SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
E-signature software use in small to medium businesses on the rise
Thu, 13th Jan 2022
FYI, this story is more than a year old

According to new research, global e-signature software usage in small to medium businesses (SMEs) is set to grow by 30% over the next five years.

Gathering statistics from Fortune Business Insights and through their own working experience, Validated ID and United VARs have determined that due to the increase in remote work over the last 18 months, many core functions of SMEs such as HR and sales have also started to use electronic signatures.

They say this technology used to be used mainly by large enterprises in their supply chain, procurement, and finance departments; however, it is now more diverse and adaptable to other business areas.

The increased usage and demand has led to a raft of complexities and challenges but has also solved many of the problems associated with document handling and verification. Much of the complexity can be found in the verification process and customer interaction, but the production of new technology is helping to create faster processes for SMEs.

The companies say the general methodology of the e-signature includes gathering metadata related to all signing events and creating an audit trail that is cryptographically sealed to ensure document integrity.

This audit trail may also contain various supporting evidence of the individuals signing the document, such as qualified digital certificates, biometry of handwritten signatures, email addresses, identity proofing, and authentication steps. Evidence can vary in each circumstance, but the audit trail must support the legal value of the document.

Problems can arise when different regions and laws are brought into play. If a document is signed online and sent, it is harder to verify IP and determine if regions accept certain E-signatures.

In sharing advice for companies to implement e-signatures, both parties agree that in order to achieve success, it's essential that the chosen e-signature solution integrates well with core business systems and applications.

They also believe many e-signature don't always offer the same legal robustness, and because this is the most crucial aspect of any e-signature, companies must make sure that the solution provider chosen has the appropriate certifications.

Some examples of this can include eIDASin, the European Union and NIST-DSS in the USA. The evidence they gather in the signature process adheres to the regulations relevant in each country people operate in and ensures they are acceptable in court for a judge to attribute evidence to a signer.

It must also be easy for a signer to sign the documents in general, so a provider should provide different signature mechanisms to adapt to the individual situation and technology environment.