Security and Intent for E-Signatures - Celebrating National Cyber Security Awareness Month Continues

Posted by John Harris on 10/23/12 4:45 PM

cyber security awareness monthWe’ve been speaking about security and electronic signatures these past few weeks in observance of National Cyber Security Awareness Month. Today, we’re going to spend a little time speaking about intent and access control when it comes to e-signed documents.

All signatures, whether ink or electronic, are composed of three elements. One, we need to understand the identity of the signer…we covered authentication in last week’s post. Two, we need to establish the intent of the signer to actually accept or agree to the signed document in question. And finally, three, we need to tie the identity of the signer, and his or her intent to sign to the document itself…we covered digital signatures two posts ago, here.

electronic signature elements

Intent is critical. One of the reasons that we sign our name is to show intent…we spend time inscribing our name on a piece of paper to show that we’re accepting the terms and conditions of the document, purchase…whatever it may be. But it can often be more difficult to gauge intent in the electronic world, where we can order things with a single click of a mouse or tap of a finger.

In the SIGNiX digital signature service, we capture intent by guiding the signer through a variety of tasks, from consenting the use of electronic documents and signatures (a key part of the ESIGN Act & UETA here in the US)…

e sign consent

authenticating his or her identity… 

electronic signature authentication

…creating a Signing PIN (if this is the first time the user is using our service)…

signing pin creation

…clicking to sign…

click to sign

…and finally, re-entering their Signing PIN and checking the box as seen below.

intent to sign

By carefully tracking and storing all of these events and tying them back to the signer and the transaction at hand, we can provide substantial evidence as to the intent to sign the document, as it certainly would be difficult to mistakenly click through all of those checkpoint, as one might call them.

e-signature audit log

We’ll go into further detail about our audit tracking and log capabilities in the next blog entry in this series.

In addition, the Signing PIN doubles as an access control to signed documents after the transaction is complete. A user can click on the link provided to them in the email thanking them for signing the document, and the document(s) will be presented to the user for display and download only if the user correctly enters their Signing PIN.

If you’d like to learn more about how the SIGNiX electronic signature solution can help your organization improve customer experience and lower time to revenue, click the button below to sign up for a free demo. 

book a live demo

Get a Digital Signature Quote Now

GET A QUOTE

Posts by Topic

see all

Subscribe for updates