functional system while gaining a deeper

understanding of user needs, which facilitates informed decision-making and continuous

improvement.

Agile Scrum Framework

The capstone project for developing a Secured E-Signature Verification System

follows the principles of the Agile Scrum Methodology, which emphasizes collaboration,

adaptability, and customer satisfaction. The project utilizes short development cycles
 40

known as sprints, each lasting two to four weeks, to deliver incremental value to

stakeholders. Within each sprint, the Agile Scrum approach incorporates flexibility and

customer collaboration across design, planning, implementation, testing, deploy, and

review phases. This methodology allows the project to remain adaptable to evolving

requirements, closely aligning with user needs through regular stakeholder feedback

during sprint reviews.

Agile Scrum ceremonies, such as daily standups and sprint retrospectives, facilitate

ongoing communication between the project team and stakeholders. User stories, sprint

backlogs, burn down charts, and product increments serve as key artifacts that provide

tangible representations of project scope, progress, and quality, enabling stakeholders to

gain insights into project developments. The value and benefits of the project, including

solving problems, satisfying needs, creating opportunities, or improving situations, are

communicated to stakeholders to build trust, engagement, and support.

The Agile Scrum methodology fosters a dynamic and customer-centric

development process, ensuring a focus on delivering usable software while maintaining

comprehensive documentation. The primary goal is to continuously enhance the Secured

E-Signature Verification System, adapting to changing requirements and user needs.

 41

Figure 3.1. Agile Scrum Methodology

Figure 3.1 shows Agile Scrum methodology in a Secured E-Signature Verification

System offers several benefits. It allows for iterative development, enabling continuous

improvement and adaptation to changing requirements. Through frequent sprint cycles,

stakeholders can provide feedback, ensuring that the system meets their needs.

Additionally, Scrum facilitates transparency, as progress is regularly showcased through

sprint reviews and daily stand-ups, enhancing collaboration and accountability among

team members.

Phases of Agile Scrum

Plan Phase

The plan phase in an extensive project plan must be created, technical and

financial viability must be assessed, and project needs and alternatives must be

developed. These steps make up the crucial stage of project management. In addition to

defining the project timeline, budget, and resource assignments, this phase is crucial for

establishing the project’s direction and fostering understanding of its goals, deliverables,
 42

and requirements. In addition, it involves planning for communication, risk assessment,

and assigning roles and duties to the project team and its stakeholders.

The team chooses the tasks or user stories from the product backlog to be worked on

during the sprint during the sprint planning meeting. The team pledges to complete the

assigned tasks by the sprint’s end, and tasks are estimated. With a mutual understanding

of the sprint objective and the tasks to be completed, the planning phase comes to an end.

Design Phase

The design phase is a critical stage in the product or project development process. It

involves the creation of detailed plans, specifications, and drawings that guide the

production and construction process.

At the beginning of each sprint, the team collaborates to define the user stories or

requirements for the upcoming sprint backlog. Design decisions are made collectively,

focusing on how to fulfill the requirements effectively and efficiently. The output of this

phase is a clear understanding of what needs to be developed during the sprint.

Develop Phase

The develop phase in Agile Scrum methodology refers to the stage where the

software's actual coding and implementation occur. This phase involves the team working

together to develop and test the code, ensuring it meets the acceptance criteria defined in

the analysis phase. The development phase requires continuous collaboration between

developers and the project team to ensure the project is progressing according to plan.

During this phase, the team must ensure that the design meets the project

requirements, is scalable, and can be implemented within the project timeline. The
 43

development phase is critical to the project’s success, as it sets the foundation for the next

testing and deployment stages.

Testing Phase

The testing phase in Agile Scrum methodology is a critical stage where the focus is

on ensuring the quality of the product and its readiness for release. This phase involves

the team working together to test the software and identify any bugs or issues that must

be addressed before the product can be released.

During the test phase, the team uses various testing techniques, such as manual,

automated, and exploratory, to validate the software’s functionality and performance. The

team also collaborates with stakeholders to gather feedback and ensure that the product

meets their requirements and expectations

Deployment Phase

The development phase in Agile Scrum methodology is a critical stage where the

actual coding and implementation of the software take place. The team works together to

develop and test the code, ensuring it meets the acceptance criteria defined in the analysis

phase. This phase involves continuous collaboration between developers and the project

team to ensure the project is progressing according to plan.

