In today’s global economy, there are lots of bad actors and threats to your digital information. Whether you work for a government agency, a business, an IT department, a law firm, a financial service provider, or just about any other organization generating and storing digital data, your information—and your customers’ or constituents’ information—must be protected.
ZorroSign’s U.S. headquarters in Phoenix, Arizona brings blockchain technology to U.S. companies, organizations, and individuals signing digital documents and executing transactions digitally.
“If you’re looking for a secure way to transact with third parties or multi-parties,” says Robert Vera from GCU‘s Canyon Ventures Center for Innovation and Entrepreneurship, “ZorroSign is that technology that you need to have confidence that your transactions are secure in today’s environment.”
If you’re ready to try ZorroSign’s multi-chain blockchain platform for yourself—for superior privacy and security for all your digital signatures and transactions—start a Free Trial today!
Our CEO and co-founder, Shamsh Hadi, was recently interviewed by two technology news outlets—Tech Channel News and TahawulTech.com.
Tech Channel News helps C-level executives in India and Gulf identify technologies and strategies to empower and streamline business processes. Their portal at techchannel.news informs leaders of what’s new in tech and why it matters.
TahawulTech.com, published by CPI Media Group, is the definitive platform in the Middle East for IT content. Covering stories across enterprise technology, cybersecurity and the region’s IT channel industry, TahawulTech.com brings business leaders and technology decision makers together to share their stories of transformation.
Here are short summaries of those interviews and links to read the original pieces!
ZorroSign Making Waves in Digital Signature Space Using Blockchain Technology
In April 2022, Tech Channel News’ Naushad K. Cherrayil interviewed Mr. Hadi on how ZorroSign safeguards the privacy and security of digital documents, and provides an immutable chain of custody for digital transactions, for governments and organizations in the Gulf Co-operation Council (GCC) countries.
The article notes that there are “huge players in the digital signature space, but none of them have figured out how to cost-effectively map their legacy software in technologies and evolve it into Web 3.0 and blockchain solutions today.”
“We have solved all these problems,” said Hadi. “Successfully bringing blockchain to digital signatures—unlike other competitors, big and small, who simply tried to add blockchain onto their legacy software.”
The article explores ZorroSign’s roots in Dubai with development in Sri Lanka, moving the company’s global headquarters to Phoenix, and standing out from the crowd in a competitive eSignature space.
“Our platform was invented to move documentation, digital transactions from a relationship built on trust to a relationship built on truth, providing customers the ability to positively impact the environment with sustainable practices and securely transform their paper-based workloads to digital in a bid to remove errors and increase productivity,” Hadi added.
Tech Channel News uncovers how ZorroSign leverages blockchain’s zero-trust environment to support governments in the Gulf who are looking specifically for blockchain solutions, noting “two countries that are pushing forward are the UAE and Saudi Arabia.”
In May 2022, TahawulTech.com’s Anita Joseph interviewed Mr. Hadi on how ZorroSign not only provides digital signatures built on a blockchain architecture, but also integrates identity-as-a-service (IDaaS), biometrics, KBAs, and patented Z-Forensics token to prevent fraud and address identity theft risks.
Ms. Joseph also starts with ZorroSign’s founding in Dubai and how HH Sheikh Mohammed bin Rashid Al Maktoum’s Digital City Vision for Smart Dubai has been a guiding principle for ZorroSign—including his goal of a paperless life in the UAE by 2030.
The article then talks of identity theft and how ZorroSign technologies confront the issue: “Not only does our web3 platform leverage the cryptographic security capabilities of blockchain,” said Hadi. “But it also integrates Identity-as-a-Service technologies into our solution set to combat fraud, identity theft, and cyber-attacks.”
Security trends, cybercrime, and various cyber-attacks are discussed, as well as how distributed ledger technologies such as blockchain can help defend and/or recover from such attack vectors. The article ends with ZorroSign’s plans for 2022 and early verticals benefitting from blockchain-based digital signatures.
Learn more about how ZorroSign helps governments, companies, and individuals around the world with digital signatures and maintaining privacy and security with their digital transactions: Contact us today or start your Free Trial.
If you work in real estate, you understand the need to provide superior customer service to close deals. Only ZorroSign pairs a web3 transaction platform with mobile technology—delivering 21st century security to the age-old ceremony of signing and storing agreements, and giving your customers peace of mind needed when conducting real estate transactions digitally and remotely.
ZorroSign not only delivers superior privacy and security through our multi-chain blockchain transaction platform, but also ensures that your real estate deals are closed with ease, elevating the customer experience and saving time and money.
Improve Your Customer Service
U.S. real estate deals have already moved from paper-based to digital experiences and processes. Evolving towards newer technology has allowed for real estate agents to close deals faster and from anywhere in the world—you no longer have to meet in person to deliver physical papers in order for your clients to sign.
While there are many technology platforms that provide the option to sign and store documents, real estate firms and agents not only need a digital experience that is fast and efficient, but they need one that they can trust with their information and their customers’ information.
This is where ZorroSign comes in!
Built on blockchain, ZorroSign’s unique digital signature solution makes contracts, counter-offers, purchases, and amendments accurate, faster, easier, and more secure than ever.
Here is what Mr. Richard Green from enTrust Escrow and Title says after using ZorroSign as his transaction platform:
“This is a game changer for our company. Our customers are very impressed with the technology and the ease of use. They appreciate that their escrow can be tracked on their mobile devices anywhere and anytime. In most cases, escrow officers have been able to reduce the time it takes to complete a transaction and the fact that every step is recorded online ensures that all parties are aware at the same time.
“The escrow officers also love using this solution as it also helps keep a check and balance on them as well. Overall this is a great solution that the management have implemented and I hope that customers will refer others to us since we are using the best technology today.”
enTrust & Title Company
ZorroSign helps bring your real estate business into the digital age: Speeding customer processes and service, helping your organization “go green” with paperless operations, and allowing you to serve customers from anywhere, anytime!
Close deals faster
It is no secret that there are a lot of moving parts when it comes to real estate. This often makes it difficult to nail down a time and place to meet with customers for signatures. With ZorroSign’s transaction platform, everyone can sign and send documents when they are prepared, allowing the platform to transmit documents to the other agents, saving time for everyone with an efficient digital workflow.
This is especially helpful for you as an agent or broker, since it frees you up to keep the transaction moving while you are on-the-go. When you are dealing with a quick turnaround in a multiple-offer situation, signing and sending documents online can be the difference in closing the deal!
With our patented, legally binding, fully automated digital signature technology, ZorroSign’s platform enables you to skip the print/sign/scan process, stop chasing paper signatures, and instead sign and send digital documents from anywhere—all the while monitoring a policy document’s current status from the ZorroSign dashboard.
Automate With Z-Fill
Finally, with our intelligent form-fill process, Z-Fill, ZorroSign’s platform allows you to digitize documents, eliminate the paperchase and improve efficiency, while speeding up the process of filling out forms.
According to the National Association of REALTORS®, members rely on repeat clients and referrals from past clients for 30% of their business. With ZorroSign’s Z-Fill technology, you can save time and ensure that clients sign and fill out forms correctly—every time. Z-Fill can help you complete real estate agreements faster and with ease, improving your customer experience and winning repeat and referral business.
Block it down! Now, you can count on regulatory compliance and the immutability of your signed documents within your stored data and workflow records on ZorroSign’s blockchain.
Z-Vault enables ZorroSign platform users to store, structure, organize and search documents in folders and subfolders natively, with the peace of mind that comes from superior privacy and security.
Digital Signatures on Blockchain
Since 2000, several technologies have come to market to deliver digital signatures, but when a distributed ledger technology—or DLT, such as blockchain—is used for digital signatures, signers gain the unique advantages of:
Privacy — with a private blockchain, only participants to the transaction can see details of the transaction, and those participants share equal access to such details
Immutability — all records and changes are tracked and cannot be changed, providing important chain-of-custody audit capabilities for courts
Security — all records are individually encrypted and distributed for better protection from phishing and ransomware attacks
ZorroSign was built from the ground up on Hyperledger Fabric to deliver digital signatures with the superior privacy and security of blockchain. And we recently announced a partnership with Provence Blockchain to add their DLT to our architecture as well, effectively becoming a multi-chain blockchain platform.
Z-Vault for Better Contract Lifecycle Management
Contract lifecycle management, or CLM, spans the entire process of generating contracts, the workflows of approving and negotiating changes to contracts, the signing (or executing) of the contracts, storing and archiving the executed contracts, plus tracking and audit trails to retrieve contracts and review their lifecycle of approvals, iterations, and signatures.
If contracts are critical to your business or organization, then a secure, reliable solution for managing the contract life cycle is imperative.
Key functionality to look for when assessing CLM solutions include visibility (a dashboard or overview of where individual contracts are in the life cycle), integration with communications and storage systems, automation (as few contracts start from scratch—most are iterations of previously created agreements), and of course change tracking to readily see how contracts changed during negotiations and what final version was executed by all parties.
ZorroSign’s platform unites and uniquely delivers:
Digital signatures via Z-Sign to quickly execute legally binding contracts
Patented Z-Forensics token to prevent fraud and tampering
Z-Flow workflow automation to quickly build templates and approval chains
Z-Verify to know exactly who signed what and when, with full validation of every document’s authenticity and immutability
Z-Vault to securely store contract and transaction records immutably on blockchain
ZorroSign’s platform can be accessed via PCs and mobile devices, allowing your legal department, operations and procurement teams, and sales teams to efficiently generate, negotiate, communicate, and sign agreements. And with our Z-Vault, contracts reside on an immutable DMS where they can be saved, searched for, and managed easily from a single, intuitive user interface.
