Month: October 2013

Are frevvo forms ESIGN compliant?

What is an e-signature?

An e-signature (electronic signature)  is a simple, easy and legal way to sign or approve electronic forms/documents.

The two main laws regarding e-signatures – ESIGN and UETA both state that electronic signatures must be “… an electronic sound, symbol, or process attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record”

E-signatures are:

  • Legal: They are widely recognized as legally binding around the world.
  • Mature – Many Government agencies, Fortune 500 companies, and thousands of businesses use millions of e-signatures a year.
  • Secure: E-signatures are usually far more secure than physical/faxed signatures. Forms and documents are securely managed throughout the process of gathering e-signatures.
  • Auditable – The workflow is tracked throughout the process of collecting e-signatures from multiple parties.

What is a digital signature?

A digital signature is one specific implementation of an e-signature that uses digital certificates. Digital certificates are the key component of Public Key Infrastructure (“PKI”) and are issued by a trusted Certificate Authority. They provide a high level of security with respect to the transaction and the identity of the signer.

frevvo Live Forms and legally binding e-signatures

The two main laws UETA and ESIGN establish the basic framework for a legally binding system based on electronic signatures.  We’ll discuss Live Forms in the context of the basic elements of this framework:

Reliable Identification of Parties: The identity of any signing party to an electronic transaction must be securely known. With Live Forms, you can:

  • Use the built-in security manager or integrate with external systems such as LDAP to authenticate users.
  • Setup forms and workflows to allow configurable sets of authenticated users run-time access to forms and flows as well as the resulting submissions/transaction documents.

Disclosure and Consent: Parties must be clearly informed of the intended use of a legally binding electronic signature and given an option to agree or opt out. With Live Forms, you can:

  • Flexibly build custom prompts and text and display disclosure documents or language.
  • Design dynamic forms and workflows that can react accordingly to user response.
  • Include any/all consent responses in the transaction document.

E-Signature Capture: The system must provide a means to capture a sound, symbol or process representing the e-signature. With Live Forms, you can:

  • Require the signature to be entered each time (using a stylus or finger on a touch screen or a mouse).
  • Store a user’s handwritten signature once and then use it automatically by the system to affix a handwritten signature under user direction.
  • Capture handwritten signature images and store them along with the data that represents the electronic transaction (or send to a third-party system if that option is chosen).

Electronic Transaction Secure From Tampering: Once the electronic transaction has been signed by a party, the relevant data must be secured against tampering and any tampering that might occur must be immediately apparent and detectable. With Live Forms, you can:

  • Protect all or some of the transaction document with digital signatures.  The digital signature is applied simultaneously with the application of a handwritten signature, which is itself also protected with the digital signature.  The accurate date and time of the signature is also automatically recorded and protected by the digital signature.
  • Configure a transaction document with multiple sections, each of which may be protected with a digital signature requiring a handwritten signature from multiple parties to the transaction.  The potential combinations available to designers are endless and very flexible.
  • Immediately detect any tampering of the digitally signed data or electronic signature. Live Forms automatically checks digital signatures for tampering and immediately notifies users.

Transaction Document Retention: Electronic transaction documents must be retained for somewhat obvious reasons, including later accessibility, compliance with laws and regulations, later enforcement, etc. With Live Forms, you can:

  • Store transaction records within Live Forms or send data to 3rd-party systems.  Live Forms includes several built-in connectors that facilitate this integration with no programming required.

Transaction Document Access: The resulting electronic transaction “document” must be available to all parties. With Live Forms, you can:

  • Provide access to the transaction document using the built-in repository. You may optionally allow read-only access to the resulting transaction submission to all parties or a subset of parties.
  • Configure the system to create alternate formats such as a PDF that are stored with the transaction data and retrieved as needed.
  • Store signature images along with the data that represents the electronic transaction and include them as part of the read-only data that may selectively be made available to parties of the transaction. The captured signature images may also be affixed to any generated alternate document forms (PDFs, etc.).

Audit Trail for all Transaction Actions: Each action must be recorded in order to be able to prove who did what and when they did it. With Live Forms, you can:

  • Use built-in auditing to record who processed each step and when they did it.
  • Make the audit trail available to all participants or configured for selective access by particular parties to the transaction.

As you can see, Live Forms software provides everything needed to gather, track and store documents that contain legally enforceable signatures. If you’re interested in learning more, watch this 4 minute video on how to use e-signatures with frevvo Live Forms.