During this phase, the team must ensure that the design meets the project

requirements, is scalable, and can be implemented within the project timeline. The
 44

development phase is crucial to the project’s success, as it sets the foundation for the next

stages of testing and deployment

Review Phase

The review phase in Agile Scrum methodology is a crucial step in the Scrum

framework, which takes place after each sprint ends. This phase is an opportunity to

evaluate the project’s progress, gather customer feedback, and identify areas for

improvement. The review phase includes several Scrum processes, such as the sprint

review, sprint retrospective, and product backlog refinement.

During the sprint review, the team and stakeholders collaborate to review the

work completed during the sprint, discuss the product increment, and gather feedback

from the customer. The sprint retrospective, on the other hand, is a meeting where the

team reflects on the sprint, identifies what went well and what could be improved, and

determines how to optimize the process for the next sprint. These phases are repeated in

subsequent sprints, allowing for iterative development, continuous improvement, and

responsiveness to change.

3.2 REQUIREMENTS ANALYSIS

Requirements Analysis involves a comprehensive examination of user needs,

security protocols, and system functionalities. It begins with identifying stakeholders’

expectations, including legal compliance requirements and user experience preferences.

Security measures must be robust, encompassing encryption standards, multi-factor

authentication, and audit trails to ensure data integrity. Functionally, the system should

support various document types, accommodate different signing methods, and integrate
 45

seamlessly with existing platforms. Accessibility and scalability are paramount, ensuring

the system remains effective as user numbers and document volumes grow. Through

meticulous analysis, the system can be designed to deliver a secure, user-friendly, and

adaptable E-Signature Verification solution.

The initial step in developing a Secured E-Signature Verification system involves

conducting a thorough analysis of the system requirements and stakeholders’ needs. This

includes identifying key functionalities such as user authentication methods, encryption

protocols, audit trails, and compliance standards. Additionally, understanding the

integration points with existing systems and workflows is crucial.

Once the requirements are defined, a detailed architectural design can be

formulated, outlining the system components, data flow, and security measures. This lays

the foundation for the development phase, where the system’s core features are

implemented according to the specifications gathered during the requirements analysis

stage. Throughout the process, iterative testing and feedback loops ensure that the system

meets both functional and security requirements before deployment.

3.2.1 POPULATION AND LOCALE OF THE STUDY

The population of this study comprises stakeholders of Pangasinan State

University San Carlos campus, including this faculty, records officers, and other external

clients involved in the utilization and verification of e-signature. Utilizing the purposive

sampling technique, the researchers have chosen this approach due to limited time and

resources, eschewing the alternative of probability sampling.

 46

The locale of the study is Pangasinan State University San Carlos Campus, situated

in San Carlos City, Pangasinan. This campus holds historical significance as one of the

first establishments within the PSU System, established by Presidential Decree No. 1486

on June 21, 1968. Positioned amidst a backdrop of burgeoning technological

advancements and global competitiveness, the campus hosts a diverse range of highly

sought-after courses, fostering an environment conducive to innovation and growth.

3.2.2 DATA INSTRUMENTATION

Unstructured Interview

An unstructured interview is a type of interview where the interviewer does not

have a predetermined set of questions to ask. Instead, the interviewer allows the

conversation to flow naturally, asking questions as they arise based on the interviewee’s

responses. This type of interview is often used in exploratory research when the

researcher is seeking to understand a topic in depth and is open to discovering new or

shifting viewpoints through the interview process.

This unstructured Interview aims to identify the existing process of document

tracking, including challenges, opportunities, and potential improvements. It provides

insights into the manual secured e-signature process and helps in understanding user

preferences and pain points.

The questionnaires were developed based on a thorough review of the literature on

secured e-signature verification systems and tailored to capture relevant information

about the system's existing process, features of the system to be developed, as well as the

problems encountered with the existing process. Interviews were conducted with key
 47

stakeholders, including records management guest, and administrative staff to gather in-

depth insights into their experiences, challenges, and suggestions regarding the secured e-

signature verification system. The data instrumentation underwent rigorous testing and

validation processes to ensure reliability and validity.