Z-Vault Benefits
Superior privacy and security to PKI-based solutions using a centralized database
The latest privacy and security technologies, delivering powerful encryption safeguards
Ability to share and review eSign and architectural drawings, adding your own comments
Time savings with access to specific folders and documents in seconds, no loss of records
ZorroSign Privacy & Security Compliance
Our combination of security architecture and data privacy functionality ensure your compliance across many international standards for privacy and security, including:
Canada: The Personal Information Protection and Electronic Documents Act (PIPEDA)
Canada: The Uniform Electronic Commerce Act (UECA)
EU: Data Protection Regulation (GDPR) for data privacy and security
EU: The electronic IDentification, Authentication and trust Services (eIDAS) regulation
India: The Information Technology Act 2000 (IT Act of India)
International Standard on Assurance Engagements (ISAE) No. 3402, Type II audited
International Organization for Standardization (ISO) 27001 certified
PDF Advanced Electronic Signatures (PAdES) is a set of restrictions and extensions to PDF and ISO 32000-1
UAE: Federal Law No. 1 of 2006 regarding Electronic Transactions and E-Commerce granting electronic signatures legal force and effect
USA: American Institute of Certified Public Accountants (AICPA) SOC 2 Type I audit
USA: California Consumer Privacy Act (CCPA)
USA: Department of Commerce’s National Institute of Standards and Technology (NIST) encryption standards
USA: The Digital Millennium Copyright Act (DMCA)
USA: The Electronic Signatures in Global and National Commerce Act (E-Sign Act)
USA: FDA Title 21 of the Code of Federal Regulations; Electronic Records; Electronic Signatures
USA: The Health Insurance Portability and Accountability Act (HIPAA)
USA: The Uniform Electronic Transactions Act (UETA)
To learn more about Z-Vault and how ZorroSign can help you securely store contracts, data, and documents on blockchain, contact us today or start your 14-day Free Trial subscription!
In an earlier article, I briefly introduced sustainability in advancing technology—specifically urging innovators to be aware of the impact of their new technologies on the environment and human sustainability.
In advance of Earth Day 2022, I reiterate that while it is easy to laud the potential of new technologies, we must also be wary of their effects on the environment . . . specifically the depletion of natural resources which may disrupt ecological balance. This is not to say innovation must be stymied, but that the true price of innovation must be measured in more than purely economic terms.
Defining Sustainability for Business
My quick definition of sustainability—from the Brundtland Report, drafted by the World Commission on Environment and Development (WCED) in 1987—is simply “meeting the needs of the present without compromising the ability of future generations to meet their needs.”
Bigger picture, the idea of sustainability is “often broken down into three pillars: economic, environmental, and social—also known informally as profits, planet, and people.” For me, new technologies tend to span all three: Driven by economic goals, but often extracting environmental and social costs.
For example, it has been a long-running criticism of bitcoin that the proof-of-work data mining required to produce coins consumes an astonishing amount of electricity. With many public blockchains used for cryptocurrencies, mining coins requires complicated mathematical processing on high-end graphic processing units (GPUs), consuming energy both for calculation processing and cooling those GPUs down under heavy load.
“Scientists from the University of Cambridge Judge Business School recently built an interactive analysis tool to calculate the real energy cost of bitcoin cryptocurrency,” explains Caroline Delbert in Popular Mechanics. “Using their energy use model, the researchers found that bitcoin mining uses more energy each year (130.00 terawatt-hours [TWh]) than the entire country of Argentina (125.03 TWh).”
Another example might emphasize social sustainability. “Social sustainability is about identifying and managing business impacts, both positive and negative, on people,” notes UN Global Compact.
Recall how Facebook’s social network technologies were taken to task by The Social Dilemma—a documentary highlighting the dangerous impact of social networking, which represents a sustainability challenge to human societies.
The film shows that while social networks’ cost is not environmental per se, social media’s “design nurtures an addiction, manipulates people’s views, emotions, and behavior, and spreads conspiracy theories and disinformation . . . [plus an] effect on mental health (including the mental health of adolescents and rising teen suicide rates).” Such social costs put existing social media in direct conflict with sustainable practices.
Balancing Innovation and Sustainability
So how can innovators build and create without jeopardizing the “ability of future generations to meet their needs”?
Such effort requires vision beyond immediate solutions and an eye for real-world consequences . . . even those completely unintended or unexpected in the deployment and adoption of new technology.
“The Industrial Revolution brought forth extraordinary gains in financial prosperity. Between 1870 and 1910, per capita income in the United States rose almost 40 percent, and the value of manufacturing output increased sevenfold. Yet rapid industrialization left in its wake darkened noontime skies, noisy and unsafe machinery, and severely compromised living conditions,” write David Austin and Molly K. Macauley in a classic article from Brookings. “Technology is a double-edged sword—one capable both of doing and undoing damage to environmental quality.”
“Technology has the ability to significantly impact the United Nations Sustainable Development Goals,” says Jeff Fromm in a Forbes article on sustainability and innovation. “As well as improve work/life balance, enable commerce and so much more.”
Here, environmental technologies have a chance to remedy the historical efforts of Industrial Revolution technologies that brought pollution and ecological disruption, as well as massively depleting natural resources.
“We are currently living in a period of rapid change, where technological developments are revolutionizing the way we live, at the same time as leading us further into the depths of catastrophe in the form of climate change and resource scarcity,” adds a great piece by Edinburgh Sensors. “While the impact of technology on the environment has been highly negative, the concept of environmental technology could save our planet from the harm that has been done.”
Even those technologies that simply avert environmental damage, without perhaps directly rebuilding or restoring natural resources, can have a tremendously positive effect on sustainability.
Starting with this economic pillar, we constructed a blockchain platform unlike bitcoin and the proof-of-work cryptocurrency models, instead leveraging Hyperledger Fabric as a next-generation enterprise blockchain architecture with lower electricity costs and a smaller carbon footprint. Hyperledger Fabric is a next-generation enterprise blockchain architecture “with even lower electricity costs and attendant carbon footprints,” writes Michael Barnard in a CleanTechnica report.
Hyperledger Fabric’s architecture is so completely different from the mining and broadly distributed model of bitcoin, that the enterprise blockchain can operate faster with far, far lower energy consumption rates. This combination of speed and energy-efficiency made Hyperledger Fabric the sustainable choice to launch ZorroSign’s digital platform.
For the environmental pillar, ZorroSign’s vision includes a commitment to saving trees and having a positive impact on the environment through sustainable practices. With our Save-a-Tree, Plant-a-Tree program, ZorroSign plants a tree on behalf of our customers every time they save 8,000 pages of copy paper! As one tree produces roughly 8,000 pages of copy paper, this amounts to a double incentive: Reducing the destruction of trees via reduced paper use and increasing the number of trees as reward for reducing paper use. Again, our efforts aspire to realize significant environmental benefits such as conserving water, reducing carbon emissions, improving air quality, and reducing deforestation.
At ZorroSign, we use blockchain to help individuals, businesses, and governments to achieve a paperless life. Here we embrace the social pillar: Understanding that switching to digital records is not only a smart business decision, but it is also good for the environment and society.
Every time someone uses ZorroSign to digitally sign agreements, contracts, and other documents—instead of printing, faxing, scanning, and couriering documents to collect signatures—we all save trees, save water, and reduce carbon emissions. By moving social costs from paper consumption, logistics, and storage to digital signatures, digital archiving, and digital chains-of-custody, we advance a technology that similarly advances sustainability.
I am eager to engage technology innovators in advancing their solutions while also advancing sustainability goals! Connect with me on LinkedIn at https://www.linkedin.com/in/shamsh-hadi/
It is no secret that cybercrime has skyrocketed within the last few years, in fact, cybercrime in the U.S. jumped by 55%. This increased risk drives a greater need for privacy and security, especially within IT companies and departments responsible for digital data and cybersecurity.
ZorroSign can help your IT company or department combat the elevated security risks with our digital transaction platform, built on blockchain architecture, and calibrate your company and customers for success!
Blockchain Architecture For Elevated Security
ZorroSign is the only company that offers a multi-blockchain platform to secure, track, and manage your digital signatures, transactions, and documentation.
By using distributed ledger technologies—originally built on Hyperledger Fabric and recently expanded to include the Provenance Blockchain—ZorroSign provides superior privacy and security, offering peace of mind for your company’s and customers’ digital transactions, while preventing fraud and ensuring regulatory compliance.
How does this blockchain architecture contribute to ZorroSign being the best platform for IT companies?
Blockchain provides structural layers of protection from cybercrime, like ransomware, malware, or phishing attacks: First, by decentralizing the data set itself (preventing any one breach to access the entire data set); and second, by giving endpoints (or nodes) a quick path to recovery, even if they are themselves breached or their access ransomed.
Unlike centralized databases—which can be breached at unsecure endpoints (users and devices) or even at managed service providers (MSPs) hosting them—giving attackers complete control once they gain central access, blockchain technology distributes data physically across separate nodes. By decentralizing data storage, blockchain effectively prevents any one endpoint (even if compromised) from gaining control of the full data set.
