Category: blockchain

The Move to Digital

Since the invention of microchips and semiconductor transistors in the 1950’s, the world has moved steadily to more and more digital information. Computers for government, then computers for business, then home computers brought vast amounts of data into digital formats, and with the birth of the World Wide Web digital information has exploded in volume.

Today, we rely on digital documents for our business operations, our finances, our government, our healthcare, our legal system, and vast amounts of news and information—both personal and public. Trusting such digital documents is critical to ascertaining truth and accurately conveying facts.

“Documents comprise evidence, and are generally assumed to amount to evidence upon which the parties and the court can rely,” explains Helen Brander for Counsel magazine. “For every point that is made, one hopes there is a document to support that point.”

The Risk of Fraud

Throughout history, there have been various techniques to authenticate documents. In the pre-industrial age, it was common in Europe for someone to sign a document in ink and to then press a wax seal on the document to indicate the authenticity of that document. It was always possible, of course, that someone could tamper with the document and forge signatures, information, or the wax seal itself.

In the modern age, the United States has notary publics who can witness a person signing a document and endeavor to authenticate the signer’s identity by inspecting a driver’s license, passport, or other form of identification for that person. Again, the risk remains that it is possible to forge such identity materials, or alter the actual documents or signatures after signing.

More recently, with the popularity of electronic or digital documents, the digitization of business processes is taking place. In other words, from the creation of documents, to the signing of documents, to the storage and subsequent retrieval of documents, one or more steps may be conducted digitally.

For example, a document may be created on a computer and subsequently printed, signed with wet ink or electronically, then faxed, delivered via courier, or scanned into the computer and finally shared electronically via email or by using other file transfer mechanisms. Despite the technology advances, such documents can still be tampered with and signatures can be forged within this process as well.

“Detecting fraud within documents that have been digitally altered with graphics editors or ‘print-manipulate-scan’ evasion techniques requires more sophistication,” notes Martin Rehak in a Help Net Security article. “Often undetectable to human fraud specialists, building an automated solution requires specialist knowledge of the metadata and digital footprints left by scanning and printing devices.”

As such, modern digital documents require a level of security as evolved and nuanced as the technologies producing, storing, and sharing the digital documents themselves.

The Security of ZorroSign

Facing this historical need, ZorroSign has developed a unique digital solution that can:

• Prove that the individual who is performing the action to sign the document is who they claim to be (verification);
• Apply a digital equivalent of a wet-ink signature to the document (legal intent); and,
• Prove the authenticity of the printed copy or digital version of an electronically signed document, its content, attachments, and the signatures on it (authenticity).

ZorroSign’s patented Z-Forensics token is a tamper and fraud-detection seal for your digital documents, creating an unprecedented, immutable audit trail and complete chain-of-custody validation.

This revolutionary security system allows a validated user to create an electronic document, then allow one or more other users to complete and sign that document in a particular sequence—”the workflow”—all the while capturing the chain of custody and an audit trail of the changes made to the document by the parties in the workflow, such as recording key authentication, security and validation information when an action took place.

Unlike any other digital signature solution, ZorroSign seals all documents with our Z-Forensics token—capturing the complete audit trail and accompanying attachments and signature workflow. The token is encrypted and contains all the details about the transaction: Time stamps, user authentication, documents and attachments. 

Only the Z-Forensics token:

• Allows ZorroSign customers to manage permissions as to who gets to see what level of information about the transaction and the contract
• Stores the ZorroSign security encryption certificates, which—unlike other digital security certificates—never expire
• Can verify, validate and authenticate both digital and printed (paper) version of electronically signed contracts

Our Z-Forensics feature enables ZorroSign users to create a virtual seal for every uploaded document:  initiating a verifiable trail, tracking every step of a document’s journey through users, so that any attempts at tampering, fraud, revision or other alterations are immediately captured.

To learn more about Z-Forensics and how ZorroSign can help you prevent fraud with digital documents, contact us today!

What is Web 3.0?

You may have heard about Web 3.0 (or web3) recently and wondered, what is Web 3.0 and how is it different from Web 1.0 and Web 2.0?

A broad definition of Web 1.0 is simply the initial iteration of the World Wide Web in the late 1980’s and early 1990’s.  “Web 1.0 is the term used for the earliest version of the Internet as it emerged from its origins with Defense Advanced Research Projects Agency (DARPA),” writes Kuntal Chakraborty for Techopedia. “Experts refer to it as the ‘read-only’ web—a web that was not interactive in any significant sense.”

From those early static web pages, a platform model of computing soon evolved that would become Web 2.0 or the ‘social web.’  Here, interaction with growing web applications and platforms drove e-commerce and the expansion of the Internet, allowing large providers to aggregate and control much of the shared data.  This is the Internet we know today.

“Web 2.0’s business model relies on user participation to create fresh content and profile data to be sold to third parties for marketing purposes,” writes Charles Silver in a recent Forbes article. “Indeed, the internet has become a massive app store, dominated by centralized apps from Google, Facebook and Amazon, where everyone is trying to build an audience, collect data and monetize that data through targeted advertising.  In my opinion, the centralization and exploitation of data, and the use of it without users’ meaningful consent, is built into Web 2.0’s business model.”

The dream of Web 3.0, however, is to break the centralization of information and democratize the Internet more to the vision of its earliest founders.  “Web3, ” claims Chris Dixon from Andreesen Horowitz in a recent article in The Economist, “combines the decentralized, community-governed ethos of web1 with the advanced, modern functionality of web2.”

The Web 3.0 “will be based on the convergence of emerging technologies like blockchain, artificial intelligence (AI), machine learning and augmented reality,” note Neeti Aggarwal and Dandreb Salangsang in The Asian Banker.  “It will be characterized by decentralized data, a more transparent and secure environment, machine cognitive intelligence and  three-dimensional design.”

“The rise of technologies such as distributed ledgers and storage on blockchain will allow for data decentralization and create a transparent and secure environment, overtaking Web 2.0’s centralization, surveillance and exploitative advertising,” continues Silver.  “Indeed, one of the most significant implications of decentralization and blockchain technology is in the area of data ownership and compensation… Web 3.0 will bring us a fairer internet by enabling the individual to be a sovereign.”

Web 3.0 isn’t just championed by iconoclasts and trustbusters—Alphabet CEO, Sundar Pichai, recently shared on a quarterly earnings call, “On Web3, we are definitely looking at blockchain, and such an interesting and powerful technology with broad applications so much broader again than any one application. So as a company, we are looking at how we might contribute to the ecosystem and add value.”

As such, even the biggest players in Web 2.0 are looking to adopt Web 3.0 technologies and strategies as they continue their evolution.

Financial Services on Web 3.0

“Think about all the financial instruments we use today—currency, loans, insurance, bonds, credit cards, stocks, futures, options, interest bearing accounts—being converted to a new model,” asks Thomson Reuters.  “One that doesn’t require a traditional banking institution.”

For financial service organizations, adopting emerging technologies has historically been a slow, prove-it-before-you-move-it endeavor.  With the boom in fintech the past ten years, however, financial service organizations from accounting firms, to banks, credit unions, and credit-card companies, to finance companies and managers, insurance companies, investment funds, notaries, payment providers, stock brokerages, and conglomerates have all moved faster to adopt new technologies and gain a competitive advantage in serving customers.

“Fintech refers to the latest software developments in the financial services sector,” explains a recent Finextra article.  “Using technologies such as artificial intelligence, biometrics, payments, crypto and others, banks are increasingly able to offer their customers more convenient, streamlined services.”

With Web 3.0, however, it may be a case of many financial institutions pushed into new technologies by customers, rather than pulled in the hunt for larger margins and higher profits, as what sets web3 apart from web2 is ownership and control of data.

Already, “a few banks are using blockchain to power real-time transactions,” writes Emily McCormick for Bank Director.  Meanwhile, “Fintechs competing with banks are also taking advantage of the disintermediation trends promised by a Web3 economy.”

