Doing business with another party has always involved trust. Much like depending on a handshake to seal a deal seems antiquated in the modern business landscape, the digital realm is forcing change to the age-old physical act of putting pen to paper in order to sign a contract.
Instead, the electronic signature, or e-signature, has gained ground as a convenient but also safe alternative to the traditionally signed contract. Importantly, e-signatures also have a role to play in combatting fraud, which could hold the potential to save South African companies millions of rands.
More than just a digital signature
A common misconception regarding e-signatures is that it is software that simply helps sign documents using a digital image of your signature. This is much the same as describing a smartphone as a device you use to make calls.
In fact, the e-signature process is a highly efficient way to track the path of a document or contract from beginning to end. Because the entire process is managed digitally through unique eSignature software, every action that is taken with this document can be traced. This includes the person who sent it, the time delivered to the inbox, when it was opened, how long the person viewed a page, when it was signed and when it was sent back. For anyone who has had to deal with an extended contracting process, this ability comes as a godsend, seeing that e-signatures allow for a full audit trail of the process, maintaining the ever-important chain of custody.
Moreover, document integrity remains intact, since the e-signature process notifies parties when documents have been tampered with or altered in any way by deactivating a green verified check mark. This puts an end to fraudsters tampering with contracts by converting a PDF back to a regular document in order to edit details, then back to a PDF which looks the same but is cleverly altered.
The ability to verify document integrity protects both the organisation and the individual from a repudiation point of view and is yet another crucial element in combatting pernicious contract fraud.
It is important to note that by using a specialist e-signature solution – whether through the use of a proprietary app, plugins or desktop software – documents are encrypted with only the intended recipient being able to access and sign. This helps address one of common trends in financial fraud, where criminals hack email to intercept invoices, then notify the company that banking details have been changed, providing fraudulent banking details instead.
Dr. Jekyll or Mr. Hyde?
E-signatures also solve another problem – that of identity certainty. With any type of signed contract, how do you know that the signature received represents the client? Was the document not perhaps intercepted and signed fraudulently? This is a considerable problem in South Africa, with the Insurance Crime Bureau reporting a massive 337% increase in impersonation fraud during 2020.
One of the most common cases of impersonation fraud involves criminals who manage to steal personal identity information and open accounts in that name, which leaves the real identity holder with massive bills once the fraud is detected. By working through an e-signature solution, this can be nullified, since it precludes the involvement of any unauthorised person in the contracting process.
Some e-signature solutions go even further in addressing identity verification by layering multiple controls. When a contract needs to be signed, a digital identity verification process can be triggered, where all the necessary information to authenticate the user is gathered. This could include biometrics (face or fingerprints), multifactor authentication (SMS or USSD), ID document verification (digital onboarding) and communication through user-controlled devices (a RICA registered device, for example).
Not all e-signatures created equal
Unfortunately, not all e-signature solutions are created equal, especially when it comes to compliance. South Africa has unique requirements regarding the validity of eSignatures, as stipulated in the South African Electronic Communications and Transactions Act [No. 25 of 2002]. Certain international solutions do not have the capacity to deal with every local regulation and can be found wanting when presented as evidence.
Moreover, local companies also have to comply with the recent Protection of Personal Information Act (POPIA), and some too with the EU’s General Data Protection Regulation (GDPR). Seeing that e-signature solutions often deal with personal verification information, companies need to ensure that the solution used manages the consent and privacy required by POPIA, in both a secure and compliant manner.
While trust is indeed earned, fraudulent interference in the contracting process has led to many companies struggling to place confidence in this well-established way of doing business. However, the best e-signature solutions now offer clients the ability to track a contract from start to finish. They do so not only by keeping track of chain of custody and ensuring document integrity, but also with the ability to verify identity. Ultimately, e-signatures bring trust back to the digital age.
By Carrie Peter