This distributed nature so defeats any attack seeking to breach a system and holistically encrypts the data files stored inside: A single endpoint node might be breached, and its files held for ransom, but the larger data set cannot be controlled by any one endpoint (or central authority) and so attackers cannot capture the full data set for encryption, ransom, and shutting down the network.
ZorroSign is a strong addition to your security stack, and brings the cybersecurity capabilities of blockchain to your company’s and customers’ digital signatures and transactional documentation.
Z-Forensics Token
ZorroSign has further elevated our security through our patented fraud detection technology we call the Z-Forensics token.
This unique digital solution that can:
Prove that the individual who is performing the action to sign the document is who they claim to be (verification);
Apply a digital equivalent of a wet-ink signature to the document (legal intent); and,
Prove the authenticity of the printed copy or digital version of an electronically signed document, its content, attachments, and the signatures on it (authenticity).
Unlike any other digital signature solution, ZorroSign seals all your documents with our Z-Forensics token—capturing the complete audit trail and accompanying attachments and signature workflow. The token is encrypted and contains all the details about the transaction: Time stamps, user authentication, documents and attachments.
Your IT company or department gains peace of mind when you Z-Sign!
Cloud Configuration
On top of providing the security that your company and customers need, ZorroSign’s software-as-a-service (SaaS) model can be deployed in various cloud configurations, making it seamless to integrate into your existing platform.
Our standard deployment is on Amazon Web Services (AWS) public cloud computing network
In our private cloud configuration, all your data and the ZorroSign application run in a private and secure cloud network dedicated to your organization
In a hybrid cloud configuration, your data can be stored on either ZorroSign data centers or in the private cloud, while the ZorroSign platform and applications run on their standard public cloud configurations
On-premise deployments require your department to manage and maintain your own data centers, but gain the benefits of unlimited API calls and total control over identity access management (IAM), data privacy and security, and data integrity processes
Your IT company or department can scale and deliver data privacy and security aligned to your existing deployment architecture—as public, private, or hybrid as it may be!
To learn more about how ZorroSign helps IT companies and departments elevate your data privacy and security, please contact us or start your 14-day Free Trial today!
In a digital environment, transactions take place between people and organizations who may not know each other, and likely cannot verify each other’s identities using traditional, physical means.
Yet as the world moves more and more to digital transactions—exchanging real-world assets such as automobiles, financial instruments, goods and services, even real estate, to exchanging digital assets such as cryptocurrencies, in-game purchases, metaverse assets, NFTs, and even more in the years ahead—it becomes critical to verify exactly who signed what and when, with full validation of every transactional document’s authenticity and immutability, to prevent forgery, fraud, or tampering.
CNBC reports that “Sales of real estate in the metaverse topped $500 million last year and could double this year, according to investors and analytics firms.” And transactions in the metaverse were expected to cross $6 billion in 2021, according to India’s Business Standard.
To facilitate commerce in digital realms, ZorroSign is pleased to include the Z-Verify feature in our multichain blockchain platform to protect privacy, secure transactions, and prevent fraud.
Digital Signatures for Digital Transactions
To transact business, commerce, government operations, or individual trade in a digital environment requires legally enforceable digital signatures to prove agreement and intent. There are several technologies supporting digital signatures, but how do such solutions provide legal enforceability?
They must ensure WHO is signing the legal documents via user authentication; plus,
They must ensure WHAT was signed (agreed upon) via immutable document control with full audit trail of changes for document verification; and
They must ensure WHERE, WHEN, and HOW digital signatures were executed in signing ceremonies via metadata captured on digital devices and digital network.
On June 30, 2000, then President Bill Clinton signed the Electronic Signatures in Global and National Commerce Act (E-Sign Act), establishing that electronic signatures have the same legality as traditional signatures on paper, and defined the criteria for legality. The legislation opened the door for digital transactions and digital commerce has boomed in its wake.
Digital Signatures on Blockchain
Since 2000, many technologies have come to market to deliver digital signatures, but when a distributed ledger technology—such as blockchain—is used for digital signatures, transaction parties gain the unique advantages of:
Privacy — with a private, permissioned blockchain such as Hyperledger Fabric, only participants to the transaction can see details of the transaction, and those participants share equal access to such details
Immutability — all blockchain records and changes are tracked and cannot be changed, providing important chain-of-custody audit capabilities for courts
Perhaps most importantly, digital signature platforms that incorporate Identity-as-a-Service (IDaaS) can authenticate users across multiple dimensions, such as what you know (your login password), what you have (your laptop or mobile device), and who you are (biometrics such as fingerprints or eye iris on the device securing who can access it), etc.
Digital Signatures with Z-Verify
ZorroSign’s Z-Verify unites multi-factor authentication, the biometric capabilities of your hardware devices, the opportunity for password-less logins, and even knowledge-based authentication (KBA) features—requiring the knowledge of private information of the individual to prove that the person providing identity information is the actual person—to ensure each party to the digital transaction is who they claim to be.
Further, Z-Verify features allow ZorroSign users to maintain and review a chronological, immutable, real-time record of transactions: Ensuring the security and privacy of users’ information and that of the data itself!
Z-Verify Benefits:
Immutable attribution of the signatory of any document secured in ZorroSign
Globally accepted security certificates that never expire – unlike any competitive solution certificates
Secured by private, permission-based blockchain technology built on Hyperledger Fabric
Authentication, verification and validation of digital and paper versions of documents using our patented Z-Forensics token
Verification applies to internal (registered) and external (not registered) users alike!
To learn more about Z-Verify and how ZorroSign can ensure you know exactly who signs your digital documents, when they signed, how they signed, and what they signed has not changed—contact us today or start your Free 14-Day Trial subscription to test us yourself!
The way that the legal industry conducts business has changed drastically over the last few years, foremost due to the shift during the COVID-19 pandemic to a remote lifestyle. A recent survey by the American Bar Association shows that more than half of all attorneys are now working from home almost exclusively. This switch to remote work has caused the legal industry to look towards technology to move the bulk of their processes and workflows online.
With that industry shift in mind, here are three ways that ZorroSign helps to law firms, legal departments, and attorneys worldwide to thrive in an online environment!
Automation
Lawyers are often swamped with paperwork and the hassle of printing, signing, and scanning documents. While much of this work is important to the successful operation of legal services, future-thinking law firms and legal departments are identifying repetitive, manual processes and incorporating automation to drastically improve their workflows. This allows attorneys to spend more time on client development and for staff to become more productive.
Incorporating technology into your legal service workflows can expedite operations, accelerate growth, and increase the value of the services delivered to clients. When used strategically, technology can also free up your teams from mundane tasks and enable them to apply their expertise to higher-value work. As a result, law firms and legal departments become more efficient, innovative, competitive, and profitable.
ZorroSign’s blockchain platform allows firms to build and automate templates and approval workflows, ensuring compliance with business regulations while streamlining processes from a single dashboard. Our contract lifecycle management (CLM) capabilities support automation and help move attorneys to digital record-keeping, digital communications, and digital chains-of-custody.
Expanding Privacy Regulations
Gartner predicts that by the end of 2023, modern privacy laws will cover the personal information of 75% of the world’s population. It is also expected that more state legislatures will enact privacy laws similar to the California Consumer Privacy Act (CCPA) which gives consumers more control over the personal information that businesses collect about them. Eventually the United States can expect a law that mirrors the EU’s General Data Protection Regulation (GDPR)—one of the toughest privacy and security laws in the world.
The increased demand for privacy has been driven by individuals’ demands for improved protection of their personally identifying information (PII), healthcare records, autonomy, and digital data privacy. Expanding regulations have pushed organizations to take the necessary steps to support data sharing, while preserving the privacy of those that they are working with and who are within their organization. All in all, organizations that choose to prioritize privacy have an opportunity to win greater loyalty and more business from their customers.
So how can ZorroSign help?
ZorroSign was created with the privacy of users in mind. Built from the ground up on blockchain technology for a zero-trust digital ecosystem, we deliver top notch security that has evolved to meet the legal enforceability needed in a court of law. ZorroSign is already compliant with CCPA and the EU’s GDPR policy—plus many Canadian, Indian, UAE, and United States data protection and privacy standards, ISO 27001 certification, American Institute of Certified Public Accountants (AICPA) SOC 2 Type I audit, and International Standard on Assurance Engagements (ISAE) No. 3402 Type II audited.
For the growing list of ZorroSign privacy and security standards, visit our recent blog on global compliance.
Transfer to the Cloud
While storing information on a hosted cloud server is not a new concept, the legal industry has been slow to migrate its data because of the security concerns that this presented. Telecommute work, however, has pushed legal organizations towards cloud solutions to better connect remote workers. The cloud’s cost-effective delivery of near-unlimited storage, paired with technology like blockchains, bridges the gap between the risk of remote connections and the need for elevated data security.
Our standard deployment is on Amazon Web Services (AWS) public cloud computing network
In our private cloud configuration, all your data and the ZorroSign application run in a private and secure cloud network dedicated to your organization
In a hybrid cloud configuration, your data can be stored on either ZorroSign data centers or in the private cloud, while the ZorroSign platform and applications run on their standard public cloud configurations
On-premise deployments require your law firm or department to manage and maintain your own data centers, but gain the benefits of unlimited API calls and total control over identity access management (IAM), data privacy and security, and data integrity processes
March 21, 2022, marked the 10th anniversary of International Day of Forests. This day calls attention to the importance of practicing sustainability in both your business and your personal life. Often people have a desire to live a more sustainable life, but do not know where to start . . .
Here are four ways you can practice sustainability in your day-to-day life!
