Researchers have recently uncovered two major security flaws in certified Adobe PDF applications. These flaws leave organizations that use such PDF signatures exposed to a number of cyberattacks.
“Certified portable document format (PDF) files are used to securely sign agreements between two parties while keeping the contents’ integrity protected,” writes Becky Bracken in a recent Threat Post article. However, researchers from Ruhr-Universität Bochum “found vulnerabilities to two specific novel attacks they dubbed, ‘Evil Annotation’ (EAA) and ‘Sneaky Signature’ (SSA). Both allow an attacker to overlay malicious content (PDF) on top of the certified information without showing any signs it was altered.”
In quick summary, the EAA attack displays “malicious content in the document’s annotations and then sends it on with its digital signature intact. SSAs add malicious content over legitimate content in the PDF itself.”
The original research report further describes “how the attack classes EAA and SSA can be used to inject and execute JavaScript code into certified documents.”
The ThreatPost article concludes that “Certified signatures present a massive, potentially catastrophic, security risk for many organizations and the report urges PDF applications to work quickly to come up with wide-scale fixes.”
The ZorroSign Blockchain Solution
In light of this frightening security gap in Adobe PDF files, ZorroSign is proud to bring an alternative technology to the market for digital signatures. Our platform—built from the ground-up on Hyperledger Fabric blockchain—does not employ the Approval and Certification signatures built into PDFs to authenticate Adobe documents.
Instead, ZorroSign leverages distributed ledger technology (DLT) to securely record documents, workflows, users, and changes to our private, permissioned blockchain. This immutable record preserves chain-of-custody and provenance for agreements, contracts, documents, transactions, and any other digital workflow requiring signatures. And, equally important from a security risk management perspective, prevents any tampering to document annotations or adding content over legitimate content in the digital files themselves.
ZorroSign further deploys our patented 4n6 (“forensics”) token to each and every document—a unique technology seal that captures the chain of custody and an audit trail of the changes made to the document by the parties in the workflow, such as recording key authentication, security and validation information when an action took place.
This summer, ZorroSign will also deploy our new Z-Verify feature. The EAA and the SSA attacks are only possible because the PDF document is verified by itself. With Z-Verify, digital documents are checked against ZorroSign’s private permissioned blockchain record. Hence, the PDFs that are signed using ZorroSign can be cryptographically verified using the Z-Verify platform, preventing the EAA and SSA attack vectors.
Taken together, ZorroSign’s unique security architecture prevents the JavaScript code injection risks in Adobe PDF applications where the Ruhr-Universität report claims “the only requirement is that the victim fully trusts the certificate used to certify the PDF document.”
To learn more about the superior security of ZorroSign digital signatures and how we leverage blockchain technology and our proprietary 4n6 tokens to protect your data, contact us today!
Law firms of all sizes need legally-binding digital signatures, authenticated digital signers, the ability to track digital documents across multiple approvers and signers, and immutable audit trails to ensure digital agreements can withstand court scrutiny.
The rise of blockchain technology unites all of these capabilities for law firms and allows forward-thinking firms to gain competitive advantages in efficiency, client service, and operational cost-savings by leveraging blockchain solutions.
Blockchain for Law
Blockchains are distributed ledger technology (DLT) leveraging cryptography—user authentication, data encryption and verification—to secure information records (blocks) distributed across peer-to-peer (P2P) networks. DLTs replicate, share, and synchronize digital data geographically spread across multiple sites (nodes), with no central data storage or administrator. They can be run publicly (open) or privately (permissioned).
Public blockchains can readily be used as cryptocurrencies—creating and using a coin that serves as digital money. For example, Ether is the coin of Ethereum, Lumen is the coin of Stellar, and bitcoin is the coin of Bitcoin.
Private blockchains are commonly used as business apps. Here, an organization (or consortium of organizations) controls access to the blockchain—limiting its distribution but also elevating its security. While cryptocurrencies are often in the news for major purchases, market fluctuations, and hacks, blockchain business apps are often in the news showcasing how blockchain can shape business, government, healthcare, and many other industries including legal services.
Perhaps most importantly, blockchains can support smart contracts—where terms, conditions, and permissions written into the digital code that require an exact sequence of events to take place to trigger the agreement of the terms mentioned in the blockchain contract. This hard wiring, so to speak, of contract details greatly increases speed (via automation), trust (where accuracy and backup are built into the transaction), and autonomy (as no third parties are required to mediate or control the exchange) of transactions.
As such, blockchains have immense potential to transform business contracts, real estate deals, digital rights, supply chain security and provenance, estate planning, and many other legal transactions.
