The Online Digital Signature Way

A Digital Signature Blog


Month List

June 6, 2017

Financial services companies must know who is signing their documents. If there is any doubt that the correct person has signed the loan, agreement, authority to proceed, or whatever the document may be, the business leaves itself open to fraud, is exposed to unnecessary risk and faces the possibility of loss, not to mention becoming non-compliant with 'Know Your Customer' legislative requirements. Secured Signing provides the most robust verification of signer identity with the world first use of video confirmation as part of the signing process.

Online signing by its nature provides much stronger confirmation of who is signing your documents than simply sending documents by post or email and taking it on faith they have been signed by the correct person. The addition of video recording of the signer, in a way that is uniquely and irrevocably tied to the document being signed, provides a degree of confidence in signer identity that cannot be reasonably challenged. It is a genuinely innovative approach that provides a degree of confidence in identity that is unmatched by any other signing method. It builds on the already robust authenticity of the underlying PKI Based digital signatures used by Secured Signing and existing additional identity verification tools such as two factor authentication and identity document searches.

Let's drill into how the process works to really appreciate how robust and reliable this new approach is.

Video confirmation is quick and simple for the signer. They are asked to activate the camera on their device and record themselves performing specific gestures. It takes less than 10 seconds. The required gestures are specific to the document being signed, recorded in the document log and are analysed in real time. The nature of the verification and the changing requirements make it impossible to pass the verification using an image or pre-recorded video. Video confirmation provides much stronger confirmation of identity than static biometric verification such as facial or fingerprint recognition.

The confirmation video is retained in a secure, encrypted repository. The signed document contains both a reference to the location of the video confirmation and the password required to access it. The tamper proof mechanisms inherent in PKI based digital signatures means neither the reference nor the password can be modified, without invalidating the signature. All documents signed with Secured Signing can be verified independently to confirm the document content is unchanged. Video confirmation enhances the inherent security and authenticity of PKI based digital signatures with the recorded video of the person signing the document.

Video confirmation is available to all Secured Signing customers now. Once enabled in My Settings, the option to require a signer to provide video confirmation is available on the signing workflow screen. You can try Secured Signing, including video confirmation of identity for free.  Register for your account now.

'Til next time
Cheers, John


Jan 31, 2017

If you have ever wanted to include someone in a Secured Singing workflow, who doesn't sign, but is kept up to date on how things are progressing, you are not alone.  We have had requests from procurement teams for the manager to receive notifications on all contract signings. Some companies wanted the notification that a signing process had been completed to go to a centralised processing team to ensure the signed document was always recorded properly. The development team know a good idea when they see one, so they built it!

Notification recipients and completion recipients are just a couple of the more than 100 enhancements that have been made to Secured Signing with the Summer 2017 release. There's far too much to talk about in a single post, so this time I'll focus on how you can use additional recipient notifications.  

When you send an email asking somebody to do something, you address the email to that person in the 'To' field.  You may also want to let somebody else know what is happening, even though they don't need to do anything personally. For an “FYI” recipient, you may add that person to the 'CC' field. Think of additional recipients as a "CC" to your signing workflow.

Including an additional recipient in your signing process couldn't be simpler. Simply click the checkbox on the invitation workflow screen and click the View/Manage button to select one or more people to receive additional notifications. Notification recipients will receive all the notifications for the singing process but they are not able to sign the document. Completion recipients will only receive notification of completion of the signing process.


When additional recipients are selected, the document owner can type the details during the invitation process. To make it even simpler, they can select the person from a list of recipients.  The list of notification and completion recipients is managed in the account settings.  

In the email Notification recipients receive. a link to the notification recipients’ portal is provided. The portal provides a dashboard showing all the documents where the person has been included in the singing workflow.  For each document, the due date and the status of the signing process is displayed along with links to click through to the document and the document log.  The portal shows current documents, recently signed documents and a full history of documents the person has been included as a notification recipient. The notification recipient portal can be accessed directly from the Secured Signing website. 

To include additional recipients, you will need to enable notification recipients and/or completion recipients in your account settings. The toggle to turn on additional recipients are shown under the We Sign heading on the My Setting page in My Account.


Next time we'll talk about a great variation on additional recipients - reviewers!  Reviewers must read and approve the document before the invitations to sign are issued. Stay tuned to find out more.

'Til next time

Cheers, John



General

August 31st, 2016

Secured Signing customers across a range of industries have been able to wipe out the costs and time lost to manually recording compliance with their consumer protection obligations.  Implementing a tailored signing workflow allows them to demonstrate process based compliance.

Consumer protection is a good thing. When we are buying something it is great to know that there are rules to make sure we get a fair deal. One form of consumer protection is making sure the purchaser is aware of their rights. Someone buying something or signing up to an agreement may also have a cooling off period in which they can cancel the transaction without penalty.

For businesses, complying with these consumer protections can be costly and time consuming.  They key thing is being able to demonstrate that the customer was made aware of their rights, or provided the required documentation or that the transaction was not processed until after the cooling off period. The traditional approach has been to have checklists or acknowledgements that the customer needed to sign. For cooling off periods, a manual process to log dates and times and set reminders to proceed to the next step are required. All of these manual, often paper based processes waste staff time and create risk if they are not diligently followed.

Moving to what I call process based compliance can remove this costly overhead from your business. Some examples will help explain.