Recycle & Reuse
One ready way to practice sustainability is to make a real effort to recycle and reuse. Did you know each ton of recycled paper saves an estimated 17 trees and 3.3 cubic yards of land space? Every small and large contribution that you make counts!
You’ve most likely heard the phrase “Reduce, reuse, recycle” your whole life, but how do you actively turn a nice-sounding phrase into a habit?
Try to reuse products and items as many times as possible before binning them to reduce waste. Check out this list of household items that you would normally throw away, but you can reuse!
Avoid thin plastic packaging, as it’s usually non-recyclable. Instead go for reusable glass or thick plastic.
Instead of using plastic bags, bring reusable bags and Tupperware when going shopping or packing food or leftovers.
Buy products in bulk. Purchasing goods in large amounts means less packaging and even less cost per amount.
Utilizing trash removal and recycling services can also help you to manage waste effectively
Monitor Energy Use
Another great way to be sustainable is monitoring your energy use. By using less energy, you can help to reduce carbon emissions. There are a number of ways you can save energy at home, and most of them are practices that take no extra effort on your part.
Here are a few ways to do it:
Turn off the lights when you’re not in the room; use natural light instead of turning the lights on as much as you can.
Turn off appliances that you’re not currently using.
Dry your clothes outside instead of using the drying machine.
It is a fact that 70% of the Earth is covered with water, only one percent of it is available for human consumption. Conserving water is important because it keeps our water clean while protecting the environment.
Here are some effective and easy ways to cut back on your water footprint and save some money in the process:
Turn off the faucet while brushing your teeth
Wash dishes in the sink instead of under running water
Only run the washing machine and dishwasher when you have a full load
Check your kitchen pipes and dishwater hose for slow leaks
ZorroSign is committed to having a positive impact on the environment through sustainable practices. Switching from doing business using paper to digital is not only a smart business decision but it is also good for the environment.
However, each time you use ZorroSign to digitally transact instead of printing, faxing, scanning, and shipping documents to collect signatures, you save trees and water . . . plus reduce carbon emissions while your business saves time and money!
To further the cause of Paperless Life, ZorroSign encourages all businesses to go digital and save trees. Our Save a Tree – Plant a Tree program is ZorroSign’s effort to do our part to help the environment. For every 8,000 pages of paper you save by using ZorroSign, we plant a tree on your behalf—that’s saving an existing tree and planting a new tree by going paperless with ZorroSign.
To learn more about ZorroSign’s commitment to sustainability and environment conservation, and how we deliver greater privacy and security for digital signatures and documents, contact us today!
The Move to Digital
Since the invention of microchips and semiconductor transistors in the 1950’s, the world has moved steadily to more and more digital information. Computers for government, then computers for business, then home computers brought vast amounts of data into digital formats, and with the birth of the World Wide Web digital information has exploded in volume.
Today, we rely on digital documents for our business operations, our finances, our government, our healthcare, our legal system, and vast amounts of news and information—both personal and public. Trusting such digital documents is critical to ascertaining truth and accurately conveying facts.
“Documents comprise evidence, and are generally assumed to amount to evidence upon which the parties and the court can rely,” explains Helen Brander for Counsel magazine. “For every point that is made, one hopes there is a document to support that point.”
The Risk of Fraud
Throughout history, there have been various techniques to authenticate documents. In the pre-industrial age, it was common in Europe for someone to sign a document in ink and to then press a wax seal on the document to indicate the authenticity of that document. It was always possible, of course, that someone could tamper with the document and forge signatures, information, or the wax seal itself.
In the modern age, the United States has notary publics who can witness a person signing a document and endeavor to authenticate the signer’s identity by inspecting a driver’s license, passport, or other form of identification for that person. Again, the risk remains that it is possible to forge such identity materials, or alter the actual documents or signatures after signing.
More recently, with the popularity of electronic or digital documents, the digitization of business processes is taking place. In other words, from the creation of documents, to the signing of documents, to the storage and subsequent retrieval of documents, one or more steps may be conducted digitally.
For example, a document may be created on a computer and subsequently printed, signed with wet ink or electronically, then faxed, delivered via courier, or scanned into the computer and finally shared electronically via email or by using other file transfer mechanisms. Despite the technology advances, such documents can still be tampered with and signatures can be forged within this process as well.
“Detecting fraud within documents that have been digitally altered with graphics editors or ‘print-manipulate-scan’ evasion techniques requires more sophistication,” notes Martin Rehak in a Help Net Security article. “Often undetectable to human fraud specialists, building an automated solution requires specialist knowledge of the metadata and digital footprints left by scanning and printing devices.”
As such, modern digital documents require a level of security as evolved and nuanced as the technologies producing, storing, and sharing the digital documents themselves.
The Security of ZorroSign
Facing this historical need, ZorroSign has developed a unique digital solution that can:
Prove that the individual who is performing the action to sign the document is who they claim to be (verification);
Apply a digital equivalent of a wet-ink signature to the document (legal intent); and,
Prove the authenticity of the printed copy or digital version of an electronically signed document, its content, attachments, and the signatures on it (authenticity).
ZorroSign’s patented Z-Forensics token is a tamper and fraud-detection seal for your digital documents, creating an unprecedented, immutable audit trail and complete chain-of-custody validation.
This revolutionary security system allows a validated user to create an electronic document, then allow one or more other users to complete and sign that document in a particular sequence—”the workflow”—all the while capturing the chain of custody and an audit trail of the changes made to the document by the parties in the workflow, such as recording key authentication, security and validation information when an action took place.
Unlike any other digital signature solution, ZorroSign seals all documents with our Z-Forensics token—capturing the complete audit trail and accompanying attachments and signature workflow. The token is encrypted and contains all the details about the transaction: Time stamps, user authentication, documents and attachments.
Only the Z-Forensics token:
Allows ZorroSign customers to manage permissions as to who gets to see what level of information about the transaction and the contract
Stores the ZorroSign security encryption certificates, which—unlike other digital security certificates—never expire
Can verify, validate and authenticate both digital and printed (paper) version of electronically signed contracts
Our Z-Forensics feature enables ZorroSign users to create a virtual seal for every uploaded document: initiating a verifiable trail, tracking every step of a document’s journey through users, so that any attempts at tampering, fraud, revision or other alterations are immediately captured.
To learn more about Z-Forensics and how ZorroSign can help you prevent fraud with digital documents, contact us today!
What is Web 3.0?
You may have heard about Web 3.0 (or web3) recently and wondered, what is Web 3.0 and how is it different from Web 1.0 and Web 2.0?
A broad definition of Web 1.0 is simply the initial iteration of the World Wide Web in the late 1980’s and early 1990’s. “Web 1.0 is the term used for the earliest version of the Internet as it emerged from its origins with Defense Advanced Research Projects Agency (DARPA),” writes Kuntal Chakraborty for Techopedia. “Experts refer to it as the ‘read-only’ web—a web that was not interactive in any significant sense.”
From those early static web pages, a platform model of computing soon evolved that would become Web 2.0 or the ‘social web.’ Here, interaction with growing web applications and platforms drove e-commerce and the expansion of the Internet, allowing large providers to aggregate and control much of the shared data. This is the Internet we know today.
“Web 2.0’s business model relies on user participation to create fresh content and profile data to be sold to third parties for marketing purposes,” writes Charles Silver in a recent Forbes article. “Indeed, the internet has become a massive app store, dominated by centralized apps from Google, Facebook and Amazon, where everyone is trying to build an audience, collect data and monetize that data through targeted advertising. In my opinion, the centralization and exploitation of data, and the use of it without users’ meaningful consent, is built into Web 2.0’s business model.”
The dream of Web 3.0, however, is to break the centralization of information and democratize the Internet more to the vision of its earliest founders. “Web3, ” claims Chris Dixon from Andreesen Horowitz in a recent article in The Economist, “combines the decentralized, community-governed ethos of web1 with the advanced, modern functionality of web2.”
The Web 3.0 “will be based on the convergence of emerging technologies like blockchain, artificial intelligence (AI), machine learning and augmented reality,” note Neeti Aggarwal and Dandreb Salangsang in The Asian Banker. “It will be characterized by decentralized data, a more transparent and secure environment, machine cognitive intelligence and three-dimensional design.”
“The rise of technologies such as distributed ledgers and storage on blockchain will allow for data decentralization and create a transparent and secure environment, overtaking Web 2.0’s centralization, surveillance and exploitative advertising,” continues Silver. “Indeed, one of the most significant implications of decentralization and blockchain technology is in the area of data ownership and compensation… Web 3.0 will bring us a fairer internet by enabling the individual to be a sovereign.”
Web 3.0 isn’t just championed by iconoclasts and trustbusters—Alphabet CEO, Sundar Pichai, recently shared on a quarterly earnings call, “On Web3, we are definitely looking at blockchain, and such an interesting and powerful technology with broad applications so much broader again than any one application. So as a company, we are looking at how we might contribute to the ecosystem and add value.”
As such, even the biggest players in Web 2.0 are looking to adopt Web 3.0 technologies and strategies as they continue their evolution.
Financial Services on Web 3.0
“Think about all the financial instruments we use today—currency, loans, insurance, bonds, credit cards, stocks, futures, options, interest bearing accounts—being converted to a new model,” asks Thomson Reuters. “One that doesn’t require a traditional banking institution.”