ZorroSign Uses Hyperledger Fabric for Privacy & Security
ZorroSign is built entirely on a blockchain architecture that protects identities and data—uniquely authenticating users, encrypting communications, and securing digital data immutably through its lifetime. Specifically, ZorroSign’s platform was built from the ground-up on private, permissioned Hyperledger Fabric: the framework for the IBM Blockchain Platform, Honeywell Aerospace’s marketplace for used aircraft parts, Walmart’s food traceability system, and many other corporate deployments.
For law firms that desire to securely transform paper-based workflows, ZorroSign’s digital signature and document management platform can decrease operating costs, reduce transcription errors, and increase attorney productivity. As a private blockchain, ZorroSign can ensure privacy is always maintained as only approved nodes (endpoint users) can write to ZorroSign’s blockchain. As a result, ZorroSign’s architecture has even tighter privacy and security measures than other blockchains.
ZorroSign for Law
While the legal industry has traditionally been very conservative when it comes to adopting new technologies, law firms today must serve a diverse, mobile, and technically savvy clientele.
“WE WERE LOOKING FOR A SOLUTION FOR OUR FIRM TO OBTAIN CLIENT’S ELECTRONIC SIGNATURES ON DOCUMENTS IN A VERIFIABLE MANNER. AFTER SPEAKING TO SEVERAL DIFFERENT COMPANIES THAT OFFERED THIS SERVICE, ZORROSIGN WAS THE MOST COST EFFECTIVE, THOROUGH, AND BEST PRODUCT OUT THERE TO MEET THE NEEDS OF OUR LAW FIRM. ESPECIALLY DURING THESE TIMES OF SOCIAL DISTANCING AND MANY CLIENTS ONLY HAVING ACCESS TO SMARTPHONES AT HOME, IT ALLOWED US TO OBTAIN SIGNATURES, PROCESS DOCUMENTS MORE QUICKLY, AND GET RESULTS FOR OUR CLIENTS IN A MORE TIMELY MANNER. I WOULD RECOMMEND ZORROSIGN TO ANY OTHER LEGAL PRACTICE!”
Rex L. Patterson
Attorney & Owner at Patterson Law
ZorroSign supports such firms and their clients by delivering:
Non-repudiation audit trails and full progress tracking, including when documents are completed, rejected, expired or canceled
Cost-savings from reduced printing, faxing, scanning, and overnighting documents
Total control and visibility of documents-in-progress
An easily deployed document retention policy
Law firms use ZorroSign and our blockchain-based digital business platform (DBP) for incorporation documents; retainer, fee and non-disclosure agreements; purchase agreements (assets, products, and services); complying with Sarbanes-Oxley Act (board minutes, transparency, audit trail); power of attorney and proxy agreements; engagement letters; partner agreements; shareholder agreements; licensing agreements; and so much more.
We believe our digital signatures and document management solutions to be the most private, most secure available and look forward to proving it to law firms around the world! Contact us today to learn more.
It has been a long-running criticism of cryptocurrencies that the data mining required to produce coins consumes an astonishing amount of electricity. “Bitcoin uses more electricity per transaction than any other method known to mankind,” said Microsoft founder, Bill Gates, in a live-streamed Clubhouse session with CNBC’s Andrew Ross Sorkin on February 24, 2021. “And so it’s not a great climate thing.”
With the public blockchains used for cryptocurrencies, mining coins requires complicated mathematical processing on high-end graphic processing units (GPUs), consuming energy both for calculation processing and cooling those GPUs down under heavy load.
“Scientists from the University of Cambridge Judge Business School recently built an interactive analysis tool to calculate the real energy cost of bitcoin cryptocurrency,” notes Caroline Delbert in a recent article in Popular Mechanics. “Using their energy use model, the researchers found that bitcoin mining uses more energy each year (130.00 terawatt-hours [TWh]) than the entire country of Argentina (125.03 TWh).”
Public Cryptocurrency Blockchains v. Private Enterprise Blockchains
An important distinction to make is that cryptocurrencies run on public blockchains—where anyone willing to mine can be an end-user (node), the process of mining is one of the highest areas of energy consumption, plus validating each new transaction across the broadly distributed network requires massive computing power. Together, this architecture “makes Bitcoin extremely energy-hungry by design, as the currency requires a huge amount of hash calculations for its ultimate goal of processing financial transactions without intermediaries (peer-to-peer),” explained Alex de Vriews in a 2018 Joule article. “The primary fuel for each of these calculations is electricity. The Bitcoin network can be estimated to consume at least 2.55 gigawatts of electricity currently, and potentially 7.67 gigawatts in the future, making it comparable with countries such as Ireland (3.1 gigawatts) and Austria (8.2 gigawatts).”
