Electronic signatures, or e-signatures, have become a standard part of many business processes today. When deployed across mobile and traditional devices, e-signature technology significantly improves your organization’s efficiency resulting in a better customer experience.

In this three-part blog series, we’ll discuss how deploying e-signature technology across your entire organisation benefits your bottom line by boosting productivity, driving customer engagement and enriching the customer experience with omni-channel availability.

E-Signatures Make Business Sense

While the term “operational excellence” can vary in meaning depending on the organisation, when businesses gather metrics from key performance indicators (KPIs) to their descriptions of operational excellence, real progress is made. Whatever the definition, the most-cited goal of achieving operational excellence is to exceed customers’ expectations with every transaction, every day.

As management guru Peter F. Drucker asserted, “The purpose of business is to create and keep a customer.” E-signature technology can help your organisation become more efficient with friction-free, fluid processes that enhance the customer experience, enabling you to create and keep them. The right e-signature technology improves the operational efficiency of your organization in part because of the ubiquity of transactions, which require signatures.

From onboarding a new customer and opening an account to completing a loan application and more, signatures are required to complete many transactions. The signature captures your customers’ intent and signifies that they have agreed to the presented terms and conditions. Customers accept the need for the process and value the implied security, but there is no denying that the traditional paper-based process can be cumbersome. In addition to delivering a less than ideal customer experience, paper-based processes slow down business, costing time and productivity.

Driving Your Digital Advantage: As traditional paper-based processes continue to transform into digital and highly mobile experiences, e-signature technology has evolved to deliver anytime, anywhere, multi-platform signature capture and verification that is highly secure. Benefits include:

• Faster customer acquisition: Workflows streamlined by the adoption of e-signature technology result in a more efficient customer turnaround time and reduce the risk of cancellation.
• Cost reduction: Implementing a paperless process reduces the following expenditures: cost of paper products, courier and shipping charges and storage.
• Straight-through processing: The 100 per cent digital process removes the time-consuming task of re-keying information and eliminates data entry errors.
• Easy retrieval and archiving: E-signed documents are archived automatically and retrieved easily when needed.
• Customer-friendly process: Electronically signing on a mobile device such as a smartphone or tablet offers an easy and technically familiar process that customers trust.

Originally published on https://services.kofax.com/

E-signature technology helps your organization become more efficient with friction-free, fluid processes, enriching the customer experience and increasing customer retention.

More companies, across a variety of industries are embracing e-signature technology as an opportunity to transform the customer experience. However, in a move to reduce operating costs, too many organizations are relying heavily on automated interactions. But reducing or obscuring in-person transactions can degrade the sales experience, sometimes even prompting customers to move to a competitor. Use digital to augment – not only replace – your face-to-face transactions.

How do you “go digital” without losing the personal touch? Leveraging e-signature technology makes digital transactions personal, and serves your clients anywhere, anytime, and on their preferred device.

Provide Better Customer Experience, Even After the Sale

Business customers are savvier than ever before and expect certain transparency at each stage of the buying cycle and beyond.

E-signature technology is one of your most valuable innovations. The best way to improve sales effectiveness is to put customers first with your e-signature strategy, with these five considerations to build your use case:

1. Ease of Use – Select an e-signature solution that allows your customers to use self-service technology at their own pace, such as allowing them to review documents before signing or completing the workflow without installing additional software.

2. Device-friendly – Customers expect transactions to be secure and accessible from any web-enabled device (computer, tablet or smartphone) at any time.

3. Security first – E-signing isn’t new. Customers should find it natural to transition to a digital process. However, organisations must be able to create tamper-evident documents. Being able to produce an audit trail of electronic evidence that demonstrates the signer understood and accepted contract conditions at the time of e-signing, builds trust with customers. And improves your sales efficiency.

4. More interactive assisted process –Using in-branch devices such as tablets, that can be handed back and forth with the customer is an example of a collaborative transactional process. It’s a guiding example of ways leading e-signature technology can deepen and improve customer interactions.

5. “Traffic Light” Navigation – Digital transaction processes that include your employee or end customer to complete one step before they move to the next help to reinforce consistent sales interactions from sales and customer service teams.

Maximise sales effectiveness and maintain your competitive edge, enrich – don’t just replace – in-person customer experiences with efficient digital processes.

