Please sign on the dotted line. Electronically.

Please sign on the dotted line. Electronically.

Summary: Businesses and their clients can benefit greatly from electronic signature software and services. The question is, why aren't they doing it? The technology isn't that new and it's way past time to step into the present.

SHARE:

You’d think that in 2014 we’d be 100 percent free of dead tree trappings, but I see it isn’t so. A few days ago, I had a document sent to me via email that I promptly downloaded, printed, signed, scanned, converted to a PDF, and emailed back. That process took more than 30 minutes to complete. I pondered that scenario after the email finally chugged its way out of my outbox.

I’ve signed documents, including tax forms electronically, so why was this one so different? Did the sender just want to put me to the extra trouble of printing, signing, scanning, PDFing, and emailing the document back? I don’t think it was their intent, but that’s what happened. That four-page document used up my time, my paper (that my daughter could have drawn on), and ink from my "continuously running low on ink" printer.

Were they too cheap to spring for the $20 per month fee to use a secure document signing service? Or maybe they just don’t know that it’s 2014 and that it’s time for a technology refresh.

Even if you jumped into the Wayback Machine, you’d find that in 1869 the New Hampshire Supreme Court realized that the times were a-changin’ with the implications of communications perpetrated on that new-fangled telegraph machine in the famous Howley v. Whipple case:

It makes no difference whether [the telegraph] operator writes the offer or the acceptance in the presence of his principal and by his express direction, with a steel pen an inch long attached to an ordinary penholder, or whether his pen be a copper wire a thousand miles long. In either case the thought is communicated to the paper by the use of the finger resting upon the pen; nor does it make any difference that in one case common record ink is used, while in the other case a more subtle fluid, known as electricity, performs the same office.

Now I know why US Presidential campaigns begin in New Hampshire. Those people recognize what’s real and what’s right for the whole nation.

In that same vein, it’s not too much of a stretch to consider that it’s not necessary to handle physical documents, even for signatures. Contracts, tax forms, bank drafts, real estate negotiations, sales receipts, and all types of legal agreements to transact some form of business have one thing in common: You can sign them digitally. An electronic signature is a legal and binding intent to agree to or to approve the contents of a document.

Electronic signatures are legal in the United States and many other countries. Our digital world demands that we have some method of signing documents without printing, physically signing, scanning, and delivering them to the other party. Electronic signatures are safe, inexpensive, fast, easy, and 100 percent legal.

Think about it, if you’re out of the office with no computer access, you can still sign documents through any device that has internet access via wifi or cellular networks. You can also take advantage of such features as documents that require multiple signatures, multi-party routing, document and signing order, and sequential and parallel flow. Advanced service providers offer complex workflow requirements such as document insertion, proxy signing, and paper-based review.

Businesses that want to be agile would do well to adopt electronic signatures as a standard. Electronic signatures fully enable your business to be agile and virtual. In fact, the requirement to physically sign documents might be the last holdout in moving your business to the cloud, to a global presence, or to "green" status.

And to further ensure your document and signature security, look for multi-factor authentication capabilities that augment usernames and passwords such as question and answer challenges, knowledge-based authentication, SMS passcodes, self-signed certificates, and Common Access Cards (CAC).

The ability to use electronic signatures enables you to do business quicker and with more people around the world. You can integrate electronic signature capability into your own applications and web sites to enhance your online transactions. Electronic signatures are a part of doing business in the digital age. And the technology is available to you today. It’s secure, fast, easy, mature, and ready to take your business to the next level. Who doesn’t want to make the leap to that desirable next level?

An electronic signature isn’t a fad or a luxury; it’s a thing. It’s handy, it’s smart, and it’s what you want to use in your business. That is it's what you want to use unless you live in pre-1869 or not in New Hampshire. "Siri, where’s the nearest telegraph office?"

Topics: Security, Enterprise Software

About

Kenneth 'Ken' Hess is a full-time Windows and Linux system administrator with 20 years of experience with Mac, Linux, UNIX, and Windows systems in large multi-data center environments.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

7 comments
Log in or register to join the discussion
  • Samsung has the first half, xkcd the other

    The Samsung half is the Galaxy Note series. I can sign a PDF using a stylus on my phone in about 30 seconds, and e-mail the resultant document to whoever I want. No other manufacturer has felt that a stylus was a legitimate input device, and thus don't have Wacom digitizers or equivalent, and no, those plastic stylus units that are sold for capacitive screens with the rubber-ish tip are *not* a substitute.