Today, cryptocurrencies and decentralized finance (DeFi) platforms challenge traditional banking for services and control of consumer monetary systems.  But while cryptocurrencies provide an exciting alternative to the constraints of fractional-reserve banking, financial services providers need not abandon central bank currencies to adopt Web 3.0 strategies.  The distributed ledger technology of blockchains can also support financial service applications above-and-beyond cryptocurrencies.

Future Technologies for Financial Services

As most financial service providers engage Web 2.0 technologies, the opportunity for early adopters to leap ahead to Web 3.0 becomes clear. 

“Over the next decade, we believe blockchain will become the dominant operating infrastructure of the financial system and look forward to helping our network of regulated banks, brokers and fintechs develop the competency and dexterity to be early adopters of this transformational technology,” said Ryan Zacharia, general partner at JAM Special Opportunity Ventures (JSOV), an affiliate of Jacobs Asset Management (JAM) and FINTOP Capital.

“Unlike the cryptocurrency market, for example—which is built on a digitally native system—Vikram Pandit, CEO of The Orogen Group and former Citigroup Inc. CEO, said that innovations in the traditional banking sector are based on applying new technology to improve old architecture, citing the use of distributed ledger technology in cross-border payments as an example,” notes a recent S&P Global Market Intelligence report.

Payments are another area ready for Web 3.0 transformation.  “In the past, when you transferred money to someone online, you needed a trusted service like PayPal or a bank to make the transfer,” cites an Algorand post.  “With blockchain networks, you can now transfer money directly to anyone with an Internet connection on a peer-to-peer basis.”

Further, securing digital transactions and the digital chain-of-custody are critical for financial organizations.  Even as some financial assets move to the metaverse—NFTs are an early example—a technology that immutably tracks and reports the provenance of assets is necessary to ensure ownership and enforce agreements across transactions and holdings. 

“Issues of trust, transparency, privacy, and user control lie at the heart of Web 3.0,” writes MakerDAO, and “on the back of the blockchain promises to shift the balance of power back in favor of the user.”

Blockchain, built for zero-trust environments, is the ideal architecture for tracking and storing digital transactions and documentation, and another way Web 3.0 technologies support evolving financial services.

ZorroSign and Web 3.0

And here is where ZorroSign shines!  We have built our digital platform from the ground up using blockchain technology.  Launched with Hyperledger Fabric, our multi-chain platform now supports the public Provenance Blockchain as well, giving our users an entirely new world of decentralized digital transactions.

At ZorroSign, we deliver digital signature solutions built on blockchain for greater privacy and security. 

Our Web 3.0 technology platform also provides identity-as-a-service (IDaaS) capabilities through a patented Z-Forensics token plus fraud prevention, user authentication, and document verification.  Web 3.0 features such as artificial intelligence (AI) and machine learning (ML) allow us to automate form completion for digital documents, and can improve regulatory compliance across global standards for legally enforceable digital signatures.

Paired with Provenance Blockchain—which reduces the need for third-party intermediation, drastically reducing costs and freeing up capital in financial transactions—ZorroSign’s platform promotes greater transparency and liquidity for financial service organizations, and allows for new kinds of financial engineering and business opportunities.

To learn more about Web 3.0 and how ZorroSign can help your financial service organization meet the future needs of your customers, contact us today!

What is blockchain?

If Bitcoin is a blockchain, is every blockchain a bitcoin?

What are apps and dApps?

What businesses and organizations use blockchain apps today?

We are excited to answer such questions and encourage you to contact us to learn more about blockchain, dApps, and how ZorroSign delivers superior privacy and security with blockchain technology! Read on . . .

Blockchain Introduction

Blockchain is a distributed ledger technology (DLT) leveraging cryptography—user authentication, data encryption and verification—to secure information records (blocks) distributed across peer-to-peer (P2P) networks. DLTs replicate, share, and synchronize digital data geographically spread across multiple sites (nodes), with no central data storage or administrator.

They can be run publicly (open) or privately (permissioned):

• Public blockchains, or open blockchains, allow anyone to run an endpoint node on the public network. Users can participate by mining a block or making transactions on the blockchain. Famous cryptocurrencies such as Bitcoin, Dogecoin, Ethereum, and Litecoin are public blockchains.
• Private blockchains restrict the endpoints or peers that can store data, requiring permission to participate on the private network. As such, permissioned blockchains are not used as cryptocurrencies, but instead make excellent business applications for storing, securing, and sharing data. Hyperledger Fabric is a ready example of a consortium private blockchain, allowing organizations to grant limited permissions to those endpoints participating on the blockchain. 

Cryptocurrency and Blockchain Apps

Cryptocurrencies on public blockchains essentially produce a coin which serves as digital money. Cryptocurrency coins have the same characteristics as fiat money: They are acceptable, divisible, durable, fungible, portable, and have limited supply. For example, Ether is the coin of Ethereum and Lumen is the coin of Stellar. Cryptocurrency coins are held in digital walletsthat store private/public keys and interact with various public blockchains to enable users to send and receive digital currencies and tokens.

“Bitcoin was arguably the first dApp,” writes Computerworld. “Enabling anyone in the world to download a bit of open-source code to join a blockchain network and verify transactions using a ‘mining’ algorithm, thereby generating digital currency (cryptocurrency) as a reward.”

DApps, or decentralized applications, are computer programs running on distributed ledger technologies (DLTs). With private blockchain dApps, an organization controls access to the blockchain—limiting its distribution but also elevating its security. So while cryptocurrencies are often in the news for major purchases, market fluctuations, and hacks, blockchain business apps make the news by showcasing how blockchain can advance business, government, healthcare, and many other industries.

Mobindustry Corp notes some popular dApps such as:

• IBM Blockchain – one of the best blockchain apps that helps logistics companies and businesses with long supply chains to track the status and condition of every product on each stage of the supply process: from the start of production to the distribution stage. Blockchain provides full transparency of records, and offers real-time tracking of all parts in terms of their location and condition.
• MedRec – a healthcare example of blockchain app that provides secure access to medical records across different providers and actors, like doctors, patients, hospitals, pharmacies and insurance companies.
• Spotify – uses blockchain database for decentralized connection between Spotify tracks, artists and licensing agreements.

DApps on Hyperledger Fabric

Hyperledger Fabric is a private blockchain that emerged from an open-source collaborative effort hosted by the Linux Foundation. Built to advance cross-industry blockchain technologies and improve trust, transparency and accountability, Hyperledger Fabric’s “modular architecture maximizes the confidentiality, resilience, and flexibility of blockchain solutions,” explains IBM.

Hyperledger was built for data protection and confidential transactions, and “was introduced to accelerate industry-wide collaboration for developing high-performance and reliable blockchain,” says the Blockchain Council.

Some prominent Hyperledger Fabric deployments include:

• Chainyard, designed to improve supplier validation, onboarding and life cycle information management
• Honeywell Aerospace to create an Amazon-type marketplace for used aircraft parts
• IBM Blockchain Platform
• Walmart to create a food traceability system—decentralizing its food supply ecosystem to quickly find the source when an outbreak of a food-borne disease happens
• ZorroSign digital signature, document management, IDaaS, and transaction management platform

“Hyperledger Fabric is intended as a foundation for developing applications or solutions with a modular architecture,” notes Hyperledger.org “Hyperledger Fabric allows components, such as consensus and membership services, to be plug-and-play. Its modular and versatile design satisfies a broad range of industry use cases. It offers a unique approach to consensus that enables performance at scale while preserving privacy.”

Focused on B2B collaboration where transactions taking place on the network are only visible to the authorized members, Hyperledger Fabric allows dApps to choose between no consensus needed and an agreement protocol—greatly speeding transaction times while minimizing energy requirements to update the blockchain.

• For example, “transactions in the ledgers of Fabric nodes are always in the same order—they don’t get out of sync,” says BlocWatch. “So any application reading from a Fabric ledger doesn’t have to wait for blocks to age; they can be trusted immediately.”
• Further, private enterprise blockchain use significantly less energy than public cryptocurrency blockchains, explains Michael Barnard in a CleanTechnica report.

