E-Signature Security: A Primer for Agents

Let's think about your signature for a minute. Not just any signature, but the old-fashioned pen-and-ink kind. There's no other signature like it in the world; it's not only unique to you, it's different each time you scrawl it onto paper. So it may seem counter-intuitive that electronic signatures are touted as "more secure" than handwritten ones. How can that be?

Yes, your signature is a unique and special snowflake. That's precisely the problem. Here's why:

• It's Unique - Your handwritten signature is one-of-a-kind. It varies each time you write it. If a signature is legally challenged, this variability can be an issue.
• Unknown to Other Parties - Because it's unique, no one knows if a signature is really yours. Therefore, handwriting experts can only establish the 'likelihood' that a signature belongs to someone, but can't establish certainty.
• Easy to Falsify - Handwritten signatures are easy to copycat--and therefore easy to forge.
• Doesn't indicate document integrity - Documents can be altered just as easily as a signature can be forged. With paper, there's no surefire way of knowing if underlying document has been modified.

Okay, you may be thinking, so ink signatures have weaknesses. But does that necessarily make electronic signatures better? After all, many banks have been slow to adopt e-signature technology and some still prefer traditional "wet" signatures.

It makes sense if you think about it. It's one thing for a buyer and a seller to enter into an agreement, but as the third party underwriting a sale, banks are the ones taking the financial risk. It's understandable that they want to be absolutely sure a signature is valid and can be upheld in case of a legal challenge.

So, what helps make an electronic signature legally enforcable? We'll take a look at Bank of America's famously strict security requirements to find out. In order to be accepted by some banks (and be upheld in court), an electronic signature should:

• Indicate Intent to Sign - An e-signature platform must include a consumer consent form that's included in the certificate or audit trail. The consent form indicates that the signer has agreed to conduct business electronically.
• Provide an "Audit Trail" - An audit trail documents the entire history of a signature--the signer's name, email address, IP address, time and date signed, and even the location.
• Be Self-Reliant and Tamper Evident - Once completed, a proper e-signed document is not able to be modified. If someone does succeed in tampering with it, the document must indicate this. In a PDF, this often appears as a message that says, "At least one signature is invalid." "Self-reliant" means that the document will indicate this invalidity all on its own. So it doesn't matter if your e-signature platform is down or even out of business--the document is still able validate its own integrity.

But wait, there's more! Banks want to make sure you are who you say you are, so most major lenders require advanced identity verification features known as Knowledge Based Authentication (KBA) and individual signer passwords. KBA validates identity by asking a signer random questions about themselves from data pulled from public and commercial sources. An individual signer password means just that--each user must have their own password.

While KBA and signer passwords are common requirements for short-sale and REO transactions, they are not always necessary in every situation. Transaction management platform Form Simplicity recently added both features to its eSign powered by GoPaperless (making it 100% compliant with bank regulations), but both are optional. As you can see in the screenshot below, the solution offers agents an easy way to see which authentication methods each signer is using:

The bottom line is this: know what's required to mitigate potential risks with e-signatures, and before you purchase an e-signature platform, make sure that it meets all requirements. If it doesn't, banks will not only reject your documents, but you could also be putting your business in legal jeopardy.

The Best of Both Worlds

If you're still feeling nostalgic for handwritten signatures, I'm going to wrap things up on a cheery note. There's a way to combine the security and convenience of electronic signatures with the more personal feel of wet signatures. Many e-signature solutions, including Form Simplicity, offer a "touch signing" feature, which means that users can digitally write their signature with their finger, stylus, or a mouse. It's a signature that's uniquely yours and very secure.

Happy signing, everyone!