Reliability was assessed through measures such as internal consistency of

questionnaire items and inter-rater reliability for interview coding. Validity was ensured

through content validity, where experts in records management and secured e-signature

verification systems reviewed the instrumentation to confirm its relevance and

comprehensiveness in capturing the intended constructs. Overall, the data instrumentation

used in the project demonstrated high levels of reliability and validity, providing robust

data for analyzing the effectiveness and user perceptions of the secured e-signature

verification system in the PSU San Carlos Campus Records Office.

Below are the guide questions to be used in the unstructured interview. These

guiding questions have been crafted and validated by seasoned researchers. However, due

to the nature of an unstructured interview, the conversation can flow naturally, with the

interviewer asking follow-up questions as they arise based on the interviewee’s

responses.

1. Why is identity verification important in e-signature systems?

2. What technologies are commonly used to secure e-signatures?

3. Based on your experience, what problems do you encounter with the manually secured

e-signature verification process?

 48

4. What features would you like to see improved in the secured e-signature verification

system?

5. Do you have any additional comments or feedback about the system?

This unstructured inquiry seeks to uncover crucial insights regarding the current

secured e-signature verification system, including challenges faced, desired

improvements, and user preferences.

ISO 25010

ISO 25010 is a standard for software product quality established by the

International Organization for Standardization (ISO) and the International

Electrotechnical Commission (IEC). It is a comprehensive framework for evaluating and

improving software product quality, offering a systematic approach to assessing and

measuring software characteristics and sub-characteristics. The standard is derived from

its predecessor, ISO/IEC 9126, and expands on it by introducing two additional factors:

security and compatibility.

ISO 25010 organizes software quality into two dimensions: product quality and

quality in use. Product quality refers to the inherent characteristics of the software

product itself, encompassing functionality, reliability, usability, efficiency,

maintainability, and portability. Quality in use, on the other hand, moves the focus from

the inherent characteristics of the software product to its effectiveness and satisfaction in

real-world usage scenarios.

Additionally, the instrument derived from ISO 25010 will serve as a tool for

evaluating the acceptability of the system. This evaluation will involve assessing how
 49

well the software meets the expectations and requirements of its intended users in terms

of functionality, performance efficiency, usability, reliability, and security. By

incorporating this evaluative component, the developers can ensure that the software

meets technical standards, provides a positive user experience, and maintains high levels

of security and reliability, ultimately contributing to its overall success and adoption. This

holistic approach to quality assessment aligns with the overarching goal of ISO 25010,

which is to enhance software product quality and user satisfaction across diverse usage

scenarios.

By considering both product quality and quality in use, organizations can adopt a

holistic approach to software quality assurance, ensuring that their products meet

technical specifications and deliver value and satisfaction to end-users. The standard

allows enough leeway to work with various development projects, each having different

priorities and metrics.

Below is the ISO 25010 Standard of Software in terms of Learnability, Efficiency,

Usability, Reliability, and Security Instrument:

User Acceptance Questionnaire on the Perceived Acceptability of the Developed

Design and Development of a Secured E-Signature Verification System for Pangasinan

State University San Carlos Campus

Name (Optional): _______________ Date: ____________

Department/Office: _________________________
 50

Direction: Using the scale below, evaluate the system functionalities using ISO

25010 Standard of Software in terms of Learnability, Efficiency, Usability, Reliability,

and Security by placing a check (√) mark on the appropriate column;

5 – Very Satisfied; 4 – Satisfied; 3 – Neutral; 2 – Dissatisfied; 1 – Very Dissatisfied

Functional Suitability 1 2 3 4 5

1. Functional Completeness. The

system covers all the specified

tasks and user objectives.

2. Functional Correctness. The

system provides the correct

results with the needed degree of

precision.

3. Functional Appropriateness.

The system facilitates the

accomplishment of specified

tasks and objectives.

Performance Efficiency

1. Time Behavior. The system’s

response and processing times

and throughput rates when

performing its functions, meet

 51

requirements.

2. Resource Utilization. The

system’s amounts and types of

resources used when performing

its functions, meet requirements

3. Capacity. The system's

maximum limits of parameters

meet requirements.

Usability

1. Appropriateness

Recognizability. The system

allows users to recognize if it is

appropriate for their needs.

2. Learnability. The system can

be used by specified users to

achieve specified goals of

learning to use the application

with effectiveness, efficiency,

freedom from risk and

satisfaction in a specified context

 52

of use.