Originally published on https://services.kofax.com/

Customers expect a seamless, consistent experience across all channels, supporting the case for implementing e-signature technology across your enterprise. Not only do e-signatures play a pivotal role in digital transaction management, they are also an important factor when delivering a unified omni-channel experience to customers.

Stay True to Your Omni-Channel Strategy

“Omni-channel is the marriage of multichannel access, streamlined processes and big data,” states Nicole Sturgill, Senior Director, Retail Banking, CEB TowerGroup. “Banks that are able to gather and act upon their customer data to deliver consistent and targeted services across the channels will be ahead of their competitors and improve their upsell potential.”

Part of this comprehensive, omni-channel approach is e-signatures. Asking your customer to leave the digital world to sign with wet ink is like asking them to leave your brick-and-mortar location and come back another day to make a purchase – an irritating hurdle interrupting an otherwise smooth transaction. Enterprise-wide digital management technology avoids gaps in customer service and helps correct inconsistent or cumbersome processes.

As you assemble your omni-channel strategy, stay true to its definition by offering a consistent experience with your e-signature offering. Some tips:

• The e-signing process and the user interface should be similar, whether the customer is signing online or in-branch.
• The manner in which you capture the customer’s consent to e-sign should be consistent
• Your customer should be able to access and verify the e-signed PDF in the same manner, whether the document was signed during a face-to-face assisted process or during a self-service, online transaction
• Support for multiple signature types keeps the process digital. Offer your customers the ability to apply handwritten e-signatures on a mobile device or click “I Agree” to e-sign. In other words, remove friction from the process by providing a number of e-signing options.

If you have read this complete blog series, you are undoubtedly committed to building a better customer engagement model and questioning how to achieve optimal efficiency and sales effectiveness in this digital era. A personalized and consistent user experience is the foundation for your omni-channel strategy, and e-signature technology is the adhesive that keeps your process digital.

Originally published on https://services.kofax.com/

When you embark on an e-signature project, you’ll have a long list of requirements. The following questions will likely be top of mind: Are the resulting e-signatures legal. Can I easily integrate the solution within my infrastructure? Do I need an on premise or a cloud solution? These are all important considerations.

Here’s one requirement to add to your list, can the e-signature be validated outside of the e-signature vendor’s environment? The answer should be a resounding “Yes.”

Validating an e-signature’s integrity is critical, now and in the future. The ability to analyze a document and determine whether or not it has been tampered with makes using e-signing technology arguably more secure than a traditional pen-on-paper process. If you can’t perform that kind of analysis, the solution will eventually lose much of its value.

Before I dive into the importance of standards, let’s step back, and explain the value of e-signing versus a paper process – the key is the ability to confirm the integrity of the document, at any time.

The Paper Process

Applying a wet ink signature onto a piece of paper places a representation of your signature onto that document. There are no mechanisms in place to prevent someone from adding or modifying existing text within the document. The document itself can be easily tampered with after the signing takes place. Even the signature itself can be manually copied and placed at different locations within a document.

The Non-Verifiable E-process

An analogous issue can be inherent in an electronic signing solution, too. Solutions that insert a pure image of your signature into a document – instead of a real standards-based electronic signature – suffer exactly the same disadvantages as the traditional paper-based process described above.

Specifically, the signature can be easily copied, tampered with, and reused and you have no way to detect this has occurred. Obviously, this defeats the purpose and is not desirable. What you need is a solution that is safer and more secure than the traditional paper process.

Optimally, an electronic signing solution should make it obvious the document was tampered with. If you are using e-signatures, but cannot guarantee the integrity of the document, you are missing one of the key benefits and advantages of using e-signing as opposed to wet ink paper signing (besides the obvious efficiency and cost benefits). Although most e-sign solutions guarantee the integrity of their signed documents, many don’t guarantee it in a standards-based manner.

I’ll argue that by relying on such solutions, you run the risk of being left with a database full of non-verifiable documents. This is because you will be dependent on your solution provider for signature validation. So how can we resolve this issue? To me, the solution is obvious, the consequent use of standards for the electronic signatures that you place into valuable documents and contracts.