    xkcd's half: http://xkcd.com/927/. The problem with a so-called "digital signature" is the fact that, should it ever be necessary to be admitted into a court proceeding, the first question that the defense attorney would ask would be "how do you know it wasn't fraudulent/forged/heartbleed-affected?". Since the "I agree" checkboxes are of questionable legality as a legally binding contract, there needs to be more. I remember when filling out my FAFSA, I had to wait a few days for an envelope with a PIN to arrive so I could "sign" my documents. Somehow, 30 minutes of print/sign/scan seems a bit more friendly than several days. Other variants involve divulging personal information (e.g. SSN, DoB, account number, or a combination), or a keyfob, or something else that ultimately boils down to a single-factor "something you know" authentication. I remember the process to sign my FAFSA even after I'd gotten my PIN in the mail to be so obnoxious and annoying to deal with that every year thereafter, I mailed it in with my signature because it was *that* bad to deal with. Other digital signature methodologies span the spectrum from "convenient and easy enough to fake that the first time it goes to court, the company making the software will end up with a black eye" and "secure enough to make the FAFSA situation look appealing". Even if someone, somewhere, found the perfect balance, some of the most stagnant technology can be found in law offices and insurance brokerages, two places where 1.) signatures will be all but guaranteed to be needed, and 2.) places that are *still* using AOL and Windows XP.

    All the while, an ink signature is still legally binding, simple enough for basically anyone to do, doesn't require high end hardware or a "trusted" middleman, is universally understood, is difficult to forge (especially en masse), and gives defense attorneys less of a leg to stand on.

    Sorry, ink isn't going anywhere until those problems are solved. As for your telegraph instance, it was a wholly different era, in a different culture, with signatures meaning entirely different things, and to my knowledge, there was no Heartbleed et al that infected the telegraph network.

    Joey
    voyager529
    • There are cryptographic digital signatures, then there are . . .

      There are cryptographic digital signatures, then there are "digital signatures" that are made by people who haven't the slightest clue about cryptography.

      * A checkbox is not a real digital signature.
      * Putting in a PIN is not a real digital signature.
      * Disclosing PII is not a real digital signature.

      Sadly, I'm seeing a lot of digital "signatures" that probably are nowhere near as rigorous as cryptographic digital signatures.

      Checking for forgery is easy with cryptographic signatures: It's their primary purpose, in fact.

      Heartbleed only affected OpenSSL, as far as I know, and those certificates were specifically for the SSL protocol, not something used for digital signatures for electronic paperwork.

      It also didn't break the cryptography itself - it just made it theoretically possible to get the private keys, which are things that should be guarded very carefully. What you do in such a situation is to revoke the key and get a new one.

      There *ARE* actually standards - Adobe's products, as well as SharePoint, use them. Problem is an extreme lack of awareness of the standards, leading to too many people inventing their own "digital signatures," which is an extremely dangerous practice.

      "doesn't require high end hardware"

      Wha...?

      What is this, 1990?

      The cheapest PC on the market should be able to handle digital signatures. The cheapest smart phone should be able to handle digital signatures.

      The problem isn't how powerful the hardware is: Moore's law took care of that years ago.

      The problem is a lack of understanding of what should constitute a proper digital signature. Cryptographic digital signatures need to be used.

      "places that are *still* using AOL and Windows XP."

      You know what? Machines with AOL and Windows XP should be able to handle digital signatures. Somebody just needs to install the most recent version of Adobe Reader on it.

      "or a 'trusted' middleman"

      A trusted middleman may still be accepted in court. The "middleman" actually acts as a notary public.

      I think we can make digital signatures work. Sure, they have a long ways to go, but I think the problems are solvable.
      CobraA1
  • Our Enterprise deals with

    certain Federal regs where electronic signatures aren't allowed, however, you can sign your document, fax it to our office and we are allowed to accept that.
    hoppmang
  • One thing to note

    Digital signatures are different than electronic signatures. Electronic signatures are signatures that you provide electronically that use a certificate and signify that you have signed a document with authority to do so. A digital signature is a code that verifies the authenticity of a document. They're different although people are often confused and refer to electronic signatures as digital signatures, which they are not.
    khess
    • From a technical standpoint, the distinction is very small.

      "Electronic signatures are signatures that you provide electronically that use a certificate and signify that you have signed a document with authority to do so."

      . . . which requires that the document is verified to be authentic, otherwise a malicious actor could lift the signature from the document and apply it to one you didn't sign.

      The technical distinction is very small - in fact, the distinction is largely just a few bytes in the metadata that control how the document is displayed. The entire document should be cryptographically signed either way, otherwise the document should be considered suspect.
      CobraA1
  • I had to ask .....

    "Siri, where’s the nearest telegraph office?"
    I live in West LA - Siri is directing me to a dental group office 38 miles away.

    Sigh.......

    Ok Google .......
    rhonin
  • left out a few steps...

    First, the document sent for signing has to be signed (to ensure no changes)

    Second, the signature applied by recipient (with accept/notes/... + the entire document has to be signed (to ensure the signature...).

    Third, the returned document needs to be signed again for archival purposes to ensure no changes got in.

    So there really should be 3 signatures there at a minimum.
    jessepollard