Box Status
Print

Additional Recipient Authentication

End User , Box Sign , 2fa , Security and compliance , Instructions , Article , New , Product Utilization , Instruction

Box Sign provides an extra layer of security by allowing senders to apply additional recipient authentication methods, including: 

  • Box login: the recipient needs to log in to their Box account before starting the sign process. (Available only on the Enterprise Plus and Enterprise Advanced plans)
  • SMS authentication: Box sends the recipient an SMS text message to verify the recipient’s identity.
  • Password: the recipient needs to input the password you provide before starting the sign process.
  • CAC/PIV: On a computer with a Windows Operating System with Box Tools installed, the recipient uses their Common Access Card (CAC) or Personal Identification Verification (PIV) card to access the signature request and continue with the signature request process. See CAC/PIV E-Signature Authentication  – Box Support for more information.

Senders can only select one of the available authentication methods from the dropdown per signature request.

Note:
  • Activating additional authentication does not mean the signers also receive a signature request via text message.
  • Box login is selected by default and locked as a requirement for CFR Part 11 signature requests.
  • CAC/PIV requires a Windows machine and Box Tools to begin and complete the signature request.

 

Password authentication

To add a password for a recipient:

When preparing a document for signature:

  1. Add the email address of a recipient.
  2. Click the recipient's email address.
  3. Click Require Password.
  4. Under Enter Password type a password.
  5. Separately provide the password to this recipient.

Sms authentication

To add SMS Authentication for a recipient:

When preparing a document for signature

  1. Add the email address of a recipient.
  2. Click the recipient's email address.
  3. Select SMS Authentication in the dropdown.
  4. Select a country code.
  5. Type the recipient's phone number.

Box Login

To require recipients to log in to Box:

When preparing a document for signature:

  1. Add the email address of a recipient.
  2. Click the recipient's email address.
  3. Select Box Login in the dropdown.

CAC/PIV authentication

To require CAC/PIV for a recipient:

CAC/PIV E-Signature Authentication

  1. Add the email address or name of a recipient.
  2. Set the recipient last in the signing order.
  3. Click the recipient's name or email address.
  4. Select CAC/PIV from the dropdown.
  5. Set the recipient needed to complete the CAC/PIV authentication process as the last signer.

Note: If the recipient is part of an enterprise that has a Box account, they may need to contact their account Admin and confirm that they can be provisioned to authenticate themselves. If the recipient does not have a Box account to authenticate themselves, they can sign up for a free Box account here.


Revise Request

When revising a request that has already been sent out, and the recipient has not signed or approved the request, senders can change the security settings for the recipient.

If SMS authentication and/or password authentication are applied, you will not have access to the previously chosen password or phone number, but you can replace them by clicking on ‘Change Password’ and ‘Change Phone Number’, if needed.

Once the recipient has signed or approved the signature request, the security settings cannot be changed.

Related articles