For financial service organizations, adopting emerging technologies has historically been a slow, prove-it-before-you-move-it endeavor. With the boom in fintech the past ten years, however, financial service organizations from accounting firms, to banks, credit unions, and credit-card companies, to finance companies and managers, insurance companies, investment funds, notaries, payment providers, stock brokerages, and conglomerates have all moved faster to adopt new technologies and gain a competitive advantage in serving customers.
“Fintech refers to the latest software developments in the financial services sector,” explains a recent Finextra article. “Using technologies such as artificial intelligence, biometrics, payments, crypto and others, banks are increasingly able to offer their customers more convenient, streamlined services.”
Already, “a few banks are using blockchain to power real-time transactions,” writes Emily McCormick for Bank Director. Meanwhile, “Fintechs competing with banks are also taking advantage of the disintermediation trends promised by a Web3 economy.”
Today, cryptocurrencies and decentralized finance (DeFi) platforms challenge traditional banking for services and control of consumer monetary systems. But while cryptocurrencies provide an exciting alternative to the constraints of fractional-reserve banking, financial services providers need not abandon central bank currencies to adopt Web 3.0 strategies. The distributed ledger technology of blockchains can also support financial service applications above-and-beyond cryptocurrencies.
Future Technologies for Financial Services
As most financial service providers engage Web 2.0 technologies, the opportunity for early adopters to leap ahead to Web 3.0 becomes clear.
“Over the next decade, we believe blockchain will become the dominant operating infrastructure of the financial system and look forward to helping our network of regulated banks, brokers and fintechs develop the competency and dexterity to be early adopters of this transformational technology,” said Ryan Zacharia, general partner at JAM Special Opportunity Ventures (JSOV), an affiliate of Jacobs Asset Management (JAM) and FINTOP Capital.
“Unlike the cryptocurrency market, for example—which is built on a digitally native system—Vikram Pandit, CEO of The Orogen Group and former Citigroup Inc. CEO, said that innovations in the traditional banking sector are based on applying new technology to improve old architecture, citing the use of distributed ledger technology in cross-border payments as an example,” notes a recent S&P Global Market Intelligence report.
Payments are another area ready for Web 3.0 transformation. “In the past, when you transferred money to someone online, you needed a trusted service like PayPal or a bank to make the transfer,” cites an Algorand post. “With blockchain networks, you can now transfer money directly to anyone with an Internet connection on a peer-to-peer basis.”
Further, securing digital transactions and the digital chain-of-custody are critical for financial organizations. Even as some financial assets move to the metaverse—NFTs are an early example—a technology that immutably tracks and reports the provenance of assets is necessary to ensure ownership and enforce agreements across transactions and holdings.
“Issues of trust, transparency, privacy, and user control lie at the heart of Web 3.0,” writes MakerDAO, and “on the back of the blockchain promises to shift the balance of power back in favor of the user.”
Blockchain, built for zero-trust environments, is the ideal architecture for tracking and storing digital transactions and documentation, and another way Web 3.0 technologies support evolving financial services.
ZorroSign and Web 3.0
And here is where ZorroSign shines! We have built our digital platform from the ground up using blockchain technology. Launched with Hyperledger Fabric, our multi-chain platform now supports the public Provenance Blockchain as well, giving our users an entirely new world of decentralized digital transactions.
At ZorroSign, we deliver digital signature solutions built on blockchain for greater privacy and security.
Our Web 3.0 technology platform also provides identity-as-a-service (IDaaS) capabilities through a patented Z-Forensics token plus fraud prevention, user authentication, and document verification. Web 3.0 features such as artificial intelligence (AI) and machine learning (ML) allow us to automate form completion for digital documents, and can improve regulatory compliance across global standards for legally enforceable digital signatures.
Paired with Provenance Blockchain—which reduces the need for third-party intermediation, drastically reducing costs and freeing up capital in financial transactions—ZorroSign’s platform promotes greater transparency and liquidity for financial service organizations, and allows for new kinds of financial engineering and business opportunities.
To learn more about Web 3.0 and how ZorroSign can help your financial service organization meet the future needs of your customers, contact us today!
What is blockchain?
If Bitcoin is a blockchain, is every blockchain a bitcoin?
What are apps and dApps?
What businesses and organizations use blockchain apps today?
We are excited to answer such questions and encourage you to contact us to learn more about blockchain, dApps, and how ZorroSign delivers superior privacy and security with blockchain technology! Read on . . .
Blockchain Introduction
Blockchain is a distributed ledger technology (DLT) leveraging cryptography—user authentication, data encryption and verification—to secure information records (blocks) distributed across peer-to-peer (P2P) networks. DLTs replicate, share, and synchronize digital data geographically spread across multiple sites (nodes), with no central data storage or administrator.
They can be run publicly (open) or privately (permissioned):
Public blockchains, or open blockchains, allow anyone to run an endpoint node on the public network. Users can participate by mining a block or making transactions on the blockchain. Famous cryptocurrencies such as Bitcoin, Dogecoin, Ethereum, and Litecoin are public blockchains.
Private blockchains restrict the endpoints or peers that can store data, requiring permission to participate on the private network. As such, permissioned blockchains are not used as cryptocurrencies, but instead make excellent business applications for storing, securing, and sharing data. Hyperledger Fabric is a ready example of a consortium private blockchain, allowing organizations to grant limited permissions to those endpoints participating on the blockchain.
Cryptocurrency and Blockchain Apps
Cryptocurrencies on public blockchains essentially produce a coin which serves as digital money. Cryptocurrency coins have the same characteristics as fiat money: They are acceptable, divisible, durable, fungible, portable, and have limited supply. For example, Ether is the coin of Ethereum and Lumen is the coin of Stellar. Cryptocurrency coins are held in digital walletsthat store private/public keys and interact with various public blockchains to enable users to send and receive digital currencies and tokens.
“Bitcoin was arguably the first dApp,” writes Computerworld. “Enabling anyone in the world to download a bit of open-source code to join a blockchain network and verify transactions using a ‘mining’ algorithm, thereby generating digital currency (cryptocurrency) as a reward.”
DApps, or decentralized applications, are computer programs running on distributed ledger technologies (DLTs). With private blockchain dApps, an organization controls access to the blockchain—limiting its distribution but also elevating its security. So while cryptocurrencies are often in the news for major purchases, market fluctuations, and hacks, blockchain business apps make the news by showcasing how blockchain can advance business, government, healthcare, and many other industries.
IBM Blockchain – one of the best blockchain apps that helps logistics companies and businesses with long supply chains to track the status and condition of every product on each stage of the supply process: from the start of production to the distribution stage. Blockchain provides full transparency of records, and offers real-time tracking of all parts in terms of their location and condition.
MedRec – a healthcare example of blockchain app that provides secure access to medical records across different providers and actors, like doctors, patients, hospitals, pharmacies and insurance companies.
Spotify – uses blockchain database for decentralized connection between Spotify tracks, artists and licensing agreements.
DApps on Hyperledger Fabric
Hyperledger Fabric is a private blockchain that emerged from an open-source collaborative effort hosted by the Linux Foundation. Built to advance cross-industry blockchain technologies and improve trust, transparency and accountability, Hyperledger Fabric’s “modular architecture maximizes the confidentiality, resilience, and flexibility of blockchain solutions,” explains IBM.
Hyperledger was built for data protection and confidential transactions, and “was introduced to accelerate industry-wide collaboration for developing high-performance and reliable blockchain,” says the Blockchain Council.
Some prominent Hyperledger Fabric deployments include:
Chainyard, designed to improve supplier validation, onboarding and life cycle information management
Honeywell Aerospace to create an Amazon-type marketplace for used aircraft parts
Walmart to create a food traceability system—decentralizing its food supply ecosystem to quickly find the source when an outbreak of a food-borne disease happens
ZorroSign digital signature, document management, IDaaS, and transaction management platform
“Hyperledger Fabric is intended as a foundation for developing applications or solutions with a modular architecture,” notes Hyperledger.org “Hyperledger Fabric allows components, such as consensus and membership services, to be plug-and-play. Its modular and versatile design satisfies a broad range of industry use cases. It offers a unique approach to consensus that enables performance at scale while preserving privacy.”
Focused on B2B collaboration where transactions taking place on the network are only visible to the authorized members, Hyperledger Fabric allows dApps to choose between no consensus needed and an agreement protocol—greatly speeding transaction times while minimizing energy requirements to update the blockchain.
For example, “transactions in the ledgers of Fabric nodes are always in the same order—they don’t get out of sync,” says BlocWatch. “So any application reading from a Fabric ledger doesn’t have to wait for blocks to age; they can be trusted immediately.”
Further, private enterprise blockchain use significantly less energy than public cryptocurrency blockchains, explains Michael Barnard in a CleanTechnica report.
“Think of it as an operating system for marketplaces, micro-currencies, data-sharing networks and decentralized digital communities,” says GamesdApp.
ZorroSign on Hyperledger Fabric
The ZorroSign platform was built from the ground up on Hyperledger Fabric and delivers digital signatures, identity-as-a-service (IDaaS) features, digital document management, user verification and document authentication, and much more. Our dApp is available on iOS or Android, and can be readily accessed from any device—PC or mobile—anywhere in the world.
“We are proud to deliver a mature blockchain solution for digital signatures that is cost-effective and more secure than any encrypted e-signature technology that relies upon public-key infrastructure for security credentials,” says ZorroSign co-founder and CEO, Shamsh Hadi. “ZorroSign’s platform efficiently leverages blockchain to protect online identities and documents such as business agreements, government files, healthcare records, and other legal evidence stored in digital formats.”
