Created Feb 6, 2025Feature
We released the ability for U.S. Federal Government customers to authenticate their signers by requiring them to use their common access cards (CAC) or personal identity verification cards (PIV). U.S. Government organizations require additional security measures to safeguard critical information and data. Common Access Cards, or CAC cards, are identification cards that are issued to U.S. Department of Defense personnel. They enable physical access to buildings and provide access to DoD computer networks and systems. While CAC cards are the primary identification cards for DoD personnel, Personal Identification Verification cards, or PIV cards, are smart cards used by other branches of the U.S. Federal Government that contain a certificate and a private key to gain access to computers, networks, and online resources.
With Box Sign, U.S. Federal Government organizations can now enable and require signature request recipients to authenticate themselves using their CAC or PIV smart cards before gaining access to sign the Box Sign signature request. Admins can configure their enablement settings to toggle CAC/PIV signer authentication on or off for specific users or groups. Additionally, senders can configure the the CAC/PIV signer authentication setting when initiating and sending a signature request. Signers are prompted to insert their CAC or PIV smart card into their smart card readers, enter their pin number successfully, and apply their signature to complete the request.
Signers can authenticate themselves via their CAC/PIV smart cards on Windows devices only. Additionally, Box Tools must be installed on the Windows device for each user receiving signature requests requiring CAC/PIV authentication. CAC/PIV smart card authentication is only available for single signers within a signature request.
To learn more about CAC/PIV smart card authentication in Box Sign, please see CAC/PIV E-Signature Authentication and Additional Recipient Authentication.
Created Jan 23, 2025Feature
We released the ability for managed users to share their signature requests in Box Sign with other managed users, enabling users with the flexibility to track the progress of signature requests sent in Box Sign by other managed users, as well as move requests forward when original senders are out of the office or otherwise unable to revise, cancel, or delete signature requests and increase signature request completion rates. With this feature enabled, managed users can provide the following actions to signature requests that were initiated by other managed users:
Revise signature requests, including:
Modify recipient email addresses
Modify recipient authentication method
Remove recipients
Modify fields and field properties
Cancel signature requests
Delete signature requests
Send reminders
Save a signature request as a reusable template
Download the files within a signature request
With shared signature requests in Box Sign:
Managed users can track the progress of and collaborate on signature requests sent and shared by other managed users in a new 'Shared with Me' tab within the Box Sign home page.
All signature requests sent after the release of this feature will begin to show up in the ‘Shared with Me’ tab.
The ability for certain users to access requests of other users under the ‘Shared with Me’ tab are dictated by permission levels for individual files and folders, similar to how reusable templates are shared within Box Sign.
Saving a signature request in a shared folder enables all users with 'Viewer' or 'Editor' permissions to the file/folder to view or co-manage a signature request.
This feature is toggled 'on' by default for all managed users within your EID who have been enabled to use Box Sign. This means any content that is sent for signature and is saved in a save location folder that is shared with other users will be visible and actionable to those users depending on their permissions. If you choose to disable it or enable it for specific users or groups, your admins will be able to do so via the Admin Console → Enterprise Settings → Box Sign settings → User Permissions.
How will signature requests be shared with other users?
At least one of the following conditions must be met in order for users to view/modify signature requests that are sent by other users within the same account:
Users will need to be invited as collaborators within the save location folder of a signature request.
Users will need to be invited as collaborators within the duplicate PDF file(s) that is created from the source file(s) when a signature request is initiated.
If a user is added as a 'Viewer' within the save location folder of a signature request, they can:
Send reminders
Save a signature request as a reusable template
Download the files within a signature request
If the user is added as an 'Editor' on the save location folder within a signature request, they can perform all the actions of a 'Viewer' as well as the following actions:
Revise, cancel, or delete a signature request
Permissions can be configured natively within Box before or after a signature request is initiated, as well as after the signature request is completed, in order for the request to be shared with other users.
The table below provide more information:
How to prepare your users for shared signature requests
When your users access their Box Sign accounts on the day this feature is released (January 23, 2025), they will see the 'Shared with Me' tab. Since the folder and folder permissions within Box determine which signature requests are shared with which users, we recommend you review the 'Understanding Collaborator Permission Levels' article, and modify permission settings on files or folders that contain content that you do not want exposed to other users within your EID. As an Admin, you have the ability to disable this feature for specific users if you do not want them to collaborate on signature requests sent by other users. We recommend leveraging Box reporting capabilities to surface this content seamlessly.
To learn more about sharing signature requests in Box Sign, please see Sharing Signature Requests.
Created Jan 15, 2025Update
We released the ability for Admins to configure customizable signing reasons, as well as for signers to provide their own customized signing reason, within Box Sign signature requests that have been enabled to support 21 CFR Part 11 compliance. This is a follow up to the release of support for 21 CFR Part 11 compliance in Box Sign in January 2024.
With this feature enabled, Admins have the ability to configure multiple signing reasons that signers can select from in the 'Signing Reason' dropdown menu when applying their signature and/or initials to a 21 CFR Part 11 enabled signature request in Box Sign. Additionally, Admins can enable the option for signers to provide their own customized signing reason by selecting 'Add your own reason' from the 'Signing Reason' dropdown menu when applying their signature and/or initials to a 21 CFR Part 11 enabled signature request in Box Sign.
