We will be releasing support for CAC (Common Access Card) and PIV (Personal Identity Verification) smart card authentication via the Box Sign API, bringing government-grade identity verification to your e-signature workflows. This is a follow up the release of CAC/PIV smart card authentication in Box Sign.
This release enables developers to programmatically require CAC/PIV smart card verification for signature request recipients, meeting the rigorous identity assurance standards required by federal agencies, defense contractors, and regulated industries.
Box Sign's API will include a new verification_method property on the signer object, supporting cac_piv as a verification type. When enabled, signers must authenticate using their CAC or PIV smart card before they can sign a document, ensuring only verified, credentialed individuals can complete sensitive signing workflows.
API support for CAC/PIV authentication in Box Sign will be available for enterprises who have purchased the CAC/PIV smart card authentication add-on and who have CAC/PIV permissions enabled.
To learn more about this release, please see the Extra Security (2FA) Developer Documentation, or contact your Box account representative to learn more or to enable this feature for your organization.