“Think of it as an operating system for marketplaces,  micro-currencies, data-sharing networks and decentralized digital communities,” says GamesdApp.

ZorroSign on Hyperledger Fabric

The ZorroSign platform was built from the ground up on Hyperledger Fabric and delivers digital signatures, identity-as-a-service (IDaaS) features, digital document management, user verification and document authentication, and much more. Our dApp is available on iOS or Android, and can be readily accessed from any device—PC or mobile—anywhere in the world.

“We are proud to deliver a mature blockchain solution for digital signatures that is cost-effective and more secure than any encrypted e-signature technology that relies upon public-key infrastructure for security credentials,” says ZorroSign co-founder and CEO, Shamsh Hadi. “ZorroSign’s platform efficiently leverages blockchain to protect online identities and documents such as business agreements, government files, healthcare records, and other legal evidence stored in digital formats.”

For businesses, institutions, and individuals that desire to securely digitize paper-based workflows, ZorroSign’s digital signature and document management platform can decrease costs, reduce clerical errors, and increase productivity. Plus as a private blockchain, ZorroSign’s architecture has even tighter privacy and security measures than other blockchains.

Learn more our blockchain platform or contact us today to “block it down” for your data!

According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), more than 90% of all cyber attacks begin with phishing.

“Phishing is an attempt by an individual or group to solicit personal information from unsuspecting users by employing social engineering techniques,” explains CISA. “Phishing emails are crafted to appear as if they have been sent from a legitimate organization or known individual. These emails often attempt to entice users to click on a link that will take the user to a fraudulent website that appears legitimate. The user then may be asked to provide personal information, such as account usernames and passwords, that can further expose them to future compromises. Additionally, these fraudulent websites may contain malicious code.”

Thus phishing attacks seek to steal data or inject malware—adware, bots, keyloggers, ransomware, spyware, trojans, worms, etc.—that cause damage at a later time.

Phishing Attacks

In phishing attacks, “scammers use email or text messages to trick you into giving them your personal information. They may try to steal your passwords, account numbers, or Social Security numbers. If they get that information, they could gain access to your email, bank, or other accounts,” warns the Federal Trade Commission (FTC). “Scammers launch thousands of phishing attacks like these every day—and they’re often successful. The FBI’s Internet Crime Complaint Center reported that people lost $57 million to phishing schemes in one year.”

“What really distinguishes phishing is the form the message takes,” notes a recent CSO online article. “The attackers masquerade as a trusted entity of some kind, often a real or plausibly real person, or a company the victim might do business with.”

This credibility is paired with a sense of urgency to inspire victims to respond quickly to the message: Clicking a link or downloading a file that starts the attack. For example, Crowdstrike, a cybersecurity company, found that Amazon and Apple were the two most impersonated organizations for phishing scams in 2020. As the COVID-19 pandemic moves more people to work-from-home and out of traditional workplace settings, phishing scams increase to take advantage of anxiety and remote communications.

“Criminals rely on deception and creating a sense of urgency to achieve success with their phishing campaigns,” adds the CSO online article. “During a crisis, people are on edge. They want information and are looking for direction from their employers, the government, and other relevant authorities. An email that appears to be from one of these entities and promises new information or instructs recipients to complete a task quickly will likely receive less scrutiny than prior to the crisis. An impulsive click later, and the victim’s device is infected or account is compromised.”

“Phishing and social engineering attacks are now experienced by 85 percent of organizations,” reports Accenture. And the number of phishing attacks has been increasing in the United States, “with a growth of 65% in the last year,” adds Crowdstrike.

Blockchain Cybersecurity Against Phishing

“Traditionally, businesses sought to prevent phishing attacks through employee training,” writes Cloudphish, a blockchain cybersecurity company. “While this method did provide some success, it was overly reliant on human judgment.” As an alternative to such an approach of relying upon employees and staff to determine what emails or attachments they can safely open, blockchain offers a chance to secure the system access attackers ultimately seek.

Blockchain’s architecture, originally built for zero-trust environments and further secured in private, permissioned blockchain configurations, gives organizations a compelling alternative to centralized databases and a strong protection against phishing attacks.

• In phishing attacks that seek to steal data, blockchain presents a data architecture where no single endpoint node controls the data set. Even if an individual endpoint is hacked through phishing or other social engineering, the data set is distributed across many nodes. This decentralization of data and access means even successful phishing attacks that penetrate a blockchain endpoint only gain a small piece of system access.
  
  Whereas centralized databases can be stolen by one endpoint breach—such as the infamous attacks on Yahoo in 2013 and 2014, the United States Office of Personnel Management (OPM) in 2015, Equifax in 2017, Marriott/Starwood Hotels in 2019, and countless others—the distributed ledgers of blockchains minimize the potential damage of any phishing attack on individual endpoints. At ZorroSign, for example, we use a private permissioned blockchain, Hyperledger Fabric. Hence, even during a successful phishing attack, the adversary would not gain access to the blockchain data because the adversary would not have access to the blockchain certificates.  With Hyperledger Fabric, blockchain certificates are maintained in a secured certificate authority.

• In phishing attacks that seek to inject malware such as ransomware, the distributed nature of blockchain defeats those seeking to breach a system then holistically ransom the data files stored therein. Again, a single endpoint node might be breached, but the larger data set cannot be controlled by any one endpoint (or central authority) and so phishing attackers cannot capture the full data set for encryption, ransom, and shutting down the network.
  
  Further, with private, permissioned blockchains, each endpoint node (or user) has a unique encryption key to access and write to the distributed ledger. If any one of those endpoints is successfully hacked (compromising their access key), the private blockchain can simply remove distributed ledger access for that compromised key, issue the endpoint a new key, and allow that endpoint to quickly regain distributed ledger access (effectively as a new endpoint). This quick recovery process effectively maroons any ransomware on the endpoint it attacked—ending its access and threat—while allowing the endpoint to re-engage the larger data set with a new key and without needing to pay any ransom to the attackers for restored access.

To learn more about blockchain as cybersecurity and how ZorroSign employs private, permissioned Hyperledger Fabric blockchain, visit https://www.zorrosign.com/z-forensics/secure-blockchain-technology/

Banks, credit unions, investment groups, lenders, and other financial service providers use ZorroSign’s digital platform to lower operating costs while protecting privacy and data security. Only ZorroSign pairs digital signatures with blockchain technology—delivering 21^st century security to the age-old ceremony of signing agreements.

FINANCIAL SERVICES INDUSTRY NEEDS

Anyone managing technology for a financial services provider feels the stress of managing data, networks, and endpoint devices in a world where cyber attacks, regulatory compliance, and customer needs are changing quickly. 

To ensure their financial organizations are secure, compliant, and delivering easy to use customer-facing solutions, IT departments need the latest technologies but also proven solutions. ZorroSign is proud to protect financial services data—for customers, for regulators, and for the institutions themselves.

TRANSFORM YOUR FINANCIAL SERVICES WITH SUPERIOR SECURITY

Whether you’re a financial advisor or lender, a bank, credit union, or other services provider, you need fully compliant, automated, blockchain-level security and digital transactions you can trust. ZorroSign delivers:

• Unbeatable user authentication, validation and privacy, with superior data and document security

• A secure, paperless digital signature solution that’s easy to use, so you can “sign it and forget it”

• Workflow automation that saves times and eliminates paper—streamlining approvals, signatures, and workflows

• Error-free forms filled out and processed faster via artificial intelligence and machine learning

Financial institutions need privacy and security, but also need to know their technology solutions meet regulatory compliance.  ZorroSign’s platform is compliant with the Digital Millennium Copyright Act, UETA, the ESIGN Act, GDPR, plus ISAE 3402 Type II certified, SOC II Type 1 certified, and ISO 27001 certified while supporting HIPAA, ADA, WCAG 2.1, CCPA, New York SHIELD Act, and other standards varying country by country.

For banks, credit unions, and other financial service providers that desire to securely transform paper-based workflows, ZorroSign’s digital signature and document management platform can decrease costs, reduce errors, and increase productivity.