Standardization Protects Documents

The ISO standard will solve your long-term e-sign validation issues. The Portable Document Format (PDF) is specified as a digital form for representing documents in the ISO 32000-1 standard. This format enables users to exchange and view electronic documents easily and reliably. The ISO 32000-1 standard identifies the ways in which an electronic signature, in the form of a digital signature, may be incorporated into a PDF document to validate the integrity of the document’s content. The use of electronic signatures for PDF documents following ISO 32000-1 is specified in “Electronic Signatures and Infrastructures (ESI); PDF Advanced Electronic Signature Profiles” (ETSI TS 102 778).

Your e-signature solution should support the ISO 32000-1 standard. As a result, any document e-signed using a handwritten, biometric, or click-to-sign signature, can be validated with any standard, compliant PDF Reader. Not only can your organization validate electronic signatures independently, but your own customers will also appreciate the ability to validate their copy of the e-signed PDF as well.

The use of proprietary software that locks you into one particular vendor is a thing of the past. Demand support for ISO 32000-1 and ensure your e-signed documents can be validated, anytime, without locking you into a solution – or, worst, locking you out of your e-signed documents.

Originally published on https://services.kofax.com/

Verifying intent and identity electronically

For hundreds of years, commerce has relied on personal signatures to close deals, onboard customers and verify identity, among other uses. Electronic signatures are becoming increasingly essential for conducting global business and legal transactions in today’s digital world.

Modern e-signatures use secure technology that safeguards against forgery or post-signature alteration. An electronic signature must be as reliable and tamper-proof as a pen-to-paper signature, able to verify the identity of each signor, and validate each signor’s intention to comply with the stipulations of the signed document. When using e-signatures to conduct global business, you need to know the requirements, and the differences between an e-signature and a digital signature.

Electronic signature requirements vary from country to country

Businesses worldwide continue to embrace digital solutions that enhance the customer experience while eliminating cumbersome and costly manual systems. As a vital component of paperless processes, an e-signature solution should be a key consideration for any business that is truly committed to digital transformation.  Keep in mind, however, that the requirements in various regions differ. One legally acceptable e-signature in the US may not meet the standards in Europe. For global business, adopting a solution that is accepted worldwide is the beginning of a sound, digital transformation strategy.

What’s in a name? Differences between electronic signatures and digital signatures

When researching a transition to digital business processes, it’s important to use accurate terminology to ensure your e-signature solution is truly complete. The terms “electronic signature” and “digital signature” are not interchangeable, although they are often used this way.

What is an electronic signature (e-signature)?

The  U.S. ESIGN Act defines an electronic signature as an “electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record.”

E-signatures encompass handwritten signatures, as well as:

• Clicking “I Agree” during an online process
• Capturing a photo at the time of signing and embedding it in a document
• Capturing biometric data, such as signing speed and pressure

Electronic Signature – the EU Definition

Within the EU’s eIDAS-Regulation 2014, e-signatures are just a small part of the new Regulation, but that small part is designed to permit the cross-border recognition as well as European harmonization of e-signatures.  The new eIDAS-Regulation has an immediate effect in all 28 EU countries in July 2016 and will cause prior esign acts to become mostly obsolete.

Three types of e-signatures

Neither the 1999 European directive nor eIDAS-Regulation 2014 are restricted by a specific technology.  Instead both define three types of e-signatures:

1. Electronic signature. Also called a simple e-signature or light e-signature, this is where “data in electronic form which [is] attached to or logically associated with other electronic data, serve as a method of authentication.”
2. Advanced e-signature. This category of e-signature meets four standards: 1) it is exclusively connected to the signatory; 2) it can be traced back to the signatory; 3) it is created in a way that only the signatory controls; and 4) later changes are detectable and traceable.
3. Advanced e-signature are based on a qualified certificate. This is also called a secure digital signature, strong digital signature, or qualified digital signature. The signature must meet two standards: 1) it is created by a secure-signature-creation device (also called a certification authority [CA]; and 2) it must have the technical support needed to ensure the key can neither be forced nor reproduced in a reasonable time.

What is a digital signature?

Digital signatures are considered a subset of electronic signatures. Whereas an electronic signature is a legally binding record, a digital signature refers to the underlying encryption technology that verifies the authenticity of the transaction.