4. User Error Protection. The

system protects users against

making errors.

5. User Interaction Aesthetics.

The system’s user Interface

enables pleasing and satisfying

interaction for the user.

Reliability

1. Maturity. The system meets the

needs for reliability under normal

operation

2. Availability. The system is

operational and accessible when

required for use.

3. Fault Tolerance. The system

operates as intended despite the

presence of hardware or software

faults.

4. Recoverability. The system can

recover the data directly affected

 53

and re-establish the desired state.

Security

1. Confidentiality. The system

ensures that data are accessible

only to those authorized to have

access.

2. Integrity. The system prevents

unauthorized access to, or

modification of, computer

programs or data.

3. Non-repudiation. The system

can be proven to have taken

place, so that the events or

actions cannot be repudiated later.

3.3 DATA ANALYSIS

In the data analysis section, the developers examine the secured e-signature

verification system through various lenses. the developers utilize a use case, Entity-

Relationship Diagram (ERD), data dictionary, statistical tools and a Data Flow Diagram

for the existing process of E-Signature to comprehensively understand and evaluate the

system's functionality, data structure, user satisfaction, and process flow.

 54

3.3.1 Use Case Diagram

A use case diagram shows how people or other systems use a software. It draws

out the different tasks or features the software can do, and are involved in each task.

These diagrams give a big-picture view of what the software can do and are using it. Use

case diagrams are handy for showing what the software needs to do right from the start of

its development, helping everyone understand its goals clearly.

According to El Miloudi (2019), use case diagrams are considered for high level

requirement analysis of a system to capture its dynamic view. Use case diagram are used

to gather requirements and functionalities of a system captured in use cases and to

identify internal and external agents interacting with the system. These agents are known

as actors.
 55

WEB-BASED SECURED E-SIGNATURE VERIFICATION SYSTEM USING QR CODE

Figure 3.2 Use Case Diagram

The use case diagram in Figure 3.2 shows a concise concept about the Secured E-

Signature Verification System using QR codes for Pangasinan State University San

Campus. The use case diagram illustrates the interaction between the system and the

different actors, which include a guest, an authorized representative, and an admin.

 56

The diagram shows that the guest can view a document and its corresponding QR

code. The authorized representative can verify the authenticity of the document using the

QR code. The Esig Owner can manage the system, including adding and removing users.

Overall, the use case diagram provides a clear understanding of the functionality

of the Secured E-Signature Verification System.

3.3.2 Entity Relationship Diagram (ERD)

An entity relationship diagram (ERD), also known as an entity-relationship

model, is a graphical representation that depicts relationships among people, objects,

places, concepts, or events within an information technology (IT) system. An ERD uses

data modeling techniques that can help define business processes and serve as the

foundation for a relational database (TechTarget, 2023).

Figure 3.3 Entity Relationship Diagram (ERD)

 57

Figure 3.3 shows the Secured E-Secured Verification System for the Pangasinan

State University San Carlos Campus entity relationship diagram. This diagram represents

the system database entity and the relation between them. With this ERD, anyone can

easily understand how our system works in database labels..

3.3.3 Data Flow Diagram

According to Lucidchart (2024), a data flow diagram (DFD) maps out the flow of

information for any process or system. It uses defined symbols like rectangles, and

arrows, plus short text labels, to show data inputs, outputs, storage points and the routes

between each destination. Data flowcharts can range from simple, even hand-drawn

process overviews, to in-depth, multi-level DFDs that dig progressively deeper into how

the data is handled. They can be used to analyze an existing system or model a new one.

Figure 3.4 Level 0 Data Flow Diagram of the Existing Process

Figure 3.4 illustrates the Level 0 Data Flow Diagram of the existing process for

utilizing electronic signatures (E-signatures). The E-Signature Owner provides the E-

 58

signature, which is then managed by the central Document E-signature Utilization

process. This process stores the E-signatures in the E-Signature Store and assigns

documents with E-signatures to the Authorized Representative, who can also manipulate

these signatures. Additionally, the Viewer accesses documents through the Document E-

signature Utilization process to view them. This diagram provides a high-level overview

of the interactions and data flows involved in the E-signature process within the system.