As a private blockchain, ZorroSign can ensure privacy is always maintained as only approved nodes (endpoint users) can write to ZorroSign’s blockchain. As a result, ZorroSign’s architecture has even tighter privacy and security measures than other blockchains.

ADD IDENTITY-AS-A-SERVICES (IDAAS) TO KNOW-YOUR-CUSTOMERS (KYC)

Beyond digital signatures, ZorroSign delivers identity-as-a-service (IDaaS) to verify financial services users and support know-your-customer (KYC) requirements:

• ZorroSign technology leverages the biometric capabilities of hardware endpoints to verify user identities
• ZorroSign is the first to adopt password-less login amongst our digital signature competitors
• ZorroSign MFA provides maximum security, as before a user can sign a document, our platform can validate multiple dimensions of authentication based on the transaction security needs: What you know (i.e., your ZorroSign login password), what you have (e.g., your laptop or mobile device), who you are (e.g., biometrics such as fingerprints or eye iris on the device securing who can access it), etc.

Additionally, ZorroSign users can optionally use our dynamic knowledge-based authentication (KBA) feature provided by LexisNexis. KBA requires the knowledge of private information of the individual to prove that the person providing identity information is the actual person.

Moving forward, ZorroSign will be adding further user verification capabilities, including integrations with U.S. driver licenses via state motor vehicle departments, verification via passports (with approximately 72 countries to start), other government-issued identities (with approximately 100 countries to start), and even tapping U.S. credit union databases for identity verifications.

Further, we will be implementing a blockchain-based audit trail for all user activities—including profile updates, signature changes, etc.—and will maintain a separate blockchain to maintain users’ signatures. With these immutable blockchain records, we can uniquely validate users in ways no competitive solution can.

We invite you to request a copy of our ZorroSign Security Brief to learn how our private blockchain architecture, document storage and protection, and platform security measures can support your financial service clients today!

The PDF Problem

Researchers have recently uncovered two major security flaws in certified Adobe PDF applications. These flaws leave organizations that use such PDF signatures exposed to a number of cyberattacks.

 

“Certified portable document format (PDF) files are used to securely sign agreements between two parties while keeping the contents’ integrity protected,” writes Becky Bracken in a recent Threat Post article. However, researchers from Ruhr-Universität Bochum “found vulnerabilities to two specific novel attacks they dubbed, ‘Evil Annotation’ (EAA) and ‘Sneaky Signature’ (SSA). Both allow an attacker to overlay malicious content (PDF) on top of the certified information without showing any signs it was altered.”

 

In quick summary, the EAA attack displays “malicious content in the document’s annotations and then sends it on with its digital signature intact. SSAs add malicious content over legitimate content in the PDF itself.”

The original research report further describes “how the attack classes EAA and SSA can be used to inject and execute JavaScript code into certified documents.”

The ThreatPost article concludes that “Certified signatures present a massive, potentially catastrophic, security risk for many organizations and the report urges PDF applications to work quickly to come up with wide-scale fixes.”

 

The ZorroSign Blockchain Solution

In light of this frightening security gap in Adobe PDF files, ZorroSign is proud to bring an alternative technology to the market for digital signatures. Our platform—built from the ground-up on Hyperledger Fabric blockchain—does not employ the Approval and Certification signatures built into PDFs to authenticate Adobe documents.

Instead, ZorroSign leverages distributed ledger technology (DLT) to securely record documents, workflows, users, and changes to our private, permissioned blockchain. This immutable record preserves chain-of-custody and provenance for agreements, contracts, documents, transactions, and any other digital workflow requiring signatures. And, equally important from a security risk management perspective, prevents any tampering to document annotations or adding content over legitimate content in the digital files themselves.

 

ZorroSign further deploys our patented 4n6 (“forensics”) token to each and every document—a unique technology seal that captures the chain of custody and an audit trail of the changes made to the document by the parties in the workflow, such as recording key authentication, security and validation information when an action took place.

 

This summer, ZorroSign will also deploy our new Z-Verify feature. The EAA and the SSA attacks are only possible because the PDF document is verified by itself. With Z-Verify, digital documents are checked against ZorroSign’s private permissioned blockchain record. Hence, the PDFs that are signed using ZorroSign can be cryptographically verified using the Z-Verify platform, preventing the EAA and SSA attack vectors.

 

Taken together, ZorroSign’s unique security architecture prevents the JavaScript code injection risks in Adobe PDF applications where the Ruhr-Universität report claims “the only requirement is that the victim fully trusts the certificate used to certify the PDF document.”

 

To learn more about the superior security of ZorroSign digital signatures and how we leverage blockchain technology and our proprietary 4n6 tokens to protect your data, contact us today!

 

 

Law firms of all sizes need legally-binding digital signatures, authenticated digital signers, the ability to track digital documents across multiple approvers and signers, and immutable audit trails to ensure digital agreements can withstand court scrutiny.

 

The rise of blockchain technology unites all of these capabilities for law firms and allows forward-thinking firms to gain competitive advantages in efficiency, client service, and operational cost-savings by leveraging blockchain solutions.

 

Blockchain for Law

Blockchains are distributed ledger technology (DLT) leveraging cryptography—user authentication, data encryption and verification—to secure information records (blocks) distributed across peer-to-peer (P2P) networks.  DLTs replicate, share, and synchronize digital data geographically spread across multiple sites (nodes), with no central data storage or administrator.  They can be run publicly (open) or privately (permissioned).

Public blockchains can readily be used as cryptocurrencies—creating and using a coin that serves as digital money.  For example, Ether is the coin of Ethereum, Lumen is the coin of Stellar, and bitcoin is the coin of Bitcoin.

 

Private blockchains are commonly used as business apps.  Here, an organization (or consortium of organizations) controls access to the blockchain—limiting its distribution but also elevating its security.  While cryptocurrencies are often in the news for major purchases, market fluctuations, and hacks, blockchain business apps are often in the news showcasing how blockchain can shape business, government, healthcare, and many other industries including legal services.

 

Perhaps most importantly, blockchains can support smart contracts—where terms, conditions, and permissions written into the digital code that require an exact sequence of events to take place to trigger the agreement of the terms mentioned in the blockchain contract.  This hard wiring, so to speak, of contract details greatly increases speed (via automation), trust (where accuracy and backup are built into the transaction), and autonomy (as no third parties are required to mediate or control the exchange) of transactions.

 

As such, blockchains have immense potential to transform business contracts, real estate deals, digital rights, supply chain security and provenance, estate planning, and many other legal transactions.

 

ZorroSign Uses Hyperledger Fabric for Privacy & Security

ZorroSign is built entirely on a blockchain architecture that protects identities and data—uniquely authenticating users, encrypting communications, and securing digital data immutably through its lifetime.  Specifically, ZorroSign’s platform was built from the ground-up on private, permissioned Hyperledger Fabric:  the framework for the IBM Blockchain Platform, Honeywell Aerospace’s marketplace for used aircraft parts, Walmart’s food traceability system, and many other corporate deployments.

 

 

ZorroSign supports such firms and their clients by delivering:

• Non-repudiation audit trails and full progress tracking, including when documents are completed, rejected, expired or canceled
• Cost-savings from reduced printing, faxing, scanning, and overnighting documents
• Total control and visibility of documents-in-progress
• An easily deployed document retention policy

 

Law firms use ZorroSign and our blockchain-based digital business platform (DBP) for incorporation documents; retainer, fee and non-disclosure agreements; purchase agreements (assets, products, and services); complying with Sarbanes-Oxley Act (board minutes, transparency, audit trail); power of attorney and proxy agreements; engagement letters; partner agreements; shareholder agreements; licensing agreements; and so much more.

 

We believe our digital signatures and document management solutions to be the most private, most secure available and look forward to proving it to law firms around the world! Contact us today to learn more.