In contrast, private blockchains that are used for business applications (apps) do not require the mining of coins—private blockchains are not used for cryptocurrencies—nor do they support wide-open end-users (nodes) where huge networks require more computing power to validate each new transaction.
“The early blockchain protocols such as Bitcoin and Ethereum used proof-of-work consensus mechanisms, which required a lot of energy-intensive ‘mining’ of cryptographic puzzles. The creators probably never imagined them to become as popular as they did, or that they would consume as much energy as whole countries,” says Si Chen, part of the Climate Accounting and Certifications, Energy Working Groups at Hyperledger. “Enterprise Private Blockchain Platforms like Hyperledger Fabric do not run on Proof-of-Work consensus that is power hungry.”
ZorroSign has purposefully used the private, permissioned blockchain architecture of Hyperledger Fabric to build our digital platform.
Unlike Bitcoin and the cryptocurrency models for blockchain, Hyperledger Fabric is a next-generation architecture “with even lower electricity costs and attendant carbon footprints,” writes Michael Barnard in a CleanTechnica report. “Hyperledger Fabric centralizes block creation into a single resource pool and has multiple validators in the participants. It’s also not intended as a cryptocurrency platform, although VIVA did create a cryptocurrency with it. It’s an enterprise collaboration engine, using blockchain smart contracts and an externalized payment system where that’s necessary, allowing variants of net 30 terms most blockchain smart contracts don’t support.”
A white paper comparing blockchain architectures and their energy consumption requirements, The Energy Consumption of Blockchain Technology: Beyond Myth, was published by Johannes Sedlmeir, Hans Ulrich Buhl, Gilbert Fridgen, and Robert Keller in June 2020. Their research charted energy consumption of power-hungry public blockchain proof-of-work (PoW) coin mining (far right bar) versus the much lighter energy consumption of enterprise blockchains like Hyperledger Fabric (center bar):
Hyperledger Fabric’s architecture is so completely different than the mining and broadly distributed model of bitcoin that it can operate faster with far, far lower energy consumption rates. “Hyperledger Fabric runs on Kafka consensus, capable of running on normal enterprise-grade servers that neither require any special or demanding hardware requirements or are power hungry.” (Stack Overflow)
Lower Energy Costs, Higher Transaction Speeds
This combination of speed and energy-efficiency makes Hyperledger Fabric the ideal architecture for ZorroSign’s blockchain platform. A quick comparison of enterprise blockchains shows Hyperledger Fabric’s considerable advantage in transaction speed:
“ZorroSign is committed to having a positive impact on our environment,” says ZorroSign CEO and co-founder, Shamsh Hadi. “We are proud to use Hyperledger Fabric as our blockchain architecture. Not only does this private, permissioned approach bring greater privacy and security to our users, but the environmental costs of operating a private enterprise blockchain—like Hyperledger Fabric—is magnitudes lower than the high energy consumption required of public blockchains like Bitcoin and other cryptocurrencies.”
To learn more about ZorroSign’s blockchain architecture, our commitment to environment conservation, and how we deliver greater privacy and security for digital signatures and documents, contact us today!
Blockchain technology can better secure supply chains and digital transactions.
December 2020 brought a flurry of news stories around the massive cyber attack on the U.S. government. Called the Solar Winds Orion Supply Chain Compromise, or the Great Supply Chain Hack, this evolving story reflects the risks even sophisticated networks—like those run by the federal government—face when dealing with attackers deploying anti-forensic techniques, user impersonation, privilege escalation and persistence, and MITRE ATT&CK® techniques.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert on December 17th on the advanced persistent threat (APT) to government agencies, critical infrastructure entities, and private sector organizations, saying the attack began in at least March 2020 and the attacker “demonstrated sophistication and complex trade craft in these intrusions. CISA expects that removing the threat actor from compromised environments will be highly complex and challenging.”
A December 21st NPR article says the “list of affected U.S. government entities reportedly includes the Commerce Department, the Department of Homeland Security, the Pentagon, the Treasury Department, the U.S. Postal Service and the National Institutes of Health.” Plus, the Department of Energy acknowledged its computer systems had been compromised, though not the critical National Nuclear Security Administration systems.
“Hackers exploited the way software companies distribute updates, adding malware to the legitimate package,” note NPR reporters Bill Chappell, Greg Myre, and Laurel Wamsley. “Security analysts said the malicious code gave hackers a ‘backdoor’—a foothold in their targets’ computer networks—which they then used to gain elevated credentials. Solar Winds traced the ‘supply chain’ attack to updates for its Orion network products between March and June.”