For businesses, institutions, and individuals that desire to securely digitize paper-based workflows, ZorroSign’s digital signature and document management platform can decrease costs, reduce clerical errors, and increase productivity. Plus as a private blockchain, ZorroSign’s architecture has even tighter privacy and security measures than other blockchains.
“Phishing is an attempt by an individual or group to solicit personal information from unsuspecting users by employing social engineering techniques,” explains CISA. “Phishing emails are crafted to appear as if they have been sent from a legitimate organization or known individual. These emails often attempt to entice users to click on a link that will take the user to a fraudulent website that appears legitimate. The user then may be asked to provide personal information, such as account usernames and passwords, that can further expose them to future compromises. Additionally, these fraudulent websites may contain malicious code.”
Thus phishing attacks seek to steal data or inject malware—adware, bots, keyloggers, ransomware, spyware, trojans, worms, etc.—that cause damage at a later time.
Phishing Attacks
In phishing attacks, “scammers use email or text messages to trick you into giving them your personal information. They may try to steal your passwords, account numbers, or Social Security numbers. If they get that information, they could gain access to your email, bank, or other accounts,” warns the Federal Trade Commission (FTC). “Scammers launch thousands of phishing attacks like these every day—and they’re often successful. The FBI’s Internet Crime Complaint Center reported that people lost $57 million to phishing schemes in one year.”
“What really distinguishes phishing is the form the message takes,” notes a recent CSO online article. “The attackers masquerade as a trusted entity of some kind, often a real or plausibly real person, or a company the victim might do business with.”
This credibility is paired with a sense of urgency to inspire victims to respond quickly to the message: Clicking a link or downloading a file that starts the attack. For example, Crowdstrike, a cybersecurity company, found that Amazon and Apple were the two most impersonated organizations for phishing scams in 2020. As the COVID-19 pandemic moves more people to work-from-home and out of traditional workplace settings, phishing scams increase to take advantage of anxiety and remote communications.
“Criminals rely on deception and creating a sense of urgency to achieve success with their phishing campaigns,” adds the CSO online article. “During a crisis, people are on edge. They want information and are looking for direction from their employers, the government, and other relevant authorities. An email that appears to be from one of these entities and promises new information or instructs recipients to complete a task quickly will likely receive less scrutiny than prior to the crisis. An impulsive click later, and the victim’s device is infected or account is compromised.”
“Phishing and social engineering attacks are now experienced by 85 percent of organizations,” reports Accenture. And the number of phishing attacks has been increasing in the United States, “with a growth of 65% in the last year,” addsCrowdstrike.
Blockchain Cybersecurity Against Phishing
“Traditionally, businesses sought to prevent phishing attacks through employee training,” writes Cloudphish, a blockchain cybersecurity company. “While this method did provide some success, it was overly reliant on human judgment.” As an alternative to such an approach of relying upon employees and staff to determine what emails or attachments they can safely open, blockchain offers a chance to secure the system access attackers ultimately seek.
Blockchain’s architecture, originally built for zero-trust environments and further secured in private, permissioned blockchain configurations, gives organizations a compelling alternative to centralized databases and a strong protection against phishing attacks.
In phishing attacks that seek to steal data, blockchain presents a data architecture where no single endpoint node controls the data set. Even if an individual endpoint is hacked through phishing or other social engineering, the data set is distributed across many nodes. This decentralization of data and access means even successful phishing attacks that penetrate a blockchain endpoint only gain a small piece of system access.
Whereas centralized databases can be stolen by one endpoint breach—such as the infamous attacks on Yahoo in 2013 and 2014, the United States Office of Personnel Management (OPM) in 2015, Equifax in 2017, Marriott/Starwood Hotels in 2019, and countless others—the distributed ledgers of blockchains minimize the potential damage of any phishing attack on individual endpoints. At ZorroSign, for example, we use a private permissioned blockchain, Hyperledger Fabric. Hence, even during a successful phishing attack, the adversary would not gain access to the blockchain data because the adversary would not have access to the blockchain certificates. With Hyperledger Fabric, blockchain certificates are maintained in a secured certificate authority.
In phishing attacks that seek to inject malware such as ransomware, the distributed nature of blockchain defeats those seeking to breach a system then holistically ransom the data files stored therein. Again, a single endpoint node might be breached, but the larger data set cannot be controlled by any one endpoint (or central authority) and so phishing attackers cannot capture the full data set for encryption, ransom, and shutting down the network.
Further, with private, permissioned blockchains, each endpoint node (or user) has a unique encryption key to access and write to the distributed ledger. If any one of those endpoints is successfully hacked (compromising their access key), the private blockchain can simply remove distributed ledger access for that compromised key, issue the endpoint a new key, and allow that endpoint to quickly regain distributed ledger access (effectively as a new endpoint). This quick recovery process effectively maroons any ransomware on the endpoint it attacked—ending its access and threat—while allowing the endpoint to re-engage the larger data set with a new key and without needing to pay any ransom to the attackers for restored access.
Banks, credit unions, investment groups, lenders, and other financial service providers use ZorroSign’s digital platform to lower operating costs while protecting privacy and data security. Only ZorroSign pairs digital signatures with blockchain technology—delivering 21st century security to the age-old ceremony of signing agreements.
FINANCIAL SERVICES INDUSTRY NEEDS
Anyone managing technology for a financial services provider feels the stress of managing data, networks, and endpoint devices in a world where cyber attacks, regulatory compliance, and customer needs are changing quickly.
To ensure their financial organizations are secure, compliant, and delivering easy to use customer-facing solutions, IT departments need the latest technologies but also proven solutions. ZorroSign is proud to protect financial services data—for customers, for regulators, and for the institutions themselves.
TRANSFORM YOUR FINANCIAL SERVICES WITH SUPERIOR SECURITY
Whether you’re a financial advisor or lender, a bank, credit union, or other services provider, you need fully compliant, automated, blockchain-level security and digital transactions you can trust. ZorroSign delivers:
Unbeatable user authentication, validation and privacy, with superior data and document security
A secure, paperless digital signature solution that’s easy to use, so you can “sign it and forget it”
Workflow automation that saves times and eliminates paper—streamlining approvals, signatures, and workflows
Error-free forms filled out and processed faster via artificial intelligence and machine learning
Financial institutions need privacy and security, but also need to know their technology solutions meet regulatory compliance. ZorroSign’s platform is compliant with the Digital Millennium Copyright Act, UETA, the ESIGN Act, GDPR, plus ISAE 3402 Type II certified, SOC II Type 1 certified, and ISO 27001 certified while supporting HIPAA, ADA, WCAG 2.1, CCPA, New York SHIELD Act, and other standards varying country by country.
For banks, credit unions, and other financial service providers that desire to securely transform paper-based workflows, ZorroSign’s digital signature and document management platform can decrease costs, reduce errors, and increase productivity.
As a private blockchain, ZorroSign can ensure privacy is always maintained as only approved nodes (endpoint users) can write to ZorroSign’s blockchain. As a result, ZorroSign’s architecture has even tighter privacy and security measures than other blockchains.
ADD IDENTITY-AS-A-SERVICES (IDAAS) TO KNOW-YOUR-CUSTOMERS (KYC)
Beyond digital signatures, ZorroSign delivers identity-as-a-service (IDaaS) to verify financial services users and support know-your-customer (KYC) requirements:
ZorroSign technology leverages the biometric capabilities of hardware endpoints to verify user identities
ZorroSign is the first to adopt password-less login amongst our digital signature competitors
ZorroSign MFA provides maximum security, as before a user can sign a document, our platform can validate multiple dimensions of authentication based on the transaction security needs: What you know (i.e., your ZorroSign login password), what you have (e.g., your laptop or mobile device), who you are (e.g., biometrics such as fingerprints or eye iris on the device securing who can access it), etc.
Additionally, ZorroSign users can optionally use our dynamic knowledge-based authentication (KBA) feature provided by LexisNexis. KBA requires the knowledge of private information of the individual to prove that the person providing identity information is the actual person.
Moving forward, ZorroSign will be adding further user verification capabilities, including integrations with U.S. driver licenses via state motor vehicle departments, verification via passports (with approximately 72 countries to start), other government-issued identities (with approximately 100 countries to start), and even tapping U.S. credit union databases for identity verifications.
Further, we will be implementing a blockchain-based audit trail for all user activities—including profile updates, signature changes, etc.—and will maintain a separate blockchain to maintain users’ signatures. With these immutable blockchain records, we can uniquely validate users in ways no competitive solution can.
We invite you to request a copy of our ZorroSign Security Brief to learn how our private blockchain architecture, document storage and protection, and platform security measures can support your financial service clients today!
The PDF Problem
Researchers have recently uncovered two major security flaws in certified Adobe PDF applications. These flaws leave organizations that use such PDF signatures exposed to a number of cyberattacks.
“Certified portable document format (PDF) files are used to securely sign agreements between two parties while keeping the contents’ integrity protected,” writes Becky Bracken in a recent Threat Post article. However, researchers from Ruhr-Universität Bochum “found vulnerabilities to two specific novel attacks they dubbed, ‘Evil Annotation’ (EAA) and ‘Sneaky Signature’ (SSA). Both allow an attacker to overlay malicious content (PDF) on top of the certified information without showing any signs it was altered.”