For customers in the financial services industry, Secured Signing have delivered tailored signing workflows that display all declarations required by their legislation. Before the customer can sign the document, they must first acknowledge these notifications. Having this process based compliance makes it easy for these companies to demonstrate that the customer simply cannot have signed the agreement without being advised of their rights.

Automated cooling off periods have been included in the online enrolment solutions Secured Signing has delivered for the education industry. On completing the application form, a letter of offer is automatically generated, immediately signed by the applicant and their details written directly to the student management system. The workflow then waits the mandated 48 hours before inviting the student to complete the loan application. The time stamp of the digital signature in the letter of offer will always be at least 48 hours earlier than the time stamp of the digital signature in the loan application form.

Both these examples demonstrate how having compliance requirements built into your signing workflow and enforced by Secured Signing, delivers a process based compliance that is automated, highly reliable and avoids wasting staff and customer time. With the increasing regulation applicable to all industries, the wasted effort and cost in traditional approaches to demonstrating compliance will continue to rise. Now is the time to make the change to online signing with compliance baked into the process.

Contact us to find out more about a process compliance solution specific to your needs.

Till next time

Cheers, John


General

June 23, 2016,

There are many, many people who love the simplicity and speed of Secured Signing just as it is.  For quite a few of our business customers though, they are seeing even greater time saving and convenience by integrating Secured Signing to their core software system. This post explores the myriad of ways you can integrate Secured Signing to the software you use all day, every day.

The first and simplest option is using Smart Tags. If the documents you sign with Secured Signing are generated from your core system, why not take a few minutes and modify the template so those documents become Secured Signing ready. The Smart Tag documents your system generates can be added to Secured Signing in batches without any need to position signatures.  It’s a great time saver!

A Smart Tag is simply some text within the document that Secured Signing recognises as a marker for where a signature should appear and who needs to sign. Check out the Smart Tag demonstration videos in the How It works part of the website - http://www.securedsigning.com.au/support/demo-videos.

Another popular integration is completely avoiding the time suck and boredom of data entry by plugging Secured Signing’s Form Direct into your core business software. This also means your data is free of keying errors and updates are processed without delay.

If you’ve used Secured Signing Forms, you know they are great for enforcing mandatory items and making sure you have a complete form filled and signed the first time - all with no paper!  Form Direct provides additional capabilities like dynamic form elements that hide questions most people don’t need to answer, as well as data validation and lookup.

Did you know, that as well as a signed form, Secured Signing Form Direct can also return the data entered into the form. For some customers we supply the form data as a file they can use with an existing upload process in their software. For other customers, we write the data directly into their system to create and update records automatically - no data entry!

And finally, the pièce de résistance - the Secured Signing application programming interface or API!  Closely integrating your core software system with Secured Signing gives you access to the full range of online signing capabilities without leaving the system you use day in, day out for maximum convenience.

Check out the Connectors page to see if an existing integration is available for the software you use. If not, get in touch and we can start the conversation about your needs and the integration capabilities of your system.  If you are a developer looking to extend your system with secure PKI digital signatures, check out the resources on our Developer page - https://www.securedsigning.com/developer/api-documentation

Till next time,

Cheers

John



General

June 7, 2016

Reading that heading, you may be confused that there is even a difference between digital signatures and electronic signatures. That is hardly surprising given how often the terms are used interchangeably. In truth, there are significant differences between the two.

To look at these differences, it is useful to be clear about what we want from signing a document.  When something is so commonly used for so long, it’s likely you’ve never really stopped to think about what a signature should do.

When a paper document is signed with a traditional wet ink signature, there are two things happening. The first is we are demonstrating proof of our identity. The size, shape and style of my hand written signature was evidence that the only person who could have signed the document was me. It made the document authentic.


The second thing was making the document reliable. Once my signature was applied to a document, the contents of the paper couldn’t be easily altered. If a new, slightly different document was created, my signature could not be copied to it. I would need to sign the new document to give it authenticity and reliability.


Electronic signing is a very broad term that covers any electronic method to indicate agreement.  Clicking a check box to agree with the software licence terms when you install software is a form of electronic signing. For most people though, electronic signing is about adding a representation of their hand written signature to an electronic document. This could be achieved by signing on a touch sensitive screen, sometimes referred to as signature on glass. The image of the signature may be placed in the document by using an online signing service. Or it could be as simple as copying a picture of your signature into the electronic document.


How well do electronic signatures pass our tests for authenticity and reliability? In the digital world, anyone with access to a scanner, which is pretty much everybody, can create a copy of your signature and place it in a document. If I receive a document that contains an image of a signature I can easily create a new document and transfer your signature to it. There is nothing about the signature image which prevents me from modifying the document with your signature remaining.  For these reasons, electronic signing provides limited authenticity and reliability.


For a signing process to be properly called digital signing, it must use the PKI standard. Each digital signature is unique to both the document and the person signing. It cannot be forged or copied to another document.  Any changes to the document will invalidate the signature. Think of a digital signature as an electronic signature that also seals the document’s content to provide the highest authenticity and reliability available.


Online digital signing is as easy as electronic signing but gives you a document that can be independently verified offline. You don’t need to rely on the signing service to validate the document and they don’t need to keep a copy of your document.

To see how simple it is to sign a document online with the security of a digital signature, try Secured Signing freeway account.  For the curious or technically minded we also have a lot more detail about how digital signing works at http://www.securedsigning.com/resources/intro-to-digital-signatures.

 

Til next time!

Cheers

John


General