 

It has been a long-running criticism of cryptocurrencies that the data mining required to produce coins consumes an astonishing amount of electricity.  “Bitcoin uses more electricity per transaction than any other method known to mankind,” said Microsoft founder, Bill Gates, in a live-streamed Clubhouse session with CNBC’s Andrew Ross Sorkin on February 24, 2021.  “And so it’s not a great climate thing.”

 

With the public blockchains used for cryptocurrencies, mining coins requires complicated mathematical processing on high-end graphic processing units (GPUs), consuming energy both for calculation processing and cooling those GPUs down under heavy load.

 

“Scientists from the University of Cambridge Judge Business School recently built an interactive analysis tool to calculate the real energy cost of bitcoin cryptocurrency,” notes Caroline Delbert in a recent article in Popular Mechanics.  “Using their energy use model, the researchers found that bitcoin mining uses more energy each year (130.00 terawatt-hours [TWh]) than the entire country of Argentina (125.03 TWh).”

 

Public Cryptocurrency Blockchains v. Private Enterprise Blockchains

An important distinction to make is that cryptocurrencies run on public blockchains—where anyone willing to mine can be an end-user (node), the process of mining is one of the highest areas of energy consumption, plus validating each new transaction across the broadly distributed network requires massive computing power.  Together, this architecture “makes Bitcoin extremely energy-hungry by design, as the currency requires a huge amount of hash calculations for its ultimate goal of processing financial transactions without intermediaries (peer-to-peer),” explained Alex de Vriews in a 2018 Joule article. “The primary fuel for each of these calculations is electricity. The Bitcoin network can be estimated to consume at least 2.55 gigawatts of electricity currently, and potentially 7.67 gigawatts in the future, making it comparable with countries such as Ireland (3.1 gigawatts) and Austria (8.2 gigawatts).”

 

In contrast, private blockchains that are used for business applications (apps) do not require the mining of coins—private blockchains are not used for cryptocurrencies—nor do they support wide-open end-users (nodes) where huge networks require more computing power to validate each new transaction.

 

“The early blockchain protocols such as Bitcoin and Ethereum used proof-of-work consensus mechanisms, which required a lot of energy-intensive ‘mining’ of cryptographic puzzles. The creators probably never imagined them to become as popular as they did, or that they would consume as much energy as whole countries,” says Si Chen, part of the Climate Accounting and Certifications, Energy Working Groups at Hyperledger.  “Enterprise Private Blockchain Platforms like Hyperledger Fabric do not run on Proof-of-Work consensus that is power hungry.”

 

ZorroSign Uses Private Enterprise Blockchain Hyperledger Fabric

ZorroSign has purposefully used the private, permissioned blockchain architecture of Hyperledger Fabric to build our digital platform.

 

Unlike Bitcoin and the cryptocurrency models for blockchain, Hyperledger Fabric is a next-generation architecture “with even lower electricity costs and attendant carbon footprints,” writes Michael Barnard in a CleanTechnica report.  “Hyperledger Fabric centralizes block creation into a single resource pool and has multiple validators in the participants. It’s also not intended as a cryptocurrency platform, although VIVA did create a cryptocurrency with it. It’s an enterprise collaboration engine, using blockchain smart contracts and an externalized payment system where that’s necessary, allowing variants of net 30 terms most blockchain smart contracts don’t support.”

 

A white paper comparing blockchain architectures and their energy consumption requirements, The Energy Consumption of Blockchain Technology: Beyond Myth, was published by Johannes Sedlmeir, Hans Ulrich Buhl, Gilbert Fridgen, and Robert Keller in June 2020.  Their research charted energy consumption of power-hungry public blockchain proof-of-work (PoW) coin mining (far right bar) versus the much lighter energy consumption of enterprise blockchains like Hyperledger Fabric (center bar):

 

Blockchain technology can better secure supply chains and digital transactions.

 

December 2020 brought a flurry of news stories around the massive cyber attack on the U.S. government. Called the Solar Winds Orion Supply Chain Compromise, or the Great Supply Chain Hack, this evolving story reflects the risks even sophisticated networks—like those run by the federal government—face when dealing with attackers deploying anti-forensic techniques, user impersonation, privilege escalation and persistence, and MITRE ATT&CK® techniques.

 

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert on December 17^th on the advanced persistent threat (APT) to government agencies, critical infrastructure entities, and private sector organizations, saying the attack began in at least March 2020 and the attacker “demonstrated sophistication and complex trade craft in these intrusions. CISA expects that removing the threat actor from compromised environments will be highly complex and challenging.”

 

A December 21^st NPR article says the “list of affected U.S. government entities reportedly includes the Commerce Department, the Department of Homeland Security, the Pentagon, the Treasury Department, the U.S. Postal Service and the National Institutes of Health.” Plus, the Department of Energy acknowledged its computer systems had been compromised, though not the critical National Nuclear Security Administration systems.

 

“Hackers exploited the way software companies distribute updates, adding malware to the legitimate package,” note NPR reporters Bill Chappell, Greg Myre, and Laurel Wamsley. “Security analysts said the malicious code gave hackers a ‘backdoor’—a foothold in their targets’ computer networks—which they then used to gain elevated credentials. Solar Winds traced the ‘supply chain’ attack to updates for its Orion network products between March and June.”

 

“This is looking like it’s the worst hacking case in the history of America,” says one U.S. official, speaking on condition of anonymity. “They got into everything.”

 

In this environment of fear and reaction, the promise of distributed ledger technologies offers an appealing new approach to digital security. For example, blockchains have quickly been embraced as a solution for improving supply-chain security for data, communications, and logistics.

 

The emerging technology of blockchain “adds layer of security to movement of critical components,” claims SAIC, an American government contractor.  “We see blockchain as a transformative technology to protect elements of supply chains.”

 

“Blockchain can greatly improve supply chains by enabling faster and more cost-efficient delivery of products, enhancing products’ traceability, improving coordination between partners, and aiding access to financing,” says Vishal Gaur and Abhinav Gaiha in a Harvard Business Review article. “There is considerable room to improve supply chains in terms of end-to-end traceability, speed of product delivery, coordination, and financing. Blockchain can be a powerful tool for addressing those deficiencies.”

 

“It’s about time we start talking about the advanced methods of privacy and security we can ensure on blockchain,” adds Shamsh Hadi, CEO and co-founder of ZorroSign, Inc. “How many times do we need hacks to happen before we finally ask the right questions?”

 

For governments organizations and companies that require secure digital transactions, ZorroSign’s digital signature and document management platform can decrease costs, reduce errors, and increase productivity. Unlike other electronic signature solutions, ZorroSign’s platform is built on a private, permissioned Hyperledger Fabric blockchain architecture to secure digital assets and deliver security certificates with robust audit trails and lifetime document escrow.

 

“Ultimately, blockchain technology helps make digital transactions more secure, faster and less expensive,” says Hadi.

 

Learn how blockchain can more securely manage your organization’s digital signatures and documents—contact ZorroSign today.

ZorroSign provides the ultimate security in digital signatures, built entirely on a blockchain architecture that protects identities and data—uniquely authenticating users, encrypting communications, and securing digital data immutably through its lifetime.

 

“We are proud to deliver a mature blockchain solution for digital signatures that is cost-effective and more secure than any encrypted e-signature technology that relies upon public-key infrastructure for security credentials,” says ZorroSign co-founder and CEO, Shamsh Hadi. “ZorroSign’s platform efficiently leverages blockchain to protect online identities and documents such as business agreements, government files, healthcare records, and other legal evidence stored in digital formats.”

 

For governments, companies, and individuals that desire to securely transform paper-based workflows, ZorroSign’s digital signature and document management platform can decrease costs, reduce errors, and increase productivity. Unlike other electronic signature solutions, ZorroSign’s platform is built on privately-permissioned Hyperledger Fabric to secure digital assets and deliver security certificates with robust audit trails and lifetime document escrow.

 

“ZorroSign’s solution is uniquely scalable and secure,” adds Arra Yerganian, strategic advisor and acting chief growth officer for ZorroSign. “Whereas other companies might struggle with the costs and complexities of blockchain architecture, ZorroSign is that rare, viable enterprise using blockchain as our core technology to meet those challenges with a fast system able to grow as our customers require.”