Previously, signing reasons were not customizable and signers could only select from the following predefined signing reasons:
I read and approve this document
I read and agree to this document
I read and authored this document
With configurable signing reasons to support 21 CFR Part 11 compliance in Box Sign, life sciences organizations and signers have more flexibility when completing signature requests.
You can learn more about Support for 21 CFR Part 11 Compliance by leveraging the following resources:
Box Sign Support for 21 CFR Part 11 Compliance Support Documentation
Box Sign Support for 21 CFR Part 11 Datasheet
Box Sign Support for 21 CFR Part 11 Solution Brief
Get to Know the Content Cloud for Life Sciences E-Book
Box Sign Support for 21 CFR Part 11 Compliance Informed Consent Demo Video
Support for 21 CFR Part 11 & GxP in Box (PPT)
Created Dec 12, 2024Update
We made modifications to how signers are authenticated when the SMS authentication configuration is enabled by senders in Box Sign.
Previously, when SMS authentication was enabled, signers were not prompted to authenticate themselves until the end of a signature request when they completed all the required fields assigned to them. We modified the signer authentication workflow to require signers to authenticate themselves via SMS authentication before they gain access to view, fill, and sign the signature request. This modification aligns with industry standards and other signer authentication workflows within Box Sign like Box account login and password authentication.
To learn more, see Additional Recipient Authentication in Box Sign.
Created Sep 3, 2024Feature
We introduced the ability for signers to re-authenticate themselves and select a signing reason any time they apply their initials to an initials field within a 21 CFR Part 11 signature request in Box Sign. Additionally, the 21 CFR Part 11 compliance signature frame is now applied to the initials field in addition to the signature field.
We also made adjustments to the minimum and maximum signature and initials field sizing requirements to ensure that the final signed files contain 21 CFR Part 11 signature and initials frame details that are clearly legible. We recommend senders review the signature request field and field properties when leveraging reusable templates and prior to sending files out for signature.
Previously, signers were not prompted to re-authenticate themselves or select a signing reason when applying their initials to an initials field within a 21 CFR Part 11 signature request in Box Sign. As a result, when initials were applied to a 21 CFR Part 11 signature request, the initials field did not contain the 21 CFR Part 11 signature frame and details associated with the signer and the signature request. Additionally, the signature field was adjustable to any size the sender prefers, which resulted in 21 CFR Part 11 signature frame details being illegible or completely cut off from visibility in 21 CFR Part 11 signature requests.
To learn more, see 21 CFR Part 11 Compliance Support.
Created Aug 8, 2024Update
We enhanced the way signer authentication settings are configured within signature requests in Box Sign. Previously, senders were able to choose from multiple signer authentication methods for the same signature request, creating unnecessary complexity for signers. With this enhancement, senders can select a single signer authentication method from a dropdown menu of available signer authentication capabilities, delivering a more simplified authentication experience for signers.
To learn more, see Additional Signer Authentication.
Created Jun 26, 2024Update
We enhanced the way reusable templates are leveraged within Box Sign, enabling admins with greater control and flexibility over their organization’s ability to utilize reusable templates. Previously, template permissions allowed for users to create, edit, or delete reusable templates. However, if template permissions were disabled for specific users or groups, those users or groups would not be able to view and use reusable templates when initiating signature requests. In certain instances, admins may want to disable specific users or groups from creating, editing, or deleting reusable templates, but they may want those users or groups to be able to view and utilize reusable templates.
We modified template permissions to allow users or groups to view and use reusable templates in signature requests even if they are disabled from creating, editing, or deleting reusable templates.
Admins that wish to restrict specific users or groups from viewing or using reusable templates must modify file and folder permissions within Box.
To learn more, see Configuring Box Sign Enablement Settings.
Created May 31, 2024Update
We enhanced the Box Sign home page, and included additional signature request filters and changes to how signature requests are managed.
The new Box Sign home page provides users with access to three separate tabs:
Sent requests: Displays all signature requests that have been sent by a particular user.
Inbox: Displays all signature requests that have been to sent to a particular user.
Templates: Allows the user to access the reusable templates page in Box Sign.
Additionally, signature request filters are easily accessible from the new home page and includes new filters. Users are now able to filter by:
Specific recipients within signature requests they sent out for signature, including internal managed users or external recipients.
Specific recipients within signature requests that were sent to them for signature.
All signature requests, batch send signature requests, and signature requests completed via ready-sign links.
Signature requests sent with support for 21 CFR Part 11 compliance enabled.
Requests that are outstanding and pending the user's signature or approval.
Finally, we added additional details to the "Last Updated" column of the "Sent Requests" and "Inbox" tabs, including the name or email address of the recipient who last:
Revised the request.
Canceled the request.
Signed the request.
Approved the request.
Declined the request.
Reassigned the request.
To learn more, see Viewing Request Status and Creating, Using, and Sharing Templates.
Get Updates
Sign-in to your Box.com User Account to receive customized product notifications.
Subscribe