“This is looking like it’s the worst hacking case in the history of America,” says one U.S. official, speaking on condition of anonymity. “They got into everything.”
In this environment of fear and reaction, the promise of distributed ledger technologies offers an appealing new approach to digital security. For example, blockchains have quickly been embraced as a solution for improving supply-chain security for data, communications, and logistics.
The emerging technology of blockchain “adds layer of security to movement of critical components,” claims SAIC, an American government contractor. “We see blockchain as a transformative technology to protect elements of supply chains.”
“Blockchain can greatly improve supply chains by enabling faster and more cost-efficient delivery of products, enhancing products’ traceability, improving coordination between partners, and aiding access to financing,” says Vishal Gaur and Abhinav Gaiha in a Harvard Business Review article. “There is considerable room to improve supply chains in terms of end-to-end traceability, speed of product delivery, coordination, and financing. Blockchain can be a powerful tool for addressing those deficiencies.”
“It’s about time we start talking about the advanced methods of privacy and security we can ensure on blockchain,” adds Shamsh Hadi, CEO and co-founder of ZorroSign, Inc. “How many times do we need hacks to happen before we finally ask the right questions?”
For governments organizations and companies that require secure digital transactions, ZorroSign’s digital signature and document management platform can decrease costs, reduce errors, and increase productivity. Unlike other electronic signature solutions, ZorroSign’s platform is built on a private, permissioned Hyperledger Fabric blockchain architecture to secure digital assets and deliver security certificates with robust audit trails and lifetime document escrow.
“Ultimately, blockchain technology helps make digital transactions more secure, faster and less expensive,” says Hadi.
Learn how blockchain can more securely manage your organization’s digital signatures and documents—contact ZorroSign today.
ZorroSign provides the ultimate security in digital signatures, built entirely on a blockchain architecture that protects identities and data—uniquely authenticating users, encrypting communications, and securing digital data immutably through its lifetime.
“We are proud to deliver a mature blockchain solution for digital signatures that is cost-effective and more secure than any encrypted e-signature technology that relies upon public-key infrastructure for security credentials,” says ZorroSign co-founder and CEO, Shamsh Hadi. “ZorroSign’s platform efficiently leverages blockchain to protect online identities and documents such as business agreements, government files, healthcare records, and other legal evidence stored in digital formats.”
For governments, companies, and individuals that desire to securely transform paper-based workflows, ZorroSign’s digital signature and document management platform can decrease costs, reduce errors, and increase productivity. Unlike other electronic signature solutions, ZorroSign’s platform is built on privately-permissioned Hyperledger Fabric to secure digital assets and deliver security certificates with robust audit trails and lifetime document escrow.
“ZorroSign’s solution is uniquely scalable and secure,” adds Arra Yerganian, strategic advisor and acting chief growth officer for ZorroSign. “Whereas other companies might struggle with the costs and complexities of blockchain architecture, ZorroSign is that rare, viable enterprise using blockchain as our core technology to meet those challenges with a fast system able to grow as our customers require.”
Blockchain’s adoption has begun to accelerate the past few years. “JPMorgan says it has used it commercially for the first time to send payments,” writes John Detrixhe, senior reporter at Quartz. “Executives at the biggest US bank by assets say those systems can grow in scale.”
We invite you to let us prove how blockchain can more securely, more cost-effectively deliver post-execution fraud detection, verification and authentication of legally binding electronic signatures, and securing digital documents. Visit ZorroSign.com or contact us today!
“Modern digital technology that supports information sharing,
communication, collaboration, and learning are
central to daily living and to the function of government.”
~Teri Takai, Executive Director at the Center for Digital Government
Local governments in the United States such as counties, municipalities, and school districts serve the public with codified processes for business, education, health and safety, law enforcement, property development, transportation, utilities, and more. The sheer volume of legal agreements, licenses, permits, records, and reports are daunting to manage, and digital solutions are becoming more and more necessary to effectively administrate public services.
Further, local governments know the value of operating more efficiently both in cost-savings (by reducing administrative costs in paper, printing, reproduction, storage, etc.) and in resource allocation (by being able to serve more constituents with the same resources). Technology solutions that speed clerical work, reduce errors, and lower administrative costs can readily generate a return on investment for the public.
