In the 22 years since electronic signatures were made legal for business use in Canada, they’ve become a mainstay of how we interact with our customers. As they’ve gained familiarity, use, and traction, there has been a group of companies (that are becoming smaller) that wouldn’t adopt the technology. About 4 years ago, I started asking what barriers are preventing sensitive documents such as wills, financial instruments, notarized documents, and major contracts from being digitally signed (as opposed to “wet-ink” signatures) and what protections would need to be in place for these types of documents to go that route.
What does the future hold for sensitive digital contracts? What is in use today?
Not all signatures are created equal, and different products have different features. For simplicity, let’s break electronic signatures into three categories: E-signature, digital signature, and credentialed signature (Digital ID).
What are they?
E-signatures – These were the first iterations acceptable in court, although are no longer accepted in some provinces. A simple electronic indicator that can be attributed to the user. This could be as simple as typing your name in a box, adding a jpeg, or clicking to produce an image to imitate how your name would look when written with a pen. The precedent law on this is actually that the footer of an email could be enough to consider something electronically signed.
Digital signature – A digital signature uses a combination of public and private keys to issue certificates with encrypted claims that could be attributed to a document. When signing a document with a digital signature, information about the session could be recorded, such as what email address the user was logged in from or when they issued this certificate. All of this information could be presented as evidence that you’ve signed a document. You likely use this type everyday without even knowing it, it’s common for financial services, real estate, and even everyday business. These signatures sacrifice a little bit of privacy in order to create some more evidence as to who has signed.
Credentialed signature (Digital ID) – A signatory verifies their ID (usually government-issued) against a biometric, and a credential is created for them by a credential issuer, which is usually an identity and access management company, or the integrated signature provider company. That credential can then be applied to a series of digital assets (mostly contracts) to verify that a live person signed a document. That credential may include other permissions as well, such as authentication from additional issuers based on a series of attributes of the signatory (e.g., job title, professional designation, educational status, etc.). This expands the reach of a traditional digital signature in two key ways. First, the verified ID and biometric checks expand assurances of the signature to the person on the other side of the screen, who was present at the time of signing. Second, with a Credentialed signature we can prove that the signature hasn’t been subject to fraud and the signer is, in fact, who they claim to be. This allows the document to be universally verified which means that a party who was not in the room when a document was signed can still ascertain who, specifically, signed a document and that it hadn’t been altered. This type of signature is only starting to take hold, but is already in use for financial assets, both tangible and digital, art, and many situations where there is a higher risk of fraud.
Future of Digital ID in contracts
As more sensitive types of documents begin to go digital, higher levels of assurances are becoming imperative as methods of resisting fraud attempts. While an E-signature may be an appropriate tool for a retail business with lower stakes, there is growing adoption of Credentialed Signatures for high-value sales such as securities, precious metals, legal contracts, real estate, digital assets, and more. We are already seeing the adoption of these standards in multiparty financial agreements, where a customer and a third-party agent may agree to a transaction, but the funder is not present in the room. The application of a digital ID in these cases protects all parties involved since the funder can verify every aspect of a contract without having to ever meet the customer and the customer has a verifiable document that could be easily proven should anything ever go awry. The use of Credentialed Signatures protects the asset and can confirm Know Your Customer (KYC)/Anti-Money Laundering (AML) assurances while helping the signer claim ownership by creating direct connections between them and the asset. We see this niche growing substantially over the next five years and better-linking people to their digital worlds.