Compliance
      Back to home
      1. Knowledge Base
      2. Compliance

      FAA A025/AC120-78 Technical Detail Letter

      Electronic Signature Components of the FL3XX Aviation Management Platform

      In the United States, the Uniform Electronic Transactions Act (UETA) 1999 and the Electronic Signatures in Global and National Commerce Act (ESIGN) 2000 granted electronic signatures the same legal status as handwritten signatures throughout the United States, simplifying how organizations gather, track, and manage signatures and approvals with documents and data. According to the ESIGN Act, electronic signatures are defined as an “...electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record” and have the same purpose as a physical signature or any other type of qualified verifiable identity marker in use and approved by the FAA.

      Electronic Signatures are part of the FL3XX Aviation Management platform by definition as FL3XX platform communications include the necessary components of Electronic Signatures as defined by relevant US law, and follow the designated process to qualify specific communications as such.

      The ESIGN Act:

      • Provides that any law with a requirement for a signature may be satisfied by an electronic signatures
      • Allows electronically executed agreements to be presented as evidence in court
      • Prevents denial of legal effect, validity, or enforceability of an electronically signed document solely because it is in electronic form.

      In the FL3XX Aviation Management platform, the required components of an Electronic Signature include:

      • User authentication
        • All users are required to use their own unique access credentials for the FL3XX platform. Users are identified at onboarding. Sharing credentials is expressly prohibited.
      • Data authentication
        • Data entries and transactional communications are recorded immediately and preserved for reference including the authenticated user and timestamp. These attributes may be both visible in the app or in instance logs that may be retrieved if required.
      • A method of signing
        • All applicable data entry and transactional communications are saved or initiated by authenticated users and recorded accordingly.
      • Capture of intent to sign
        • All authenticated users must intentionally initiate an action (sending, creating, or changing data) which commits changes to a record, creates a new record, and/or sends an electronic communication (email) on their behalf.

      The Electronic Signature Standards as per FAA A025/AC120-78 in the FL3XX Aviation Management platform include:

      • Intent to sign
        • Fundamental data entry and electronic communications within FL3XX Aviation Management platform require an authenticated user to take the relevant actions (committing changes or initiating communications) to designate approval and affirmation of actions taken.
      • Identification of Signer
        • Users must login with their unique access credentials to access the system and each action they take is automatically documented in the instance and in activity logs. These records identify which user took the action, what the action was, and when it occurred.
      • Unique
        • Each user has their own unique access credentials which cannot be replicated by another individual. Sharing credentials is expressly prohibited.
      • The electronic form of signature must be attached to or associated with the electronic record being signed
        • The instance data and related logs represent the documentation of electronic signature with a time/date stamp. This information may also be affixed to the relevant documents sent electronically (email)
      • The signature must be permanent and the information to which it is attached must be unalterable without a new signature
        • The underlying instance data and electronic communications are permanent and cannot be altered
      • There must be a means to preserve the integrity of the signed record
        • The underlying instance data and related logs are permanent and cannot be altered by the user or deleted except by termination of the account.
      • A valid electronic signature must prevent the signatory from denying that he or she affixed a signature to a specific record, document or body of data (non-repudiation)
        • As above, through unique access credentials, user identification, instance data and audit history/logging, users cannot deny affixed approval to specific records or electronic communications.

      The Electronic Signature process as per FAA A025/AC120-78 in the FL3XX Aviation Management platform describes, contains or addresses:

      • Uniqueness – An electronic signature is only valid if it is unique to the individual signatory. It should identify a specific individual and be difficult to duplicate.
        • All Electronic Signatures are bound to a specific, authenticated user.
      • Control – A valid electronic signature must be under the sole control of the signatory and require the signatory to use a unique username and password to access the system and affix the signature.
        • Authenticated users’ credentials are unique, and only authenticated users have control over their Electronic Signature.
      • Notification – The system should notify the signature that the signature has been affixed.
        • The system displays a success message or sending confirmation when the relevant actions are taken and the platform displays the relevant information.
      • Intent to Sign – The signatory should be prompted before their signature is affixed. The electronic signature block should contain the work or statement of intent that definitely conveys the signatory’s intent to affix his or her signature.
        • The user must intentionally and deliberately interact with the system to “Save” data entry or “Send” electronic communications.
      • Deliberate – An individual using an electronic signature should take deliberate and recognizable action to affix their signature.
        • Authentication with unique credentials tied to specific user combined with deliberate actions within the platform
      • Signature Association – A signature must be attached to, or logically associated with the record being signed.
        • Actions are attached to records with authenticated user and item. The platform will display these specific records and also show within printed or generated documents.
      • Retrievable and Traceable – The user should be able to identify and retrieve the documents to which his or her electronic signature has been applied. An electronic signature should provide positive traceability to the individual who signed a record, record entry or any other document.
        • Documents, data entered, and electronic communications qualified as Electronically Signed can be accessed by the user historically and referenced as needed.
      • Undeniable – A valid electronic signature is one that cannot be denied (repudiated) by the signer. An electronic signature process must contain procedures and controls designed to ensure the authenticity of the signature and that the signer cannot deny having affixed the signature to a specific record, or body of data.
        • Based on the user authentication and data qualification, user actions can be attributed to that user.
      • Security Protocols and Prevention of Unauthorized Access and Modification - An electronic signature process must be secure and must prevent unauthorized access to the system that affixes the signature to the intended documents or records. The process must ensure that only the intended signatory can affix his or her signature and must prevent unauthorized individuals from certifying required documents, such as airworthiness or dispatch releases. The process must prevent modifications to information/data or additional entries to records or documents without requiring a new signature. Additionally, the process must contain restrictions and procedures to prohibit the use of an individual’s electronic signature when the individual leaves or terminates employment.
        • Only the authenticated user can login to generate records or initiate electronic communications. Even if they leave the company, their account access is only suspended, and records remain permanent.
      • Permanent and Unalterable – A valid electronic signature must be a permanent part of the record or document to which it was affixed. The information contained in the record or documents must be unalterable without a new signature to validate the alteration.
        • The user cannot remove Electronic Signatures from the platform, but can update records or resubmit data which will generate a new electronic signature.
      • Identification and Authentication - Electronic signature software must have authentication capabilities that can identify a signature as belonging only to a particular signatory. An individual using an electronic signature should be required to use a method of authentication that positively identifies the individual within the electronic signature system.
        • Onboarding with FL3XX involves registering all users in the system, names and contact information, licensing, roles, and other identifying information. The user is required to login to FL3XX with their unique, secure password in order to alter a record and each change is captured for historical auditing.
      • Correctable - An electronic signature process should include a means for a certificate holder to correct records or documents that were electronically signed in error, as well as those documents where a signature is properly affixed but the information or data is in error. An electronic signature should be invalidated any time a superseding entry is made to correct the record or document. The information or signature being corrected should be voided but remain in place. The new information and/or signature should be easily identifiable.
        • All electronic signatures are permanent and unalterable, however, updates can be made and as such a new electronic signature will be affixed. The date/time stamp determines signature validity.
      • Archivable – Since no paper document with an ink signature exists, a means of safely archiving electronically signed documents should appear to be part of any electronic signature computer software.
        • Records are redundantly archived as per standard information security procedures and cannot be deleted or modified.
      • Control of Private Keys and Access Codes – A digital electronic signature process must ensure the private key or access to the electronic system that affixes the signature is under the sole custody of the signatory at all times.
        • Only users have access/knowledge of their unique access credentials, and only individual users can initiate an automated password reset which follows generally accepted data protection principles.

      Applicable Records

      • Data Entry
        • Crew assignments and crew training/qualification items
        • Acknowledgement of assignments in Crew App
        • Post flight items: block-/flight times, duty times, approaches, tech log, deice
        • Weight and Balance data: actual takeoff weight, performance limited takeoff weight, CG actual, CG fwd limit, CG aft limit
        • Flight Release: submission for release, release, re-release
      • Electronic Communications
        • All electronic communications (email) are stored in the system indefinitely. Such communications include:
          • Crew Briefings
          • Fuel Requests
          • Handling Requests ○ Other types of electronic communications include
          • Filing of eAPIS
          • Filing of APIS/PNR for countries other than the USA

      Data Backup and Retention

      The FL3XX Aviation Management platform is cloud-based, and operates on geographically distributed Amazon Web Services data center facilities. Each facility is designed to run 24x7x365 and employs various measures to help protect operations from power failure, physical intrusion and network outages. These data centers comply with industry standards (such as ISO 27001) for physical security and availability. They are managed, monitored and administered by Amazon Web Services operations personnel. FL3XX delivers real-time, active geo-redundant data replication for all customer data stored in the platform. We leverage multiple sets of redundancies at all levels of the application stack which includes geo-redundancy for regional failover in the event of a catastrophic failure at any Amazon Web Services data center.

      References

      Electronic Signatures In Global And National Commerce Act (ESIGN) 

      U.S. Department of Transportation, FAA Advisory Circular A025/AC120-78

      AWS Security