As local governments strive to move paper administration to digital environments, privacy and security become top priorities. Beyond simply digitizing forms, processes, and records, these government organizations must:
Validate end users as constituents engage digital public services
Authenticate digital data as it is moved between users and offices
Secure digital documents for storage, archiving, and retrieval—ensuring immutability with non-repudiation audit trails and post-execution fraud/tamper protection
Digital Benefits for Local Governments
The COVID-19 pandemic has accelerated local governments’ need to move to digital services.
“When offices were forced to close, many local governments were unable to conduct business without physical access to legacy systems, holding up everything from building permits to license renewals and access to land records.” ~Doug Harvey, VMware Head of U.S. State & Local Governments & Education
As local governments add remote administration capabilities, the promise of digital transformation is tremendous. Large municipalities to the smallest administrative districts can leverage digital signature and document management software to protect the chain of custody (CoC) for documents and securely review, approve, archive, and retrieve:
Across-agency or inter-department agreements
Architecture and engineering drawings/schematics for construction permits
Benefits administration programs and processes
Certificates of occupancy
Court decrees and orders
Facilities management forms
Housing programs and building permitting management
Licenses for alcohol, auctions, business, construction, farming, plumbing, restaurants, retail, valet services, etc.
Logistics and procurement processes
Permits for building, carnivals and fairs, exhibit and trade shows, explosives, fireworks, gas, hazardous waste, hospitals, lumber, medical facilities, nursing homes, public assemblies, waste handling, etc.
Public health programs administration
Purchase agreements for public assets, products, or services
ZorroSign blockchain digital signature, a secure, encrypted platform provides a means for local governments to digitize records—eliminating duplication errors, streamlining clerical work, decreasing costs and time spent, and ensuring public record immutability for legal enforceability and transparency.
ZorroSign’s primary focus is the security and privacy of our customers’ data. We deliver such privacy and security with our digital signature and advanced digital transaction management (DTM) platform.
How?
Because unlike any other digital signature or DTM solution, ZorroSign was built from the ground-up on private permissioned blockchain, which is Hyperledger Fabric.
What is Hyperledger Fabric?
“Hyperledger Fabric is a modular blockchain framework that acts as a foundation for developing blockchain-based products, solutions, and applications using plug-and-play components that are aimed for use within private enterprises,” notes Will Kenton in Investopedia. “Because Hyperledger Fabric is private and requires permission to access, businesses can segregate information (like prices), plus transactions can be sped up because the number of nodes on the network is reduced.”
Hyperledger emerged as an open-source collaborative effort, hosted by The Linux Foundation, to advance cross-industry blockchain technologies and improve trust, transparency and accountability. Hyperledger Fabric distributed ledger technologies (DTL) are:
Used by Honeywell Aerospace to create an Amazon-type marketplace for used aircraft parts
Used by Walmart to create a food traceability system—decentralizing its food supply ecosystem to quickly find the source when an outbreak of a food-borne disease happens
Deployed by Change Healthcare to demonstrate the feasibility of using Hyperledger Fabric to process hundreds of healthcare transactions per second
How does Hyperledger Fabric Ensure Privacy & Security?
Hyperledger Fabric blockchains are permissions-based and requires all users to authenticate themselves before making requests to read or write into the distributed ledger (i.e., the “blocks” on the “chain”) or taking any action that adds to the blocks on the distributed ledger.
As a private blockchain, ZorroSign can ensure privacy is always maintained as only approved nodes (endpoint users) can write to ZorroSign’s blockchain. This is opposed to public blockchains—like Bitcoin and Ethereum—where anyone can be an endpoint and write to the blocks.
As a result, ZorroSign’s architecture has even tighter privacy and security measures than other blockchains.
Further, if users make a change to the information recorded in one particular block of a blockchain, they cannot rewrite that block—instead the change is stored or recorded in a new block along with the date and time of the change, permanently capturing the chronological changes to the document.
ZorroSign’s patent-pending 4n6 (“forensics”) token is a kind of digital seal that captures the complete audit trail and the document’s DNA. The token is encrypted and contains information on all the details about the transaction including time stamps, user authentication, document, and attachments. The 4n6 token securely reads the information from the secure ZorroSign servers so it can be accessed by the document originator or third parties (with permission from the originator) when requested. The 4n6 token allows ZorroSign to manage permissions as to who gets to see what level of information about the transaction and the document.
Finally, the 4n6 token stores the ZorroSign security encryption certificates, which—unlike other digital security certificates—never expire.
Benefits of Private, Permissioned Hyperledger Fabric Architecture
The key benefits of ZorroSign’s blockchain architecture and 4n6 token technology thus include:
Immutability—A chronological record (with date and time stamps) of all transactions in multiple copies on the ledger are maintained to avoid any doubt or ambiguity. This chronological chain provides a robust chain of custody and audit trail capabilities. Blocks cannot be rewritten, edited, or deleted—only added to the ledge—and so ensure document immutability.