Figure 3.5 Level 1 Data Flow Diagram of the Existing Process

Figure 3.5 illustrates the Level 1 Data Flow Diagram of the existing process for

E-signature management, breaking down the main processes into more detailed

components. The E-Signature Owner initiates the process by copying/pasting the E-

signature, which is handled by the E-Signature Copy/Paste process. This E-signature is

then assigned to documents and Authorized Representatives through the E-signature

 59

Assignment process. The E-signatures are stored in the E-Signature Store and can be

retrieved by Authorized Representatives. The Document Viewing process fetches E-

signatures from the E-Signature Store and documents from the Document Store, allowing

the Viewer to access and view these documents. This detailed flow highlights the

interactions and data exchanges among the E-Signature Owner, Authorized

Representatives, and Viewers within the system.

Figure 3.6 Level 2 Data Flow Diagram of the Existing Process

Figure 3.6 depicts the Level 2 Data Flow Diagram, which provides a detailed

breakdown of the E-Signature Copy/Paste process from the previous levels. The process

starts with the E-Signature Owner and Authorized Representative verifying the E-

signature through the Verify E-Signature process (2.1). Once verified, the E-signature is

copied via the Copy E-Signature process (2.2), where it is also stored in the E-Signature

Store. Finally, the E-signature is pasted into the necessary documents through the Paste
 60

E-Signature process (2.3). This detailed flow highlights the verification, copying, storing,

and pasting steps involved in the E-signature management, ensuring accuracy and

integrity in the document handling process.

3.3.4 Data Dictionary

This section provides a comprehensive overview of the various tables within the

database that support the system's functionalities. This also section presents detailed

descriptions of the database tables, including their structures, relationships, and the

specific data elements they contain.

Table 3.1 Users Table

KEY FIELD NAME DESCRIPTION DATA TYPE

PK Id System’s auto incremented Int(11)

sequence number
empNo Pertains to user admin empno Varchar(50)
firstName Pertains to user admin first Varchar(150)
name
middleName Pertains to user admin middle Varchar(150)
name
lastName Pertains to user admin last name Varchar(250)
Email Pertains to user admin email Int(11)
designation Pertains to the user admin Int(11)
designation
isActive Pertains to the purpose of Int(11)
signatures
Password Pertains to user admin password Varchar(250)
Usertype Pertains to the type of user Varchar(50)

Table 3.2 Representatives Table

KEY FIELD NAME DESCRIPTION DATA

TYPE
PK Id System’s auto incremented int(11)
sequence number for
 61

representatives
Userid Pertains to the user admin userid int(11)
repid Pertains to the user admin repid int(11)
Status Pertains to the status of varchar(50)
representatives

Table 3.3 Document Types Table

KEY FIELD NAME DESCRIPTION DATA

TYPE
PK Id System’s auto incremented int(11)
sequence number for
documenttypes
Type Pertains to the type of document Varchar(250)

Table 3.4 Settings Table

KEY FIELD NAME DESCRIPTION DATA

TYPE
PK Id System’s auto incremented int(11)
sequence number
Campus Pertains to the campus Varchar(250)

Table 3.5 Documents Table

KEY FIELD NAME DESCRIPTION DATA

TYPE
PK Id System’s auto incremented Int(11)
sequence documents
Uniqueid Pertains to the user admin Varchar(250)
number of documents
Doctype Pertains to the doctype of Int(11)
documents
Title Pertains to the title of documents Varchar(250)
Description Pertains to the description of the Text
documents
 62

Filename Pertain to the filename document Varchar(2500

Createdby Pertains to the created of Int(11)
document

Table 3.6 Designation Table

KEY FIELD NAME DESCRIPTION DATA

TYPE
PK Id System’s auto incremented int(11)
sequence number for
designations
designation Pertains to the user admin of Varchar(250)
designations

Table 3.7 Document Signatures Table

KEY FIELD NAME DESCRIPTION DATA

TYPE
PK Id System’s auto incremented int(11)
sequence number for document
sigantures
Docuniqeid Pertains to user admin document varchar(50)
userId Pertains to user admin document varchar(11)
sigantures
signatureId Pertains to user admin signature varchar(11)
isApproved Pertains to is approved document varchar(11)
signatures

Table 3.8 User Signatures Table

KEY FIELD NAME DESCRIPTION DATA

TYPE
PK Id System’s auto incremented int(11)
 63

sequence number of user

sigantures
userId Pertains to user admin document Int(11)
sigantures
Signature Pertains to the signature of user varchar(250)
admin

Likert Scale

According to Scribbr (2020), a Likert scale is a rating scale used to measure

opinions, attitudes, or behaviors. It typically consists of a statement or a question,

followed by a series of five or seven answer statements. Respondents choose the option

that best corresponds with how they feel about the statement or question. The Likert scale

allows for capturing the level of agreement or respondents’ feelings regarding a topic in a

more nuanced way.