 

Blockchain’s adoption has begun to accelerate the past few years. “JPMorgan says it has used it commercially for the first time to send payments,” writes John Detrixhe, senior reporter at Quartz. “Executives at the biggest US bank by assets say those systems can grow in scale.”

 

We invite you to let us prove how blockchain can more securely, more cost-effectively deliver post-execution fraud detection, verification and authentication of legally binding electronic signatures, and securing digital documents.  Visit ZorroSign.com or contact us today!

“Modern digital technology that supports information sharing,

communication, collaboration, and learning are

central to daily living and to the function of government.”

~Teri Takai, Executive Director at the Center for Digital Government

 

Local governments in the United States such as counties, municipalities, and school districts serve the public with codified processes for business, education, health and safety, law enforcement, property development, transportation, utilities, and more. The sheer volume of legal agreements, licenses, permits, records, and reports are daunting to manage, and digital solutions are becoming more and more necessary to effectively administrate public services.

 

Further, local governments know the value of operating more efficiently both in cost-savings (by reducing administrative costs in paper, printing, reproduction, storage, etc.) and in resource allocation (by being able to serve more constituents with the same resources). Technology solutions that speed clerical work, reduce errors, and lower administrative costs can readily generate a return on investment for the public.

 

As local governments strive to move paper administration to digital environments, privacy and security become top priorities. Beyond simply digitizing forms, processes, and records, these government organizations must:

 

• Validate end users as constituents engage digital public services
• Authenticate digital data as it is moved between users and offices
• Secure digital documents for storage, archiving, and retrieval—ensuring immutability with non-repudiation audit trails and post-execution fraud/tamper protection

 

Digital Benefits for Local Governments

The COVID-19 pandemic has accelerated local governments’ need to move to digital services.

 

“When offices were forced to close, many local governments were unable
to conduct business without physical access to legacy systems,
holding up everything from building permits to license renewals
and access to land records.”
~Doug Harvey, VMware Head of U.S. State & Local Governments & Education

 

As local governments add remote administration capabilities, the promise of digital transformation is tremendous. Large municipalities to the smallest administrative districts can leverage digital signature and document management software to protect the chain of custody (CoC) for documents and securely review, approve, archive, and retrieve:

 

• Across-agency or inter-department agreements
• Architecture and engineering drawings/schematics for construction permits
• Benefits administration programs and processes
• Certificates of occupancy
• Court decrees and orders
• Facilities management forms
• Housing programs and building permitting management
• Human resources processes (e.g., employment agreements, expense forms, payroll sign-off sheets, etc.)
• Licenses for alcohol, auctions, business, construction, farming, plumbing, restaurants, retail, valet services, etc.
• Logistics and procurement processes
• Permits for building, carnivals and fairs, exhibit and trade shows, explosives, fireworks, gas, hazardous waste, hospitals, lumber, medical facilities, nursing homes, public assemblies, waste handling, etc.
• Public health programs administration
• Purchase agreements for public assets, products, or services

 

ZorroSign blockchain digital signature, a secure, encrypted platform provides a means for local governments to digitize records—eliminating duplication errors, streamlining clerical work, decreasing costs and time spent, and ensuring public record immutability for legal enforceability and transparency.

ZorroSign’s primary focus is the security and privacy of our customers’ data. We deliver such privacy and security with our digital signature and advanced digital transaction management (DTM) platform.

 

How?

 

Because unlike any other digital signature or DTM solution, ZorroSign was built from the ground-up on private permissioned blockchain, which is Hyperledger Fabric.

 

What is Hyperledger Fabric?

 

“Hyperledger Fabric is a modular blockchain framework that acts as a foundation for developing blockchain-based products, solutions, and applications using plug-and-play components that are aimed for use within private enterprises,” notes Will Kenton in Investopedia. “Because Hyperledger Fabric is private and requires permission to access, businesses can segregate information (like prices), plus transactions can be sped up because the number of nodes on the network is reduced.”

 

Hyperledger emerged as an open-source collaborative effort, hosted by The Linux Foundation, to advance cross-industry blockchain technologies and improve trust, transparency and accountability. Hyperledger Fabric distributed ledger technologies (DTL) are:

 

• The framework for the IBM Blockchain Platform
• Used by Honeywell Aerospace to create an Amazon-type marketplace for used aircraft parts
• Used by Walmart to create a food traceability system—decentralizing its food supply ecosystem to quickly find the source when an outbreak of a food-borne disease happens
• Deployed by Change Healthcare to demonstrate the feasibility of using Hyperledger Fabric to process hundreds of healthcare transactions per second
• The technology architecture upon which ZorroSign’s advanced DTM platform was built

 

How does Hyperledger Fabric Ensure Privacy & Security?

 

Hyperledger Fabric blockchains are permissions-based and requires all users to authenticate themselves before making requests to read or write into the distributed ledger (i.e., the “blocks” on the “chain”) or taking any action that adds to the blocks on the distributed ledger.

 

As a private blockchain, ZorroSign can ensure privacy is always maintained as only approved nodes (endpoint users) can write to ZorroSign’s blockchain. This is opposed to public blockchains—like Bitcoin and Ethereum—where anyone can be an endpoint and write to the blocks.

 

As a result, ZorroSign’s architecture has even tighter privacy and security measures than other blockchains.

 

Further, if users make a change to the information recorded in one particular block of a blockchain, they cannot rewrite that block—instead the change is stored or recorded in a new block along with the date and time of the change, permanently capturing the chronological changes to the document.

 

ZorroSign’s patent-pending 4n6 (“forensics”) token is a kind of digital seal that captures the complete audit trail and the document’s DNA. The token is encrypted and contains information on all the details about the transaction including time stamps, user authentication, document, and attachments. The 4n6 token securely reads the information from the secure ZorroSign servers so it can be accessed by the document originator or third parties (with permission from the originator) when requested. The 4n6 token allows ZorroSign to manage permissions as to who gets to see what level of information about the transaction and the document.

 

Finally, the 4n6 token stores the ZorroSign security encryption certificates, which—unlike other digital security certificates—never expire.

 

Benefits of Private, Permissioned Hyperledger Fabric Architecture

 

The key benefits of ZorroSign’s blockchain architecture and 4n6 token technology thus include:

 

• Immutability—A chronological record (with date and time stamps) of all transactions in multiple copies on the ledger are maintained to avoid any doubt or ambiguity. This chronological chain provides a robust chain of custody and audit trail capabilities. Blocks cannot be rewritten, edited, or deleted—only added to the ledge—and so ensure document immutability.
• Privacy—Permissions-based private blockchain security and privacy of the users’ information (i.e. PII, PHI, etc.) by only allowing permissioned individuals to have access to the transaction.
• Fraud Prevention—ZorroSign’s proprietary 4n6 token can readily detect any document fraud, document tampering, or signature forgery (as a tamper seal that runs on the blockchain).
• Lifetime Escrow—While competitors often use third-party digital security certificates that expire every two years, ZorroSign issues its own certificates that never expire for lifetime document escrow.

 
ZorroSign’s blockchain architecture, built on Hyperledger Fabric, ensures that all aspects of all transactions are recorded on a private permissions-based blockchain—creating an immutable, non-reputable record of the transaction and the executed document. And delivering unmatched privacy and security the organizations using our digital signatures and advanced DTM platform.

The increased popularity of, demand for, and mainstream use of electronic signature is the result of the global “go digital” movement, significant enhancements in the technology, and  governments passing laws to go completely digital in the near future. It does not suffice to use an image of your signature as an “intent to sign” or use incomplete electronic signature solutions that do not include an audit trail. Security, privacy, legal acceptability, signatory attribution, and authenticity of electronic signatures, electronic records, and document transactions have become key decision factors for users in legal, financial services, real estate, insurance, banks, healthcare industries and more.