Privacy—Permissions-based private blockchain security and privacy of the users’ information (i.e. PII, PHI, etc.) by only allowing permissioned individuals to have access to the transaction.
Fraud Prevention—ZorroSign’s proprietary 4n6 token can readily detect any document fraud, document tampering, or signature forgery (as a tamper seal that runs on the blockchain).
Lifetime Escrow—While competitors often use third-party digital security certificates that expire every two years, ZorroSign issues its own certificates that never expire for lifetime document escrow.
ZorroSign’s blockchain architecture, built on Hyperledger Fabric, ensures that all aspects of all transactions are recorded on a private permissions-based blockchain—creating an immutable, non-reputable record of the transaction and the executed document. And delivering unmatched privacy and security the organizations using our digital signatures and advanced DTM platform.
The increased popularity of, demand for, and mainstream use of electronic signature is the result of the global “go digital” movement, significant enhancements in the technology, and governments passing laws to go completely digital in the near future. It does not suffice to use an image of your signature as an “intent to sign” or use incomplete electronic signature solutions that do not include an audit trail. Security, privacy, legal acceptability, signatory attribution, and authenticity of electronic signatures, electronic records, and document transactions have become key decision factors for users in legal, financial services, real estate, insurance, banks, healthcare industries and more.
In this article we outline the clear competitive advantage that ZorroSign has over its competitors, their products and why we believe we have developed the most advanced electronic signature and digital transaction management platform, that was created to meet the past, current and future needs of both the private and public business sector.
ZorroSign Competitive Advantages
ZorroSign is an advanced Digital Transaction Management (DTM) platform. There are less than a handful of competitors who may qualify as DTM providers, but studies show that those solutions do not meet basic DTM requirements of many customers. ZorroSign, on the other hand, is considered an Advanced DTM due to its enterprise-grade workflow automation, workflow builder, content automation, bank-grade security, built-in Document Management System, and intelligent forms.
ZorroSign uses (patented) true legally-binding electronic signature with real digital information vs our competitors who simply superimpose a flat image of a signature on a document. It’s about capturing intent to sign a document vs actually signing a document.
We use high level security provisions and multi-factor authentication (including biometrics) to ensure signatory attribution. This is increasingly becoming a problem when it comes to legal matters.
Our proprietary technology, the Document 4n6 (forensics) Token, detects document fraud tampering and signature forgery. It is a tamper seal that runs on the Blockchain.
Our competitors use 3rd party digital security certificates that expire every two years. ZorroSign is authorized to issue its own certificates and they never expire. We call it Lifetime Document Escrow.
ZorroSign is a true Advance DTM platform complete with workflow automation and exception handling.
ZorroSign is built on permissions-based private Blockchain technology. We take advantage of its security, privacy and trust features to manage all our customer’s document signature transactions.
For ZorroSign, privacy and security are at the core of everything with do. We think security and privacy first for every product design, policy, and business practice decision. We use bank-grade security protocols, AES Encryption, biometrics, MFA, and other heuristics for handling our customer’s document signature transactions.
For a complete competitive analysis including analysis of a particular ZorroSign competitor, please contact our customer advisors.
Disclaimer: All competitive information is based on publicly available information. When reviewing competitive information including pricing, please consider that products are continuously enhanced and modified by vendors and pricing published on the website is MSRP. ZorroSign does not disclose product roadmap and features that are in development and not yet released to the general public. ZorroSign also does not disclose feature-by-feature comparison for the same reason.
In recent years, Blockchain technology has become popular mainly because of its application in Crypto Currency. However, there is proven research as to the feasibility and application of this technology. It is widely believed that Blockchain technology addresses the most important part between two parties transacting online being Trust.
In this blog post I will provide a brief introduction to Blockchain, along with how Blockchain can be used in different situations in various industries. We feel it’s important for our customers to have the fundamental knowledge on this topic since ZorroSign is built using Blockchain technology to take advantage of its various unique features specifically related to privacy, security, and sanctity of their users and their electronically signed documents.
Important terms that will be used in the post are:
1. Transaction: Is when one or more users act on a single document set by means of acknowledging its receipt, filling out required information, signing it, putting initials and date. A transaction has a starting point and an ending point which is defined by means of a workflow.
2. Distributed Ledger: An entry is logged into a ledger by authorized user when an action is taken on a document set as part of a transaction.
3. User: A user is a person who has permission to view, manipulate, take action on, or otherwise process the document set as part of a transaction. A user is part of the workflow.