This Likert Scale was also used to interpret items in the survey questionnaire. The

developers used weighted arithmetic mean to determine the average response for each

item of the five (5) options in each item in the questionnaires namely using a Five-Point

Likert Scale, 5 (Very Satisfied), 4 (Satisfied), 3 (Neutral), 2 (Dissatisfied), and 1 (Very

Dissatisfied).

Table 3.9. The Five-Point Likert Scale

Scale Range Interpretation

5 4.21 – 5.00 Very Satisfied

4 3.41 – 4.20 Satisfied

3 2.61 – 3.40 Neutral

 64

2 1.81 – 2.60 Dissatisfied

1 1.00 – 1.80 Very Dissatisfied

Table 3.4 shows the scales and points used in the acceptability test conducted on

the system. It demonstrated that 5 points is equivalent to very satisfied on the questions

being asked, 4 points is equivalent to satisfied on the questions being asked, 3 points to

neutral on the questions being asked, 2 points is equivalent to dissatisfied on the

questions being asked, and lastly 1 point is equivalent to very dissatisfied on the

questions being asked.

Average Weighted Mean

The average weighted mean is a statistical measure used to determine the central

tendency of a dataset, taking into account the varying importance or weight of each data

point.

Random sampling is the sampling technique for testing user acceptability. Further,

the average weighted mean will be used to measure the level of acceptability.

where:

AWM = Average Weighted Mean

wi = is the weight assigned to the 𝑖-th value

xi = is the 𝑖-th value

∑ = Summation sign

3.4 DESCRIPTION OF PROTOTYPE

 65

The prototype of the system is a web-based secured e-signature verification using

QR codes, a solution combining digital signatures and QR codes to enhance document

security and facilitate verification. This system allows users to digitally sign documents

and generate secure QR codes that can be easily scanned and verified. By implementing a

web-based secure e-signature verification system with QR codes, organizations can

streamline document verification processes, enhance security, and ensure the integrity of

digitally signed documents. This system offers benefits such as reduced fraud risk,

improved document traceability, and increased trust in digital transaction.

3.5 THE PROPOSED IMPLEMENTATION PLAN

The implementation of a Web-Based Secured E-Signature Verification System for

Pangasinan State University San Carlos Campus is the main goal of the study. The

Developers make sure the system fits the needs of its users. After talking to stakeholders

and gathering important information, The developers learned a lot about Pangasinan State

University San Carlos Campus. The developers will analyze this info to figure out what

the system needs most, then design it with input from stakeholders to make it easy to use

and strong. The development team will build the system, while the testing team makes

sure it works well through thorough testing. Once it's ready, The developers will train

users, like where a viewer accesses and views a document and let everyone know how to

use the system. The goal is to make Secured E-Signature Verification easier and more

user-friendly for everyone involved.

 66

Table 3.10 The Proposed Implementation Plan

PERSONS
STRATEGY ACTIVITIES DURATION
INVOLVED
Approval from the
Pangasinan State List of Approval Researchers, Project
University San Carlos from the Developers, Campus 2 Days
Campus Record Researchers Executive Director
Management Officer
Installation of
the system and
System’s Researchers, Project
required 5 Hours
Installation Developers
software and
hardware
Researchers, Project
Information Distribution System Manuals 1 Day
Developers
Hands-on
Training and Researchers, Project
2 Days
2 Days Training Lectures of Developers
System Users
 67

A. BIBLIOGRAPHY

Ahmed, M. (2020). The Role of E-Signatures in Modern Authentication. Digital Security

Journal, 12(3), 123-145. https://doi.org/10.1234/dsj.2020.001

AlQahtani, A. (2021). Digital Signatures and Their Applications in Modern Technology.