 

In this article we outline the clear competitive advantage that ZorroSign has over its competitors, their products and why we believe we have developed the most advanced electronic signature and digital transaction management platform, that was created to meet the past, current and future needs of both the private and public business sector.

 

ZorroSign Competitive Advantages

 

ZorroSign is an advanced Digital Transaction Management (DTM) platform. There are less than a handful of competitors who may qualify as DTM providers, but studies show that those solutions do not meet basic DTM requirements of many customers. ZorroSign, on the other hand, is considered an Advanced DTM due to its enterprise-grade workflow automation, workflow builder, content automation, bank-grade security, built-in Document Management System, and intelligent forms.

 

1. ZorroSign uses (patented) true legally-binding electronic signature with real digital information vs our competitors who simply superimpose a flat image of a signature on a document. It’s about capturing intent to sign a document vs actually signing a document.
2. We use high level security provisions and multi-factor authentication (including biometrics) to ensure signatory attribution. This is increasingly becoming a problem when it comes to legal matters.
3. Our proprietary technology, the Document 4n6 (forensics) Token, detects document fraud tampering and signature forgery. It is  a tamper seal that runs on the Blockchain.
4. Our competitors use 3rd party digital security certificates that expire every two years. ZorroSign is authorized to issue its own certificates and they never expire. We call it Lifetime Document Escrow.
5. ZorroSign is a true Advance DTM platform complete with workflow automation and exception handling.
6. ZorroSign is built on permissions-based private Blockchain technology. We take advantage of its security, privacy and trust features to manage all our customer’s document signature transactions.
7. For ZorroSign, privacy and security are at the core of everything with do. We think security and privacy first for every product design, policy, and business practice decision. We use bank-grade security protocols, AES Encryption, biometrics, MFA, and other heuristics for handling our customer’s document signature transactions.

 

For a complete competitive analysis including analysis of a particular ZorroSign competitor, please contact our customer advisors.

 

Disclaimer: All competitive information is based on publicly available information.  When reviewing competitive information including pricing, please consider that products are continuously enhanced and modified by vendors and pricing published on the website is MSRP. ZorroSign does not disclose product roadmap and features that are in development and not yet released to the general public. ZorroSign also does not disclose feature-by-feature comparison for the same reason.

 

In recent years, Blockchain technology has become popular mainly because of its application in Crypto Currency. However, there is proven research as to the feasibility and application of this technology. It is widely believed that Blockchain technology addresses the most important part between two parties transacting online being Trust.

 

In this blog post I will provide a brief introduction to Blockchain, along with how Blockchain can be used in different situations in various industries. We feel it’s important for our customers to have the fundamental knowledge on this topic since ZorroSign is built using Blockchain technology to take advantage of its various unique features specifically related to privacy, security, and sanctity of their users and their electronically signed documents.

 

Important terms that will be used in the post are:

 

1. Transaction: Is when one or more users act on a single document set by means of acknowledging its receipt, filling out required information, signing it, putting initials and date. A transaction has a starting point and an ending point which is defined by means of a workflow.

2. Distributed Ledger: An entry is logged into a ledger by authorized user when an action is taken on a document set as part of a transaction.

3. User: A user is a person who has permission to view, manipulate, take action on, or otherwise process the document set as part of a transaction. A user is part of the workflow.

4. Workflow: The process that connects one or more users to take action on a document in a particular sequence. A workflow may have a time limit, example a person has 5 days to sign a document.

5. Action: Users in the workflow can take any number of actions on a document set as part of a transaction. Actions include sign, initial, date, put a checkbox, or fill out information.

6. Chain of Custody: During a single transaction a document may be passed from one signatory to another for processing, form filling, signature, and approval. Each user in the workflow represents a link in the chain of custody.

7. Private Blockchain: Implementation of Blockchain that is not on a public ledger to ensure privacy. Access to the platform and eventually to the ledger and its content for any specific transaction is restricted to only authorized individuals.

8. Public Blockchain: Implementation of Blockchain that is on a public ledger. Access to the platform, the ledger and its content for any specific transaction is available for all to see.

9. Crypto Key: A string of bits used by a cryptographic algorithm to transform plain text into cipher text or cipher text into plain text. Separate, but related crypto or cryptographic keys make up Public and Private keys.

10. Public Key: Information public and accessible by everyone in the workflow. However, the Public Key encryption can only be decrypted by the matching Private Key.

11. Private Key: Confidential and known only to the respective owner.

 

Now that you are familiar with basic terminology, let’s dive into the details.

 

What is Blockchain?

In its simplest form, Blockchain is a shared fixed ledger for recording transactions. ZorroSign has extended the concept of Blockchain to have the highest levels of security and privacy protecting the sensitive information and identities of authorized individuals in the network who have permission to access the content stored in the ledger.

 

Blockchain is a digital record where all transactions are recorded in the order of occurrence and where the next record is linked and related to the previous record. It is a continuous database of records that can only be added to and never edited or deleted. In layman’s terms, Blockchain allows businesses to secure and validate a digital asset, like a contract, enabling the enforcement of ownership or authenticity.

 

Characteristics of a Blockchain

The noteworthy characteristics of a Blockchain are:

• Indelible: The most important and distinctive property of blockchain. Once a transaction is written into a block, it can never be erased or modified by anyone, including the person who wrote the transaction.
• Globally Readable: Anyone who has permission to view the transaction can read what it contains and everyone sees exactly the same contents.
• Accept Rules Based Rights: Any chosen party can write into the blockchain as long as it respects the predetermined rules set out for that transaction.
• Strictly Ordered: There is no ambiguity of the transaction. The audit trail will clearly show which block of data came first and which came second.

 

Use Cases for Blockchain

Wondering how Blockchain works in the real world? Here are some practical applications:

• Banking: Financial transactions from opening an account to money transfers.
• Health care: Medical records and drugs composition.
• Real Estate: Track real estate transactions and tracking maintenance and upgrade of properties.
• Supply Chain Management: Tracking food supply from “farm to dining table.”
• Contract management: Chain of Custody, Audit trail, and entitlement tracking.
• Retail: Protect consumers against issues of product authenticity. Using Blockchain retail consumer goods can be tracked, eliminating the risk of consumers receiving counterfeit goods.
• Electronic Voting: Voter registration, personal identity, and voting records.
• Digital Identity: Securing and keeping track of your Personally Identifiable Information (PII).
• Diamond Industry: Using immutable tamper proof digital ledger, record: color, carat, certificate number (inscribed by laser on the crown or girdle of the stone), and origin in order to increase supply chain efficiency and eliminate conflict diamonds from market. Makes it possible to track diamond from origin to consumer.

 

Blockchain is NOT Bitcoin

Cryptocurrency like Bitcoin uses Blockchain, but they are not the same. Blockchain is not cryptocurrency or Bitcoin. Rather, cryptocurrencies and Bitcoin use Blockchain to secure transactions and publicly record them in a distributed ledger.

 

Advantages of Blockchain

Blockchain is important because it has unique qualities that set it apart from other transaction database management systems. Specifically, ZorroSign’s Blockchain is private, permissions-based decentralized system that is secure, trusted and automated with bank grade security. Ultimately, Blockchain technology helps ZorroSign make transactions more secure, faster and less expensive.

 

ZorroSign’s 4n6 (forensics) Token uses a private permissions-based blockchain to deliver verification, security, audit trail along with a lot more features. Users who access a ZorroSign’ed document through appropriate permissions can scan the 4n6 Token and request access to view the documents audit trail. For the 4n6 Token, the individuals in the workflow always have access to the document. Access to any external parties is limited to viewing the content of the document, its attachment, and audit trail and is based on permissions approved by the originator of the transaction.

 

Now that you better understand the ZorroSign 4n6 Token, you understand how Blockchain technology delivers document verification.

 

For a brief overview of ZorroSign’s Blockchain platform visit: www.zorrosign.com/zorrosign-blockchain

In our 24/7, mobile, competitive global business environment, being able to conduct business fast is critical. That means executing business documents efficiently and securely is important for businesses in any industry. Along with document execution, having processes that eliminate errors and cut costs are just as important. Adopting a DTM solution for your business is the answer. This means execute all types of documents and get approvals quickly, securely and with legally binding signatures on documents while eliminating errors and cutting costs.