4. Workflow: The process that connects one or more users to take action on a document in a particular sequence. A workflow may have a time limit, example a person has 5 days to sign a document.
5. Action: Users in the workflow can take any number of actions on a document set as part of a transaction. Actions include sign, initial, date, put a checkbox, or fill out information.
6. Chain of Custody: During a single transaction a document may be passed from one signatory to another for processing, form filling, signature, and approval. Each user in the workflow represents a link in the chain of custody.
7. Private Blockchain: Implementation of Blockchain that is not on a public ledger to ensure privacy. Access to the platform and eventually to the ledger and its content for any specific transaction is restricted to only authorized individuals.
8. Public Blockchain: Implementation of Blockchain that is on a public ledger. Access to the platform, the ledger and its content for any specific transaction is available for all to see.
9. Crypto Key: A string of bits used by a cryptographic algorithm to transform plain text into cipher text or cipher text into plain text. Separate, but related crypto or cryptographic keys make up Public and Private keys.
10. Public Key: Information public and accessible by everyone in the workflow. However, the Public Key encryption can only be decrypted by the matching Private Key.
11. Private Key: Confidential and known only to the respective owner.
Now that you are familiar with basic terminology, let’s dive into the details.
What is Blockchain?
In its simplest form, Blockchain is a shared fixed ledger for recording transactions. ZorroSign has extended the concept of Blockchain to have the highest levels of security and privacy protecting the sensitive information and identities of authorized individuals in the network who have permission to access the content stored in the ledger.
Blockchain is a digital record where all transactions are recorded in the order of occurrence and where the next record is linked and related to the previous record. It is a continuous database of records that can only be added to and never edited or deleted. In layman’s terms, Blockchain allows businesses to secure and validate a digital asset, like a contract, enabling the enforcement of ownership or authenticity.
Characteristics of a Blockchain
The noteworthy characteristics of a Blockchain are:
Indelible: The most important and distinctive property of blockchain. Once a transaction is written into a block, it can never be erased or modified by anyone, including the person who wrote the transaction.
Globally Readable: Anyone who has permission to view the transaction can read what it contains and everyone sees exactly the same contents.
Accept Rules Based Rights: Any chosen party can write into the blockchain as long as it respects the predetermined rules set out for that transaction.
Strictly Ordered: There is no ambiguity of the transaction. The audit trail will clearly show which block of data came first and which came second.
Use Cases for Blockchain
Wondering how Blockchain works in the real world? Here are some practical applications:
Banking: Financial transactions from opening an account to money transfers.
Health care: Medical records and drugs composition.
Real Estate: Track real estate transactions and tracking maintenance and upgrade of properties.
Supply Chain Management: Tracking food supply from “farm to dining table.”
Contract management: Chain of Custody, Audit trail, and entitlement tracking.
Retail: Protect consumers against issues of product authenticity. Using Blockchain retail consumer goods can be tracked, eliminating the risk of consumers receiving counterfeit goods.
Electronic Voting: Voter registration, personal identity, and voting records.
Digital Identity: Securing and keeping track of your Personally Identifiable Information (PII).
Diamond Industry: Using immutable tamper proof digital ledger, record: color, carat, certificate number (inscribed by laser on the crown or girdle of the stone), and origin in order to increase supply chain efficiency and eliminate conflict diamonds from market. Makes it possible to track diamond from origin to consumer.
Blockchain is NOT BitCoin
Cryptocurrency like BigCoin uses Blockchain, but they are not the same. Blockchain is not cryptocurrency or Bitcoin. Rather, cryptocurrencies and Bitcoin use Blockchain to secure transactions and publicly record them in a distributed ledger.
Advantages of Blockchain
Blockchain is important because it has unique qualities that set it apart from other transaction database management systems. Specifically, ZorroSign’s Blockchain is private, permissions-based decentralized system that is secure, trusted and automated with bank grade security. Ultimately, Blockchain technology helps ZorroSign make transactions more secure, faster and less expensive.
ZorroSign’s 4n6 (forensics) Token uses a private permissions-based blockchain to deliver verification, security, audit trail along with a lot more features. Users who access a ZorroSign’ed document through appropriate permissions can scan the 4n6 Token and request access to view the documents audit trail. For the 4n6 Token, the individuals in the workflow always have access to the document. Access to any external parties is limited to viewing the content of the document, its attachment, and audit trail and is based on permissions approved by the originator of the transaction.
Now that you better understand the ZorroSign 4n6 Token, you understand how Blockchain technology delivers document verification.