In quick summary, the EAA attack displays “malicious content in the document’s annotations and then sends it on with its digital signature intact. SSAs add malicious content over legitimate content in the PDF itself.”
The original research report further describes “how the attack classes EAA and SSA can be used to inject and execute JavaScript code into certified documents.”
The ThreatPost article concludes that “Certified signatures present a massive, potentially catastrophic, security risk for many organizations and the report urges PDF applications to work quickly to come up with wide-scale fixes.”
The ZorroSign Blockchain Solution
In light of this frightening security gap in Adobe PDF files, ZorroSign is proud to bring an alternative technology to the market for digital signatures. Our platform—built from the ground-up on Hyperledger Fabric blockchain—does not employ the Approval and Certification signatures built into PDFs to authenticate Adobe documents.
Instead, ZorroSign leverages distributed ledger technology (DLT) to securely record documents, workflows, users, and changes to our private, permissioned blockchain. This immutable record preserves chain-of-custody and provenance for agreements, contracts, documents, transactions, and any other digital workflow requiring signatures. And, equally important from a security risk management perspective, prevents any tampering to document annotations or adding content over legitimate content in the digital files themselves.
ZorroSign further deploys our patented 4n6 (“forensics”) token to each and every document—a unique technology seal that captures the chain of custody and an audit trail of the changes made to the document by the parties in the workflow, such as recording key authentication, security and validation information when an action took place.
This summer, ZorroSign will also deploy our new Z-Verify feature. The EAA and the SSA attacks are only possible because the PDF document is verified by itself. With Z-Verify, digital documents are checked against ZorroSign’s private permissioned blockchain record. Hence, the PDFs that are signed using ZorroSign can be cryptographically verified using the Z-Verify platform, preventing the EAA and SSA attack vectors.
Taken together, ZorroSign’s unique security architecture prevents the JavaScript code injection risks in Adobe PDF applications where the Ruhr-Universität report claims “the only requirement is that the victim fully trusts the certificate used to certify the PDF document.”
To learn more about the superior security of ZorroSign digital signatures and how we leverage blockchain technology and our proprietary 4n6 tokens to protect your data, contact us today!
Law firms of all sizes need legally-binding digital signatures, authenticated digital signers, the ability to track digital documents across multiple approvers and signers, and immutable audit trails to ensure digital agreements can withstand court scrutiny.
The rise of blockchain technology unites all of these capabilities for law firms and allows forward-thinking firms to gain competitive advantages in efficiency, client service, and operational cost-savings by leveraging blockchain solutions.
Blockchain for Law
Blockchains are distributed ledger technology (DLT) leveraging cryptography—user authentication, data encryption and verification—to secure information records (blocks) distributed across peer-to-peer (P2P) networks. DLTs replicate, share, and synchronize digital data geographically spread across multiple sites (nodes), with no central data storage or administrator. They can be run publicly (open) or privately (permissioned).
Public blockchains can readily be used as cryptocurrencies—creating and using a coin that serves as digital money. For example, Ether is the coin of Ethereum, Lumen is the coin of Stellar, and bitcoin is the coin of Bitcoin.
Private blockchains are commonly used as business apps. Here, an organization (or consortium of organizations) controls access to the blockchain—limiting its distribution but also elevating its security. While cryptocurrencies are often in the news for major purchases, market fluctuations, and hacks, blockchain business apps are often in the news showcasing how blockchain can shape business, government, healthcare, and many other industries including legal services.
Perhaps most importantly, blockchains can support smart contracts—where terms, conditions, and permissions written into the digital code that require an exact sequence of events to take place to trigger the agreement of the terms mentioned in the blockchain contract. This hard wiring, so to speak, of contract details greatly increases speed (via automation), trust (where accuracy and backup are built into the transaction), and autonomy (as no third parties are required to mediate or control the exchange) of transactions.
As such, blockchains have immense potential to transform business contracts, real estate deals, digital rights, supply chain security and provenance, estate planning, and many other legal transactions.
ZorroSign Uses Hyperledger Fabric for Privacy & Security
ZorroSign is built entirely on a blockchain architecture that protects identities and data—uniquely authenticating users, encrypting communications, and securing digital data immutably through its lifetime. Specifically, ZorroSign’s platform was built from the ground-up on private, permissioned Hyperledger Fabric: the framework for the IBM Blockchain Platform, Honeywell Aerospace’s marketplace for used aircraft parts, Walmart’s food traceability system, and many other corporate deployments.
For law firms that desire to securely transform paper-based workflows, ZorroSign’s digital signature and document management platform can decrease operating costs, reduce transcription errors, and increase attorney productivity. As a private blockchain, ZorroSign can ensure privacy is always maintained as only approved nodes (endpoint users) can write to ZorroSign’s blockchain. As a result, ZorroSign’s architecture has even tighter privacy and security measures than other blockchains.
ZorroSign for Law
While the legal industry has traditionally been very conservative when it comes to adopting new technologies, law firms today must serve a diverse, mobile, and technically savvy clientele.
“WE WERE LOOKING FOR A SOLUTION FOR OUR FIRM TO OBTAIN CLIENT’S ELECTRONIC SIGNATURES ON DOCUMENTS IN A VERIFIABLE MANNER. AFTER SPEAKING TO SEVERAL DIFFERENT COMPANIES THAT OFFERED THIS SERVICE, ZORROSIGN WAS THE MOST COST EFFECTIVE, THOROUGH, AND BEST PRODUCT OUT THERE TO MEET THE NEEDS OF OUR LAW FIRM. ESPECIALLY DURING THESE TIMES OF SOCIAL DISTANCING AND MANY CLIENTS ONLY HAVING ACCESS TO SMARTPHONES AT HOME, IT ALLOWED US TO OBTAIN SIGNATURES, PROCESS DOCUMENTS MORE QUICKLY, AND GET RESULTS FOR OUR CLIENTS IN A MORE TIMELY MANNER. I WOULD RECOMMEND ZORROSIGN TO ANY OTHER LEGAL PRACTICE!”
Rex L. Patterson
Attorney & Owner at Patterson Law
ZorroSign supports such firms and their clients by delivering:
Non-repudiation audit trails and full progress tracking, including when documents are completed, rejected, expired or canceled
Cost-savings from reduced printing, faxing, scanning, and overnighting documents
Total control and visibility of documents-in-progress
An easily deployed document retention policy
Law firms use ZorroSign and our blockchain-based digital business platform (DBP) for incorporation documents; retainer, fee and non-disclosure agreements; purchase agreements (assets, products, and services); complying with Sarbanes-Oxley Act (board minutes, transparency, audit trail); power of attorney and proxy agreements; engagement letters; partner agreements; shareholder agreements; licensing agreements; and so much more.
We believe our digital signatures and document management solutions to be the most private, most secure available and look forward to proving it to law firms around the world! Contact us today to learn more.
It has been a long-running criticism of cryptocurrencies that the data mining required to produce coins consumes an astonishing amount of electricity. “Bitcoin uses more electricity per transaction than any other method known to mankind,” said Microsoft founder, Bill Gates, in a live-streamed Clubhouse session with CNBC’s Andrew Ross Sorkin on February 24, 2021. “And so it’s not a great climate thing.”
With the public blockchains used for cryptocurrencies, mining coins requires complicated mathematical processing on high-end graphic processing units (GPUs), consuming energy both for calculation processing and cooling those GPUs down under heavy load.
“Scientists from the University of Cambridge Judge Business School recently built an interactive analysis tool to calculate the real energy cost of bitcoin cryptocurrency,” notes Caroline Delbert in a recent article in Popular Mechanics. “Using their energy use model, the researchers found that bitcoin mining uses more energy each year (130.00 terawatt-hours [TWh]) than the entire country of Argentina (125.03 TWh).”
Public Cryptocurrency Blockchains v. Private Enterprise Blockchains
An important distinction to make is that cryptocurrencies run on public blockchains—where anyone willing to mine can be an end-user (node), the process of mining is one of the highest areas of energy consumption, plus validating each new transaction across the broadly distributed network requires massive computing power. Together, this architecture “makes Bitcoin extremely energy-hungry by design, as the currency requires a huge amount of hash calculations for its ultimate goal of processing financial transactions without intermediaries (peer-to-peer),” explained Alex de Vriews in a 2018 Joule article. “The primary fuel for each of these calculations is electricity. The Bitcoin network can be estimated to consume at least 2.55 gigawatts of electricity currently, and potentially 7.67 gigawatts in the future, making it comparable with countries such as Ireland (3.1 gigawatts) and Austria (8.2 gigawatts).”
In contrast, private blockchains that are used for business applications (apps) do not require the mining of coins—private blockchains are not used for cryptocurrencies—nor do they support wide-open end-users (nodes) where huge networks require more computing power to validate each new transaction.
“The early blockchain protocols such as Bitcoin and Ethereum used proof-of-work consensus mechanisms, which required a lot of energy-intensive ‘mining’ of cryptographic puzzles. The creators probably never imagined them to become as popular as they did, or that they would consume as much energy as whole countries,” says Si Chen, part of the Climate Accounting and Certifications, Energy Working Groups at Hyperledger. “Enterprise Private Blockchain Platforms like Hyperledger Fabric do not run on Proof-of-Work consensus that is power hungry.”
ZorroSign has purposefully used the private, permissioned blockchain architecture of Hyperledger Fabric to build our digital platform.