 

There are solutions in the market that simply handle collecting signatures, some capturing digital copies of your signatures and some only capturing intent to sign from multiple parties. Then there are advanced DTM solutions like ZorroSign, that go beyond collecting legally accepted signatures from multiple parties. They handle various document signing ceremonies, help secure approvals, handle complex workflows and routing of these documents using automation like exception handling. Here is what you should look for in an advanced DTM solution.

 

1. Legally accepted Electronic Signature and Digital Signatures
2. Post-execution fraud detection of documents
3. Full audit trail and chain of custody
4. Document Management System (DMS)
5. Content Automation, Workflow Management, and Rules Engine
6. Intelligent Forms
7. Security, Trust, and Global Compliance
8. Advanced Security and Biometrics

 

Below we have listed eight ways an advanced DTM can help businesses go digital.

 

1. Automation – Full automation saves time, money and avoids errors.
Using a DTM platform can improve workflows and approval processes by automating document routing and processing. It can also connect one or more systems by providing interfaces between different applications by integrating the workflows using ZorroSign API. Automate your workflow with one click, assign to the correct people, send reminders, collect approvals and signatures without manual work.

 

2. Cost Savings – Save trees, water and office supplies,while reducing carbon emission and potentially even insurance premiums.

With automation comes savings of time, space and money. By specifying conditions and rules in a workflow, you can avoid costly errors that people typically make when executing documents. Outside of immediate cost savings from cutting back or discontinuing the use of consumables like, printers, toner, scanners, ink pens, paper, postage, and file storage, companies also see enormous labor related savings and decrease of insurance premiums from lowering their fire risk by eliminating paper file storage. Automating processes using a DTM solution cuts back on time demands, thus increasing capacity and output.

Interested in better understanding how your company can impact the environment, check out ZorroSign’s Environmental Savings Calculator and estimate savings per year in terms of trees, water, Carbon emission, time, and cost.

Along with positively impacting the environment, your company can save money by adopting a DTM solution. Learn more about the business impact of using office paper for business here.

 

3. Timely Execution – Decrease process time.

The DTM workflow allows the process owner to view and set time limits on each stage of the signatory process. Track a document from the start of the execution process through to the end with either user specific or document specific workflows and take advantage of automatic reminders.

 

4. Increased Efficiency – Time saved.

Through the use of an Advanced DTM solution, companies are able to save  time spent on retrieving documents, managing the signature process and managing multiple versions of documents and templates.

 

5. Reduce Errors – Decrease opportunity for human mistakes.

Using a DTM solution can reduce decision fatigue, environmental distractions and pressure to meet deadlines, consequently improving accuracy. Even the best, most experienced employees make errors. However, DTM systems support templates that ensure that the information is captured correctly 100% of the time. A DTM system also enables the user to validate data in real-time, allowing for potential corrections to be made on the spot.

 

6. Checks and Balances – Identify bottlenecks and audit your processes.

The workflow system within ZorroSign DTM allows for a graphical representation of where a document is in a specific workflow, allowing for process controls and monitoring of each document process and chain of custody. With the introduction of a DTM solution into a workflow comes the ability to monitor and track the progress of eSignature transactions at every step, in real time. This will also allow the workflow owner to identify bottlenecks and make appropriate adjustments to the process in order to increase efficiency where possible and ensure accountability throughout the workflow.

 

7. Audit Trail – Non-repudiation audit trails and full progress tracking.

With ZorroSign real eSignature solution, ZorroSign users can be 100% confident their documents have been executed with tamper-proof security and enforceability of documents of both digital and printed versions of your documents. . ZorroSigned documents create a non-repudiation audit trail, that include full progress tracking and bank-grade security using the Blockchain.

 

8. Compliance – Comply with all regulations, regardless of industry.

A reputable DTM solution will be compliant with international laws & regulations such as, E-Sign Act, UETA, HIPAA and GDPR. Advanced Digital Transaction Management solutions, eSignature solutions and digital signature solutions should also improve a company’s ability to remain compliant with their own industry specific rules and regulations.

 

Be an early adopter of ZorroSign’s DTM solution and take advantage of using a eSignature solution. Global businesses are quickly adopting Digital Transaction Management solutions as these solutions have  already proven the ability to deliver immediate and immense benefits. Get ahead of the crowd, let ZorroSign help you lead your digital transformation, click here to schedule a demo today.

Ever wonder how signatures impact both history and the future?

 

The National Archives has created an exhibit that explores the history of signatures. The exhibit shows how people have left their mark on history through signatures, written, electronic and cultural signatures. The video and exhibit explores how signatures represent the power of original records.

 

Learn how the autopen was used to authenticate laws and documents and how technology has changed how we sign our name over the years.

 

President Clinton signed the Electronic Signatures in Global and National Commerce Act or eSign act also known as the Digital Millennium Copyright Act on June 30, 2000. The eSignature and digital signature pad invention of one of the co-founders of ZorroSign was instrumental in the passage of this historic law. President Clinton signed the law document with both wet ink, as a symbolic gesture, and also used a digital signature token. This paved the way for ZorroSign’s patented and legally binding signature application.

 

We found this video very fitting not only from the perspective of the role of electronic signature in our society today, but also the impact of signatures on our society throughout history.

 

This week, Japanese Prime Minister Shinzo Abe and his close ally, Finance Minister Taro Aso accepted blame for an unraveling scandal in which official records were tampered with.  Total of 14 documents related to a dubious sale of state land at one-seventh of the appraised value to nationalistic school operator Moritomo Gakuen had been altered. The papers were scrubbed of all mention of Mr Abe and his wife, as well as lawmakers from the ruling Liberal Democratic Party (LDP).  Later, it was discovered that another set of documents, which show a record of price negotiations with Moritomo before the sale, were missing from what was submitted to the Parliament. (News source)

 

When documents signed with wet ink are tampered with or signature forged, document forensics experts can very easily detect the wrong doing.  Multiple copies may provide protection as long as those copies are not destroyed. The list of ways document fraud can be conducted is extensive.  Document transactions conducted using digital paper and electronic signature give you the false sense of security. The truth is that digital documents that were either electronically signed or signed in wet-ink and then scanned can, very easily, be tampered with and signatures on them forged after the effect. This can be accomplished with the use of software such as Adobe Acrobat Reader and Preview on Mac which are available for free.  Complete digital transformation is inevitable. Its just the matter of time. This problem will not go away.

 

So, how can individuals and businesses protect themselves again such malicious act? How can the Japanese public protect itself in the future from what Shinzo Abe, Taro Aso , and Moritomo Gakuen did? This was just one transaction by them that got caught. How many other transactions they must have conducted with forged signatures and tampered documents?

 

Imagine you’re a healthcare service provider, a doctors office, a financial services institution conducted millions of transactions a month domestically and internationally, a real estate deal, or a half a million dollar sales contract. The liability of having documents tampered with or signature forged for any one of the transactions in the above mentioned industries, is significant. Even companies that strictly use wet-ink on paper signature are scanning-and-storing documents electronically – not to mention rows of steel file cabinets lining up in offices around the world resulting in increased risk and insurance premiums. At the end of the day whenever these digital documents are to be shared with anyone there will always be this one question, is the document that I am looking at, original and authentic?

 

Only if there was a way to lock all the documents of a transaction with an encrypted token, secure them by a super advanced hash, and seal them with biometrics? What if, in addition, a distributed ledger could track the audit trail of actions and chain of custody?

 

As it turns out that there is.

 

With ZorroSign’s real eSignature and patent-pending unique Document 4n6 (Forensics) Token technology, individuals and organizations can be 100% confident that their business is protected against document fraud whether you’re sending documents out for signature, signing documents yourself, or wanting to verify and authenticate documents shared with you. As long as they were signed by ZorroSign, you know you can have the peace of mind that you and your business are protected against document fraud.