Category: Security

This week, Japanese Prime Minister Shinzo Abe and his close ally, Finance Minister Taro Aso accepted blame for an unraveling scandal in which official records were tampered with.  Total of 14 documents related to a dubious sale of state land at one-seventh of the appraised value to nationalistic school operator Moritomo Gakuen had been altered. The papers were scrubbed of all mention of Mr Abe and his wife, as well as lawmakers from the ruling Liberal Democratic Party (LDP).  Later, it was discovered that another set of documents, which show a record of price negotiations with Moritomo before the sale, were missing from what was submitted to the Parliament. (News source)

 

When documents signed with wet ink are tampered with or signature forged, document forensics experts can very easily detect the wrong doing.  Multiple copies may provide protection as long as those copies are not destroyed. The list of ways document fraud can be conducted is extensive.  Document transactions conducted using digital paper and electronic signature give you the false sense of security. The truth is that digital documents that were either electronically signed or signed in wet-ink and then scanned can, very easily, be tampered with and signatures on them forged after the effect. This can be accomplished with the use of software such as Adobe Acrobat Reader and Preview on Mac which are available for free.  Complete digital transformation is inevitable. Its just the matter of time. This problem will not go away.

 

So, how can individuals and businesses protect themselves again such malicious act? How can the Japanese public protect itself in the future from what Shinzo Abe, Taro Aso , and Moritomo Gakuen did? This was just one transaction by them that got caught. How many other transactions they must have conducted with forged signatures and tampered documents?

 

Imagine you’re a healthcare service provider, a doctors office, a financial services institution conducted millions of transactions a month domestically and internationally, a real estate deal, or a half a million dollar sales contract. The liability of having documents tampered with or signature forged for any one of the transactions in the above mentioned industries, is significant. Even companies that strictly use wet-ink on paper signature are scanning-and-storing documents electronically – not to mention rows of steel file cabinets lining up in offices around the world resulting in increased risk and insurance premiums. At the end of the day whenever these digital documents are to be shared with anyone there will always be this one question, is the document that I am looking at, original and authentic?

 

Only if there was a way to lock all the documents of a transaction with an encrypted token, secure them by a super advanced hash, and seal them with biometrics? What if, in addition, a distributed ledger could track the audit trail of actions and chain of custody?

 

As it turns out that there is.

 

With ZorroSign’s real eSignature and patent-pending unique Document 4n6 (Forensics) Token technology, individuals and organizations can be 100% confident that their business is protected against document fraud whether you’re sending documents out for signature, signing documents yourself, or wanting to verify and authenticate documents shared with you. As long as they were signed by ZorroSign, you know you can have the peace of mind that you and your business are protected against document fraud.

 

With the era of “going paperless” well underway, the days of “wet signs” are soon going to be an ancient history. Going paperless, of course has its advantages, ranging from efficiency to environmental benefits, however, it is vital to keep in mind safety and security when it comes to using eSignatures as the replacement of actual wet signatures.

 

There is a plethora of evidence supporting the tectonic shift of going digital, however, many are concerned about the end-to-end execution of the entire document signing process. The US Federal ESIGN act defines it as, “an electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record.” This is a broad definition, and there are a plethora of ways documents can be signed electronically and contracts (or transactions) can be executed ranging from entering your initials, checking a box, typing your name, pasting a scanned image of your signature, and using a cryptographic-based digital signature.

 

Many digital signature solutions have been created with different levels of security measures around each. These include ensuring that they are tamper proof by forming a link between the signatory and his signature with the help of an encryption key that may be in the possession of the signatory.  This layered security ensures that the three vital aspects of the digital signature that ensure its legal validity have not been breached. These three aspects are:

 

Authentication: All the signatories are known to each other and can be authenticated easily.

Integrity: The signatories are the same persons who have signed the contract. I.e., the documents and the digital signatures have not been changed en-route

Non-repudiation: None of the signatories to a contract can deny that they are in fact, the actual signatories of the contract

 

But, this however, leaves a glaring gap, the susceptibility to hacks, forgery, and fraud.

Enter the world of biometric signatures.

 

Biometric verification of a signature now adds yet another level of security to the documents that are a part of a digital transaction.  The idea is to find a very unique way to authenticate and verify signatory because even the most complex passwords can be cracked. Biometrics is the natural answer because it is unique and, if done right, cannot be stolen or duplicated. A ‘bio’ signature is pretty much amongst the highest levels of security solutions out there. It has the capability of recording individual idiosyncrasies of the person signing the digital document. Traditionally biometrics means signing and verifying signatures and documents with retina scan, iris scan, and recently popularized by mobile devices, fingerprints and facial recognition technology. Advanced biometric may also use the personal mannerisms of the signatory such as the ‘flourish’ of the pen when he signs, when he slows down and consequently where he accelerates when signing, his overall rhythm and speed; and many other seemingly random variables that taken together, form a highly personalized and forensically identifiable and therefore utterly unique foolproof signature.

 

And the applications for biometric signatures are endless. They can be as basic as opening a bank account to as complex as closing multi-million dollar deals. Biometrics can also be used in conjunction to a simple 2-form authentication. Biometrics can be used not only to secure the digital transactions but also to restrict access to authorized individuals only.  And we are just getting started.