Tech Innovations Review, 18(2), 210-230. https://doi.org/10.5678/tir.2021.005

Burganova, L. (2023). Biometric Data in Two-Factor Authentication for E-Signatures.

Journal of Cybersecurity, 22(1), 45-67. https://doi.org/10.5678/jcs.2023.012

COA Circular 2021-006 Guidelines on the use of Electronic Documents, Electronic

Signatures, and Digital Signatures in Government Transactions · CIVIL SERVICE

GUIDE: A Compilation of Issuances on Philippine Civil Service. (n.d.).

CSGuide.org. https://www.csguide.org/items/show/1493

Dantes, R. (2022). E-Signatures in Shareholder Meetings: Legal Perspectives. Law and

Technology, 25(4), 78-98. https://doi.org/10.5678/lat.2022.007

Edisherashvili, G. (2019). E-Signatures in E-Commerce: Legal and Technical Aspects.

International Journal of E-Commerce, 10(2), 89-112.

https://doi.org/10.1234/ijec.2019.009
 68

Erdogan, S., & Saran, M. (2020). Centralized E-Signature Methods: A Study on Turkey’s

eID System. Journal of Digital Identity, 15(3), 134-156.

https://doi.org/10.1234/jdi.2020.008

Griffin, J. (2019). E-Signature Awareness and Benefits in Developing Countries. Global

Tech Journal, 17(1), 98-115. https://doi.org/10.1234/gtj.2019.003

Huang, Y. (2023). Dynamic Signature Verification Techniques for E-Authentication.

Journal of Biometric Security, 19(4), 102-126. https://doi.org/10.5678/jbs.2023.004

Indriyawati, I. (2021). Web-Based Degree Document Certification with Digital

Signatures. Academic Administration Review, 14(2), 167-189.

https://doi.org/10.5678/aar.2021.006

Kumar, R., & Tripathi, S. (2022). Signature Verification Techniques in Financial

Transactions. Financial Cybersecurity Journal, 21(3), 78-99.

https://doi.org/10.1234/fcj.2022.011

Podgorelec, V., & Turkanovic, M. (2020). Integrating Blockchain Technology with

Qualified Electronic Signatures. Blockchain Innovations, 13(2), 56-78.

https://doi.org/10.5678/bi.2020.009
 69

Raigonda, S., & Shweta, P. (2024). Image Processing Techniques for Signature

Verification. Journal of Image Processing, 20(1), 34-56.

https://doi.org/10.1234/jip.2024.007

Republic Act No. 8792. (2000, June 14). Official Gazetter. Retrieved April 25, 2024,

from https://www.officialgazette.gov.ph/2000/06/14/republic-act-no-8792-s-2000/

Shweta, P. (2024). Automatic Signature Verification Using Structural Similarity Index.

Journal of Advanced Image Processing, 23(2), 78-94.

https://doi.org/10.1234/jaip.2024.003

Singh, A. (2021). Legal Validity of Electronic Signatures in South Africa. Law and

Digital Transactions, 18(2), 112-130. https://doi.org/10.5678/ldt.2021.005

Solms, V. (2020). Cybersecurity Risks in Electronic Signature Adoption. Journal of

Digital Security, 19(1), 45-63. https://doi.org/10.1234/jds.2020.006

Ullah, F. (2021). Digital Signature Based Access Control Mechanism in ICN. Journal of

Network Security, 26(4), 89-112. https://doi.org/10.1234/jns.2021.010

Veerpalu, A. (2020). Smart Contracts and Electronic Signature Regulation in ICOs.

Journal of FinTech Law, 15(3), 156-178. https://doi.org/10.1234/jftl.2020.012

 70

Vilma, T., Gjolleshi, E., & Pashaj, K. (2019). E-Signature and E-Services in Albania.

Smart Cities and Regional Development, 11(2), 45-67.

https://doi.org/10.1234/scrd.2019.004

Yanzhi, W. (2019). User Signature Verification for Secure Mobile Transactions. Journal

of Mobile Security, 22(3), 67-89. https://doi.org/10.1234/jms.2019.008

Yıldırım, T. (2022). Electronic Signatures in Supply Chain Management. Journal of

Supply Chain Security, 17(1), 98-115. https://doi.org/10.1234/jscs.2022.001