"Trust Us!" – Electronic Signatures and Assurance

,,,,,

This entry continues our “What is an Electronic Signature, Anyway?” educational series.

Merriam-Webster defines assurance as “something that inspires confidence” and “freedom from self-doubt or uncertainty.”  When you receive an electronic document, how do you know it’s the document the author intended you to receive?  Likewise, if that document is an electronically-signed contract, how do you know who actually signed it?  How do you know the other party didn’t change the document after you sent it?  Assurance, as you can see, is critical to trusting the work that we store, put or send online.  Electronic signatures can provide a way to enhance your confidence in these documents in a paperless environment.

We can break down the most significant aspects of electronic signature assurance into the following components:

  • Authentication

Authentication deals with how a user verified him or herself to the signing system.  The more complex the type of authentication and the more ‘factors’ of authentication you combine, the higher the level of assurance becomes.  Did they simply click a button or did they first have to enter a username and password?  Authentication to a system is stronger if a user must present both a physical device (token or smart card) and a PIN or password to the system – a combination known as ‘two-factor authentication.’  Handwritten eSignatures inherit some level of assurance from their historical wet ink cousin.  Even biometric technology could be added to the picture, requiring persons to present ‘something they are,’ like a fingerprint or iris, to verify themselves. 

  • Identity Vetting

Identity vetting, or identity verification, answers the question, “How did the system arrive at trust in this signer?”  In other words, how did an organization or system grant a signer her signing credential or access to the signing system?  The intensity of this process can help to define assurance.  Is the signer being asked to appear in person and present multiple forms of government ID, or are they simply required to enter their name and click “OK”?  The more intense the scrutiny, the better the level of assurance.

  • Integrity

Integrity is one of the key capabilities of an electronic signature.  An electronic signature often includes the capability to “fingerprint” or hash a document so that a recipient can verify that a signed document was not changed post-signature.  Integrity can be achieved in a number of ways.  Some methodologies use cryptographic calculations, like a signed hash and digital signature embedded in a document verifiable by the reader of a document, to achieve integrity.  Others systems may offer integrity through secure archiving of original electronic documents and a strong audit trail of events that lead to the signature event itself. 

  • Validity

Validity, or put another way, the legitimacy of the user’s signing credential or access at the time of signature, is another critical aspect of assurance.  The user may be who he says he is, and may have used the proper methods for authentication, but what if they signing credential had been revoked before the time of signing because the user was fired from their organization?  Signing systems offering higher levels of assurance should be able to establish validity at the actual time of signing.

  • Time of signing

The time of signing is the final key element of assurance in electronic signatures.  A PC clock may be modified to fraudulently indicate time of signing, and thus a trusted third party clock can provide more assurance.

Not all electronic signatures are equal, however, when it comes to assurance.  The following diagram shows a stereotypical breakdown of assurance compared with average cost.

You can see that click-through electronic signatures inhabit the low end of the spectrum and multi-factor authenticated digital signatures occupy the high ground.  But not everything is as it seems.  If certain pieces of the assurance puzzle are missing, the arrangement above could be completely scrambled.

For example, you may have a digital signature system that requires the user to possess a device that requires both their fingerprint and a PIN code in order to sign a document.  On its face, this looks pretty secure.  But what if the system used to provide the user with the signing credential (a digital ID) never checked into that user’s identity?  Bob Smith could be signing in the name of Adobe’s CEO and no one would be any wiser.

Coming from the other direction, you might imagine a contract workflow that only requires a button click to process a signature.  This seems low assurance at first glance.  But if we add fingerprint authentication, strong identity vetting (in-person proofing), and a secure infrastructure in which the documents are processed and stored, one could argue the assurance of this system surpasses other technologies.

In the end, you will need to educate yourself and ask questions about the assurance capabilities of the electronic signature systems you intend to deploy.  The choice of an electronic signature method comes down to a decision about what you’re trying to protect and provide assurance to.  Simple travel expense reports do not require significant assurance measures, but multimillion dollar contracts definitely would.  Interoffice memos proclaiming a new copier in the mailroom don’t require much assurance, but critical government documents like the US Federal Budget do.

The next in our “What is an Electronic Signature Anyway?” series will focus on the legal admissibility of electronic signatures and the laws that govern their use.