Originally published on https://services.kofax.com/

As Kofax’s VP, Signature Products, I have had the opportunity to attend customer meetings with leading organisations around the world and across a number of industries including, banking, insurance, and healthcare. My favourite part of these meetings is answering the “What if?” questions. I want to share with you the most often asked questions.

I want to verify the document in five years. How would I do this?

Find a partner who leverages the ISO 32000 standard, providing you with vendor independence when it comes to verifying the integrity of the document. All you need to verify that the document was not tampered with is a standard PDF Reader.

What if the e-signature is contested? How can I prove the signer’s identity?

This is an important question because proving who signed doesn’t just rely on technology–Your process is critical. Just like in a paper-based, face-to-face transaction, you can confirm the signer’s identity by verifying a government issued ID. You can also take a picture of the ID with the integrated camera on a smartphone, tablet, or laptop and embed it within the PDF. Just like the electronic signatures in the PDF, the photographs will be digitally signed, preventing the undetected tampering of the images.

In an unassisted process, like an online transaction, you have to implement a number of checkpoints. If the signer is a known customer, the credentials used to log into their account authenticates the signer. If desired, you can add a series of out-of-wallet questions and out-of-band authentication, such as sending a code by SMS that the signer must enter prior to continuing the process. Your esign solution needs to integrate within your own infrastructure; you control the verification steps that must be taken prior to the signing process.

Finally, your esign solution must capture the unique biometric data of a handwritten e-signature that a forensic expert can use after the fact to confirm the signer’s identity.

Can my customer esign online with just a standard browser?

With HTML5, it’s possible for you to implement a 100% browser-based esigning process, without having to worry about which operating system or device the signer is using.

I want to use a tablet for my field representatives and Tablet PCs in-branch. Do I need different software for each device?

The key to a successful enterprise deployment is the ability to leverage the esign software in any environment: online, in field, in-person and even in your call centre.

Although there are a number of product options and SDKs, the core technology is the same, enabling you to esign just about anywhere. In addition, any PDF esigned creates a standard digital signature. In other words, you can validate the integrity of the document with a PDF reader regardless if the document was signed with an electronic handwritten signature, or a click-to-sign (clicking “I Agree’).In short, you can use esign software in any environment and with the hardware of your choice.

How do I integrate the e-signing solution with my core applications, such as a new account or teller platform?

The majority of our customers use SDKs to integrate the e-signing capabilities within their established platform. No worries though – you will not require expensive professional services from Kofax. Your developers can leverage our documentation, sample code, as well as email and phone support to do the job.

I’m building a mobile app, but it needs to work both offline and online.

Connectivity can’t always be guaranteed. To ensure that a mobile process doesn’t revert back to paper, our customers use a SDK to create a tablet application that can run both offline and online. The best example of this is AIA in Asia. They have created an iPad on-boarding process used approximately 50,000 agents.

How do I add e-signature fields in the form?

Your esign solution will automatically recognize an Adobe digital signature field. If you need to add a signature field, you can still do so prior to signing.

If one signer can meet in person, but the co-signer can’t, does the process revert to paper?

This is one of my favourite questions and most often asked. It’s not always possible for co-signers to be at the same place, at the same time. It’s important that your solution supports several signature types–handwritten, biometric signatures as well as click-to-sign. One signer can e-sign on a tablet during a face-to-face process while the co-signer can be invited to e-sign using a browser, click-to-sign process. Different e-signatures types can co-exist in the same document.

I want to use several types of mobile devices.

As part the SDK, the access is abstracted to the physical devices so that your application doesn’t need to deal with the specifics of a particular hardware’s APIs. Our software supports iOS, Android and Windows devices and signature capture pads from leading vendors such as Wacom and Scriptel out of the box. In other words, you can use e-signature software in combination with a very large set of devices capable of capturing an electronic signature.

Originally published on https://services.kofax.com/

The simple answer is no.

Electronic signatures and digital signatures are not one in the same, but rather work hand-in-hand. Let me elaborate:  A digital signature is a mechanism to secure electronic data. And an electronic signature is the electronic representation of your intent to sign. The electronic signature becomes secure when combined with a digital signature.

A digital signature is the result of a purely cryptographic process that’s intended to help the receiver, of any digital entity, identify whether or not it has been tampered with. In other words, a digital signature is used to secure anything digital such as a document or a piece of software, and provides the means for establishing whether the originator is whom they say, they are.