In our 24/7, mobile, competitive global business environment, being able to conduct business fast is critical. That means executing business documents efficiently and securely is important for businesses in any industry. Along with document execution, having processes that eliminate errors and cut costs are just as important. Adopting a DTM solution for your business is the answer. This means execute all types of documents and get approvals quickly, securely and with legally binding signatures on documents while eliminating errors and cutting costs.
There are solutions in the market that simply handle collecting signatures, some capturing digital copies of your signatures and some only capturing intent to sign from multiple parties. Then there are advanced DTM solutions like ZorroSign, that go beyond collecting legally accepted signatures from multiple parties. They handle various document signing ceremonies, help secure approvals, handle complex workflows and routing of these documents using automation like exception handling. Here is what you should look for in an advanced DTM solution.
Legally accepted Electronic Signature and Digital Signatures
Post-execution fraud detection of documents
Full audit trail and chain of custody
Document Management System (DMS)
Content Automation, Workflow Management, and Rules Engine
Intelligent Forms
Security, Trust, and Global Compliance
Advanced Security and Biometrics
Below we have listed eight ways an advanced DTM can help businesses go digital.
1. Automation – Full automation saves time, money and avoids errors. Using a DTM platform can improve workflows and approval processes by automating document routing and processing. It can also connect one or more systems by providing interfaces between different applications by integrating the workflows using ZorroSign API. Automate your workflow with one click, assign to the correct people, send reminders, collect approvals and signatures without manual work.
2. Cost Savings – Save trees, water and office supplies,while reducing carbon emission and potentially even insurance premiums.
With automation comes savings of time, space and money. By specifying conditions and rules in a workflow, you can avoid costly errors that people typically make when executing documents. Outside of immediate cost savings from cutting back or discontinuing the use of consumables like, printers, toner, scanners, ink pens, paper, postage, and file storage, companies also see enormous labor related savings and decrease of insurance premiums from lowering their fire risk by eliminating paper file storage. Automating processes using a DTM solution cuts back on time demands, thus increasing capacity and output.
Interested in better understanding how your company can impact the environment, check out ZorroSign’s Environmental Savings Calculator and estimate savings per year in terms of trees, water, Carbon emission, time, and cost.
Along with positively impacting the environment, your company can save money by adopting a DTM solution. Learn more about the business impact of using office paper for business here.
3. Timely Execution – Decrease process time.
The DTM workflow allows the process owner to view and set time limits on each stage of the signatory process. Track a document from the start of the execution process through to the end with either user specific or document specific workflows and take advantage of automatic reminders.
4. Increased Efficiency – Time saved.
Through the use of an Advanced DTM solution, companies are able to save time spent on retrieving documents, managing the signature process and managing multiple versions of documents and templates.
5. Reduce Errors – Decrease opportunity for human mistakes.
Using a DTM solution can reduce decision fatigue, environmental distractions and pressure to meet deadlines, consequently improving accuracy. Even the best, most experienced employees make errors. However, DTM systems support templates that ensure that the information is captured correctly 100% of the time. A DTM system also enables the user to validate data in real-time, allowing for potential corrections to be made on the spot.
6. Checks and Balances – Identify bottlenecks and audit your processes.
The workflow system within ZorroSign DTM allows for a graphical representation of where a document is in a specific workflow, allowing for process controls and monitoring of each document process and chain of custody. With the introduction of a DTM solution into a workflow comes the ability to monitor and track the progress of eSignature transactions at every step, in real time. This will also allow the workflow owner to identify bottlenecks and make appropriate adjustments to the process in order to increase efficiency where possible and ensure accountability throughout the workflow.
7. Audit Trail – Non-repudiation audit trails and full progress tracking.
With ZorroSign real eSignature solution, ZorroSign users can be 100% confident their documents have been executed with tamper-proof security and enforceability of documents of both digital and printed versions of your documents. . ZorroSigned documents create a non-repudiation audit trail, that include full progress tracking and bank-grade security using the Blockchain.
8. Compliance – Comply with all regulations, regardless of industry.
A reputable DTM solution will be compliant with international laws & regulations such as, E-Sign Act, UETA, HIPAA and GDPR. Advanced Digital Transaction Management solutions, eSignature solutions and digital signature solutions should also improve a company’s ability to remain compliant with their own industry specific rules and regulations.
Be an early adopterof ZorroSign’s DTM solution and take advantage of using a eSignature solution. Global businesses are quickly adopting Digital Transaction Management solutions as these solutions have already proven the ability to deliver immediate and immense benefits. Get ahead of the crowd, let ZorroSign help you lead your digital transformation, click here to schedule a demo today.
