E sign Requirements: How to make sure an esignature is valid

1
E sign Requirements How to make sure an
esignature is valid
2
Remember about 15 years ago talking about the
paperless office and what a great idea it was
not just because of the climate change benefits,
but also because it was just really convenient.
At that time, it was fairly nascent, we had all
embraced software that created digital documents,
but some of the operations of using electronic
communications were still a littleout of the
ark. Now, we are in a much better place. We
have more seamless and connected document
handling, and Cloud based creation and control of
documents in fact I am writing this using
Google docs so I can access it from anywhere,
using any device, as long as I log in. However,
the paperless office is still not quite there. In
a report by Fujitsu, they found that 62 of
organizations said that their paper consumption
has remained the same, if not increased. There
may be many reasons why the paperless office is
more like the almost, but not quite, paperless
office. At ApproveMe we believe that one of
those is that documents are not just typing on a
page, they are interactive, often requiring
sign-off. However, adding esignatures to an
electronic document needs to be done so that they
are valid. In this article we will look at what
makes an esignature valid, and how this can take,
at least some of the paper burden, off the
shoulders of commerce.
3
Technology to make an esignature
valid? Esignatures are applied to a digital
document using specialist software applications.
There are a number of methods of applying an
esignature but there are certain technological
methods that make an esignature actually valid.
The e sign requirements that make for a truly
valid esignature are Hashing This is a
mathematical transformation, not quite waving a
magic wand, but almost. Hashing takes the content
of a document and creates a hash from it this
creates a unique fingerprint of the data, sort of
like its DNA. This hash is then associated with
the document and used later to check the
document you, as the user of the document, see
the content as normal. The neat thing about this,
is that if someone tries to change the document
content AFTER it has been signed, the hash
changes and any signatures on the document will
become invalid that is you will see a change
has occurred, usually within an audit trail or
the esignature itself may indicate
it. Authentication of the signatory The person
that signs the document needs to be identified as
being, who they say they are. In the real world
this is usually done by a notary checking an
identity document, such as a drivers license.
4
In the digital world, this is done using a
digital certificate. Digital certificates are
issued by companies called certificate
authorities and certificates represent a digital
version of you. They are composed of two main
parts, a private key (that is never revealed but
used to encrypt things) and a public key which is
used to decrypt something encrypted using the
matching private key. Its like the digital
version of ying and yang. Encryption The
document hash is encrypted using the private key
of the certificate of the user this makes the
actual digital signature or esignature. A
timestamp is also associated with the signature
at the point of adding it this is important for
non-repudiation. If you check any of the
esignatures on a contract, they will only show
as valid IF the hash hasnt changed. Remember the
hash is equivalent to the content at the time a
signature is applied. If that content changes,
the hash changes, and so no longer matches this
sets the signature as invalid. Laws to make an
esignature valid Hopefully youll never end up
in court over a disputed contract, but if you do,
youll want to make sure that the effort you have
put into making your contract process fully
digitized is worthwhile.
5
Fortunately, there are laws governing the use of
esignatures. In the USA there is the ESIGN Act.
This act, which came into law in June 2000, sets
out what criteria an esignature needs to meet to
be upheld in a court of law. The following esign
requirements will protect your esignature
reputation All signatories need to have access
to the signed file. So for example, ApproveMeallow
s you to create a document portal using your own
WordPress website. The portal is where all
contracts and documents reside. Anyone associated
with a document can then be given access to it
through this portal. All parties must agree to
the use of an electronic signature in any given
transaction You must be able to prove document
integrity (this is where the hash and the
encryption come in) You must be able to prove
the identities of the signatories (this is where
the digital certificate and sometimes sign in
credentials come in) Other countries have
similar laws set up to encourage and make legal
the use of esignatures, for example in Europe you
have the eSignature Directive (1999/93/EC).
6
Making it count Esignature software,
like ApproveMe uses the three parts of e signing
requirements to create securely signed digital
documents that are compliant with laws like
ESIGN. However, to make e signing seamless and
easy to use, you need to build a process around
the whole contract creation and signing event in
other words you need to have more that just the
basics. ApproveMe offers you an esignature
platform, which gives you contract templates,
allows you to manage the lifecycle of those
documents and contracts, and apply multiple,
secure e signatures to them. It also gives you a
full audit trail of the process so you can spot
any anomalies and make sure that if you do end up
in court with a contested contract, you have all
the evidence you need to make sure you win. We
may not quite be paperless yet, but with secure
esignature technologies we have no real excuse to
not be. Article Resource https//www.approveme.c
om/e-signature/e-sign-requirements-make-sure-esign
ature-valid/