A digital signature can answer the question “Is this really the version of the document you sent me?” An electronic signature, on the other hand, is a digital representation of a person’s intent to authorize a transaction and is ideally embedded in a document and secured by a ‘digital signature’ as defined above. It’s to answer the question: “Did you really want to go through with this contract?”

Your intent to authorize a transaction with an electronic signature (i.e. the data representing your authorization) can take many forms such as a handwritten, biometric signature captured on a mobile device, clicking “I Agree”, or even a recording of you saying ‘yes’ during a recorded transaction.

The two technologies are combined to provide a powerful method for proving intent in a contractual process. Using both enables you to, with a very high degree of certainty, prove that the person’s signature was placed in that document by them. This concept is often referred to as non-repudiation because it’s very difficult for a signer to refute the fact that it’s their signature in the document, and very easy for you to prove that the document is original and unmodified.

Let’s look at a typical electronic signing process and identify what technology comes into play.

Step 1. Electronically Signing a Document

The user electronically signs a document (e.g. PDF) using a handwritten signature, captured on a signature pad, tablet or smartphone, or by clicking an “I Agree” button. In the case of a handwritten signature, the esigning software captures the signature graphics (what your signature looks like), as well as the signer’s biometric information i.e. data related to how the person signs.

Any additional information that is used to identify the signer can be incorporated as part of the electronic signature data. This could be any digital information specific to the signer (or the signing process) such as the IP address of the computer, the date and time stamp when they signed, or any other user registration information such as a user name.

To complete the process, an integrity hash (a long string of data) is calculated over the document using standard hashing algorithms. What this means is that a bit string is calculated using the contents of the document as an input. This is useful because the algorithm will always generate the same hash when given the same input. So, if a document is changed, the new version of the document will generate a different bit string and therefore indicate that the document has been tampered with. We’ll see in Step 3 below why this is important.

Step 2. Digitally Signing a Document

Now that we’ve captured the data for the electronic signature, it’s time to do the following: place the electronic signature in the document, make sure that no one can tamper with it, and also make sure that anyone who receives it knows that it really originated from us. We can do this using a digital signature. Digital signatures use private and public key pairs (PKI) to encrypt and decrypt the electronic signature data respectively. The private key is secret and is used where the digital “signing” and encryption of the hash actually takes place, while the public key travels with the document to help a receiver decrypt it. So when receiving such a document, how can you be sure that the public key hasn’t been tampered with and that it really came from the claimed sender.

The public key will be bound to the document within a so-called digital certificate that essentially contains information in addition to the public key such as who the sender is, how long the certificate is valid for, a serial number and much more information describing the owner of the certificate. This information can be used to query a third party certificate authority to identify whether or not the public key came from the person it claims to have come from. So now we know that the public key must be valid and we can use this key to ascertain whether the document we received has been tampered with or not.

Step 3. Validating the Signature

When you digitally sign a document, you are essentially using a private key to encrypt the document hash we discussed previously. The encrypted hash, and your digital certificate which contains the required public key to decrypt the hash, becomes part of the document enabling you to validate the integrity of the document at any time. The simplest way to validate a document’s integrity using the digital signature is to load it into any PDF Reader that supports digital signatures. The PDF Reader will calculate the hash value of the document and compare it to the original one we calculated in Step 1, and further secured in Step 2.

If the hash matches the original one, the document must be the untampered original since you’ll recall that the hashing algorithm will always calculate the same hash given a specific input document. In the end, this indicates that the electronic signature (the digital data representing your intent) is valid. If not, the digital signature will be marked as invalid.

Unsecured electonic signatures

It’s possible to sign a document electronically without securing it using digital signatures. This is done by simply placing the electronic signature data in the document (e.g. by pasting an image of a signature). However, by doing so, the signed documents will not be tamper-proof and can easily be refuted by the signer. This type of “electronic signing” shouldn’t be confused with the electronic signature as described above because of the absence of a digital signature to secure the process.

The concepts of digital signatures and a person’s intent to sign in the form of an electronic signature are synergistic. Used together, they provide a powerful means of both establishing intent and securing the integrity of a transaction.

This complex process is simplified with e-signature software, allowing you to securely esign on any device while maintaining the integrity of your documents.

Originally published on https://services.kofax.com/