- Published on
Common Questions (and Answers) About Digital Signature Technologies
- Michael Jones
We are proud of our multi-chain blockchain platform at ZorroSign—delivering digital signatures paired with identity-as-a-service (IDaaS) technologies, a patented fraud prevention solution, AI/ML-driven form completion, and customizable workflows to ensure the highest privacy, security, and compliance for your digital transactions!
But while we live-and-breathe digital signatures, you might still be learning how digital signatures work and what benefits they might bring to your organization. We can help!
Below find some common questions we hear about digital signatures and short answers to get you started . . .
- 1. Are digital signatures legally accepted/enforceable like paper-based signatures?
Yes! Back in 2000, the U.S. passed the Electronic Signatures in Global and National Commerce (ESIGN) Act along with the Uniform Electronic Transactions Act (UETA) granting electronic signatures the full strength and legality of paper-based “wet” signatures. As such, digital signatures are valid in all 50 U.S. states, plus most countries around the world.
Beyond the United States, Australia’s Electronic Transactions Act, Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), China’s 2004 Electronic Signature Law, the European Union’s Directive 199/93/EC, India’s Information Technology (IT) Act 2000, Japan’s Law Concerning Electronic Signatures and Certification Services, New Zealand’s Electronic Transactions Act, the UAE’s Federal Law No. 1 of 2006 regarding Electronic Transactions and E-Commerce, the United Kingdom’s Electronic Communications Act and subsequent Electronic Signatures Regulation 2002, all regulate and support the legal enforceability of digital signatures around the world.
- 2. Why do companies, governments, or other organizations typically switch from paper-based to digital signatures?
Public and private organizations move to digital signatures for many different reasons, for example:
- Some switch to save the costs of paper-based document printing, copying, couriering, and storage
- Some switch to speed transaction workflows, document signing ceremonies, and execution of legal agreements
- Some seek to improve regulatory/quality compliance with the digital management of transaction and personal information
- Some want to improve the privacy and security of documents and transactions through digital encryption and security protocols
- Some aspire to improve customer/constituent experiences with digital and mobile operations
- Some are looking for the competitive advantage digital operations bring with all these benefits
Why are you considering the move to digital signatures?
- 3. With digital signatures, how do we know the person signing is really who they say/are supposed to be?
While some digital signature platforms grant access via simple username and password, the industry standard is two-factor authentication and rapidly evolving to MFA with password-less logins.
With ZorroSign, we’ve integrated identity-as-a-service (IDaaS) technologies to verify users, for example:
- ZorroSign technology leverages the biometric capabilities of hardware endpoints to verify user identities.
- ZorroSign is the first to adopt password-less login amongst our digital signature competitors.
- ZorroSign MFA provides maximum security, as before a user can sign a document, our platform can validate multiple dimensions of authentication based on the transaction security needs, such as:
- What you know (i.e., your ZorroSign login password),
- What you have (e.g., your laptop or mobile device),
- Who you are (e.g., biometrics such as fingerprints or eye iris on the device securing who can access it), etc.
- Additionally, ZorroSign users can optionally use our dynamic knowledge-based authentication (KBA) feature—provided by LexisNexis—which requires the knowledge of confidential information of the individual to prove that the person providing identity information is the actual person.
These technologies secure the endpoints of our private, permissioned Hyperledger Fabric blockchain architecture where only approved nodes (endpoints) are allowed to access our distributed ledger system.
- 4. How Does ZorroSign Use Blockchain and Web3 Technologies for Digital Signatures?
ZorroSign is the first company that offers a multi-blockchain platform to secure, track, and manage your digital signatures, transactions, and documentation!
Since 2000, several technologies have come to market to deliver digital signatures, but when a distributed ledger technology—or DLT, such as blockchain—is used for digital signatures, signers gain the unique advantages of:
- Privacy — with a private blockchain, only participants to the transaction can see details of the transaction, and those participants share equal access to such details
- Immutability — all records and changes are tracked and cannot be changed, providing important chain-of-custody audit capabilities for courts
- Security — all records are individually encrypted and distributed for better protection from phishing and ransomware attacks
ZorroSign was built from the ground up on Hyperledger Fabric to deliver digital signatures with the superior privacy and security of blockchain.
And we recently announced a partnership with Provence Blockchain to add their DLT to our architecture as well, effectively becoming a multi-chain blockchain platform.
Assuming contracts are critical to your business or organization, then a secure, reliable solution for contract lifecycle management (CLM) is imperative and blockchain supports CLM in amazing ways.
Strong CLM solutions must include visibility (a dashboard or overview of where individual contracts are in the life cycle), integration with communications and storage systems, automation (as few contracts start from scratch—most are iterations of previously created agreements), and of course change tracking to readily see how contracts changed during negotiations and what final version was executed by all parties.
With our blockchain architecture, ZorroSign’s platform unites and uniquely delivers:
- Digital signatures via Z-Sign to quickly execute legally binding contracts
- Patented Z-Forensics token to prevent fraud and tampering
- Z-Flow workflow automation to quickly build templates and approval chains
- Z-Fill leveraging ZorroSign’s artificially intelligent, machine-learning engine
- Z-Verify to know exactly who signed what and when, with full validation of every document’s authenticity and immutability
- Z-Vault to securely store contract and transaction records immutably on blockchain
ZorroSign’s platform can be accessed via PCs and mobile devices, allowing your legal department, operations and procurement teams, and sales teams to efficiently generate, negotiate, communicate, and sign agreements. And with our Z-Vault, contracts reside on an immutable document management system (DMS) where they can be saved, searched for, and managed easily from a single, intuitive user interface.
- 5. How Do Digital Signatures Meet International Privacy and Security Compliance?
At ZorroSign, we are proud to make the security and privacy of our customers’ data our top focus.
Our unique combination of security architecture and data privacy functionality grants ZorroSign compliance across international standards for privacy and security, including but not limited to:
- Canada: The Personal Information Protection and Electronic Documents Act (PIPEDA)
- Canada: The Uniform Electronic Commerce Act (UECA)
- EU: Data Protection Regulation (GDPR) for data privacy and security
- EU: The electronic IDentification, Authentication and trust Services (eIDAS) regulation
- India: The Information Technology Act 2000 (IT Act of India)
- International Standard on Assurance Engagements (ISAE) No. 3402, Type II audited
- International Organization for Standardization (ISO) 27001 certified
- PDF Advanced Electronic Signatures (PAdES) is a set of restrictions and extensions to PDF and ISO 32000-1
- UAE: Federal Law No. 1 of 2006 regarding Electronic Transactions and E-Commerce granting electronic signatures legal force and effect
- USA: American Institute of Certified Public Accountants (AICPA) SOC 2 Type I audit
- USA: California Consumer Privacy Act (CCPA)
- USA: Department of Commerce’s National Institute of Standards and Technology (NIST) encryption standards
- USA: The Digital Millennium Copyright Act (DMCA)
- USA: The Electronic Signatures in Global and National Commerce Act (E-Sign Act)
- USA: FDA Title 21 of the Code of Federal Regulations; Electronic Records; Electronic Signatures
- USA: The Health Insurance Portability and Accountability Act (HIPAA)
- USA: The Uniform Electronic Transactions Act (UETA)
We invite you to request a copy of our ZorroSign Security Brief for details on our private blockchain architecture, document storage and protection, and platform security measures.
- 6. How much does it cost to try digital signature software and learn if it’s right for me?
ZorroSign offers a free 14-day trial license to test out our features, securely sign digital documents, build templates and approval workflows, and store your transaction data on blockchain.
No credit card required, visit our Free Trial page to get started!