Unlike Bitcoin and the cryptocurrency models for blockchain, Hyperledger Fabric is a next-generation architecture “with even lower electricity costs and attendant carbon footprints,” writes Michael Barnard in a CleanTechnica report. “Hyperledger Fabric centralizes block creation into a single resource pool and has multiple validators in the participants. It’s also not intended as a cryptocurrency platform, although VIVA did create a cryptocurrency with it. It’s an enterprise collaboration engine, using blockchain smart contracts and an externalized payment system where that’s necessary, allowing variants of net 30 terms most blockchain smart contracts don’t support.”
A white paper comparing blockchain architectures and their energy consumption requirements, The Energy Consumption of Blockchain Technology: Beyond Myth, was published by Johannes Sedlmeir, Hans Ulrich Buhl, Gilbert Fridgen, and Robert Keller in June 2020. Their research charted energy consumption of power-hungry public blockchain proof-of-work (PoW) coin mining (far right bar) versus the much lighter energy consumption of enterprise blockchains like Hyperledger Fabric (center bar):
Hyperledger Fabric’s architecture is so completely different than the mining and broadly distributed model of bitcoin that it can operate faster with far, far lower energy consumption rates. “Hyperledger Fabric runs on Kafka consensus, capable of running on normal enterprise-grade servers that neither require any special or demanding hardware requirements or are power hungry.” (Stack Overflow)
Lower Energy Costs, Higher Transaction Speeds
This combination of speed and energy-efficiency makes Hyperledger Fabric the ideal architecture for ZorroSign’s blockchain platform. A quick comparison of enterprise blockchains shows Hyperledger Fabric’s considerable advantage in transaction speed:
“ZorroSign is committed to having a positive impact on our environment,” says ZorroSign CEO and co-founder, Shamsh Hadi. “We are proud to use Hyperledger Fabric as our blockchain architecture. Not only does this private, permissioned approach bring greater privacy and security to our users, but the environmental costs of operating a private enterprise blockchain—like Hyperledger Fabric—is magnitudes lower than the high energy consumption required of public blockchains like Bitcoin and other cryptocurrencies.”
To learn more about ZorroSign’s blockchain architecture, our commitment to environment conservation, and how we deliver greater privacy and security for digital signatures and documents, contact us today!
Blockchain technology can better secure supply chains and digital transactions.
December 2020 brought a flurry of news stories around the massive cyber attack on the U.S. government. Called the Solar Winds Orion Supply Chain Compromise, or the Great Supply Chain Hack, this evolving story reflects the risks even sophisticated networks—like those run by the federal government—face when dealing with attackers deploying anti-forensic techniques, user impersonation, privilege escalation and persistence, and MITRE ATT&CK® techniques.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert on December 17th on the advanced persistent threat (APT) to government agencies, critical infrastructure entities, and private sector organizations, saying the attack began in at least March 2020 and the attacker “demonstrated sophistication and complex trade craft in these intrusions. CISA expects that removing the threat actor from compromised environments will be highly complex and challenging.”
A December 21st NPR article says the “list of affected U.S. government entities reportedly includes the Commerce Department, the Department of Homeland Security, the Pentagon, the Treasury Department, the U.S. Postal Service and the National Institutes of Health.” Plus, the Department of Energy acknowledged its computer systems had been compromised, though not the critical National Nuclear Security Administration systems.
“Hackers exploited the way software companies distribute updates, adding malware to the legitimate package,” note NPR reporters Bill Chappell, Greg Myre, and Laurel Wamsley. “Security analysts said the malicious code gave hackers a ‘backdoor’—a foothold in their targets’ computer networks—which they then used to gain elevated credentials. Solar Winds traced the ‘supply chain’ attack to updates for its Orion network products between March and June.”
“This is looking like it’s the worst hacking case in the history of America,” says one U.S. official, speaking on condition of anonymity. “They got into everything.”
In this environment of fear and reaction, the promise of distributed ledger technologies offers an appealing new approach to digital security. For example, blockchains have quickly been embraced as a solution for improving supply-chain security for data, communications, and logistics.
The emerging technology of blockchain “adds layer of security to movement of critical components,” claims SAIC, an American government contractor. “We see blockchain as a transformative technology to protect elements of supply chains.”
“Blockchain can greatly improve supply chains by enabling faster and more cost-efficient delivery of products, enhancing products’ traceability, improving coordination between partners, and aiding access to financing,” says Vishal Gaur and Abhinav Gaiha in a Harvard Business Review article. “There is considerable room to improve supply chains in terms of end-to-end traceability, speed of product delivery, coordination, and financing. Blockchain can be a powerful tool for addressing those deficiencies.”
“It’s about time we start talking about the advanced methods of privacy and security we can ensure on blockchain,” adds Shamsh Hadi, CEO and co-founder of ZorroSign, Inc. “How many times do we need hacks to happen before we finally ask the right questions?”
For governments organizations and companies that require secure digital transactions, ZorroSign’s digital signature and document management platform can decrease costs, reduce errors, and increase productivity. Unlike other electronic signature solutions, ZorroSign’s platform is built on a private, permissioned Hyperledger Fabric blockchain architecture to secure digital assets and deliver security certificates with robust audit trails and lifetime document escrow.
“Ultimately, blockchain technology helps make digital transactions more secure, faster and less expensive,” says Hadi.
Learn how blockchain can more securely manage your organization’s digital signatures and documents—contact ZorroSign today.
ZorroSign provides the ultimate security in digital signatures, built entirely on a blockchain architecture that protects identities and data—uniquely authenticating users, encrypting communications, and securing digital data immutably through its lifetime.
“We are proud to deliver a mature blockchain solution for digital signatures that is cost-effective and more secure than any encrypted e-signature technology that relies upon public-key infrastructure for security credentials,” says ZorroSign co-founder and CEO, Shamsh Hadi. “ZorroSign’s platform efficiently leverages blockchain to protect online identities and documents such as business agreements, government files, healthcare records, and other legal evidence stored in digital formats.”
For governments, companies, and individuals that desire to securely transform paper-based workflows, ZorroSign’s digital signature and document management platform can decrease costs, reduce errors, and increase productivity. Unlike other electronic signature solutions, ZorroSign’s platform is built on privately-permissioned Hyperledger Fabric to secure digital assets and deliver security certificates with robust audit trails and lifetime document escrow.
“ZorroSign’s solution is uniquely scalable and secure,” adds Arra Yerganian, strategic advisor and acting chief growth officer for ZorroSign. “Whereas other companies might struggle with the costs and complexities of blockchain architecture, ZorroSign is that rare, viable enterprise using blockchain as our core technology to meet those challenges with a fast system able to grow as our customers require.”
Blockchain’s adoption has begun to accelerate the past few years. “JPMorgan says it has used it commercially for the first time to send payments,” writes John Detrixhe, senior reporter at Quartz. “Executives at the biggest US bank by assets say those systems can grow in scale.”
We invite you to let us prove how blockchain can more securely, more cost-effectively deliver post-execution fraud detection, verification and authentication of legally binding electronic signatures, and securing digital documents. Visit ZorroSign.com or contact us today!
“Modern digital technology that supports information sharing,
communication, collaboration, and learning are
central to daily living and to the function of government.”
~Teri Takai, Executive Director at the Center for Digital Government
Local governments in the United States such as counties, municipalities, and school districts serve the public with codified processes for business, education, health and safety, law enforcement, property development, transportation, utilities, and more. The sheer volume of legal agreements, licenses, permits, records, and reports are daunting to manage, and digital solutions are becoming more and more necessary to effectively administrate public services.
Further, local governments know the value of operating more efficiently both in cost-savings (by reducing administrative costs in paper, printing, reproduction, storage, etc.) and in resource allocation (by being able to serve more constituents with the same resources). Technology solutions that speed clerical work, reduce errors, and lower administrative costs can readily generate a return on investment for the public.
As local governments strive to move paper administration to digital environments, privacy and security become top priorities. Beyond simply digitizing forms, processes, and records, these government organizations must:
Validate end users as constituents engage digital public services
Authenticate digital data as it is moved between users and offices
Secure digital documents for storage, archiving, and retrieval—ensuring immutability with non-repudiation audit trails and post-execution fraud/tamper protection
Digital Benefits for Local Governments
The COVID-19 pandemic has accelerated local governments’ need to move to digital services.
“When offices were forced to close, many local governments were unable to conduct business without physical access to legacy systems, holding up everything from building permits to license renewals and access to land records.” ~Doug Harvey, VMware Head of U.S. State & Local Governments & Education
As local governments add remote administration capabilities, the promise of digital transformation is tremendous. Large municipalities to the smallest administrative districts can leverage digital signature and document management software to protect the chain of custody (CoC) for documents and securely review, approve, archive, and retrieve:
Across-agency or inter-department agreements
Architecture and engineering drawings/schematics for construction permits
Benefits administration programs and processes
Certificates of occupancy
Court decrees and orders
Facilities management forms
Housing programs and building permitting management
Licenses for alcohol, auctions, business, construction, farming, plumbing, restaurants, retail, valet services, etc.
Logistics and procurement processes
Permits for building, carnivals and fairs, exhibit and trade shows, explosives, fireworks, gas, hazardous waste, hospitals, lumber, medical facilities, nursing homes, public assemblies, waste handling, etc.
Public health programs administration
Purchase agreements for public assets, products, or services
ZorroSign blockchain digital signature, a secure, encrypted platform provides a means for local governments to digitize records—eliminating duplication errors, streamlining clerical work, decreasing costs and time spent, and ensuring public record immutability for legal enforceability and transparency.
