Last updated: 19 March 2014
Last week, I was perplexed to have someone ask me: ‘What’s your fax number?’. After consulting my email signature and supplying the necessary information, I spent the next 10 minutes searching the office trying to ascertain, first, if our fax machine still existed, and if so, where it now resided.
The relative novelty of receiving a fax led us to wonder why, in this digital age, they are not now totally obsolete? The answer: signatures.
Digital signatures have existed in one form or another for many years, and are far more secure than an incomprehensible scrawl on a piece of paper. Over on Adobe’s blog there’s a good nuts and bolts description of electronic signatures and how they can help companies improve their workflow efficiency and save money. Yet many businesses still require faxed signatures in order to consider something ‘signed, sealed and delivered’. What is standing in the way of universal adoption of digital signatures? And how can we combat these reservations and free up office space by moving the fax machine to the technological scrapheap?
At the heart of any digital transaction is the issue of identity. Is the person you are communicating with the person they claim to be? While a faxed signature is not an indisputable proof of identity, we have come to recognize it as a form of agreement to a transaction, which lets us move ahead while we wait for the finalized ‘wet’ signature. This process is not only archaic, but is open to fraud and forgery.
So how do we move forward? In order for digital signatures to be embraced in our current business environment a couple of key steps would need to take place. First a trusted source would need to be established for verifying digital identities. This could be a government organization, similar to the way the postal service validates identity for the issuance of U.S. passports. The second and more challenging step is getting businesses to agree to use this as a legally binding verification of transactional intent.
This may seem complicated – it’s not. In most countries there is already some form of identity verification process in place for citizens (i.e., passport issuance, government healthcare, etc.). In order to implement digital signatures, the governing body would verify a person’s identity and provide them with a digital identity. For a person to use their identity online to perform a digital signature, they would simply need a smart card-based device (USB token or smart card) combined with a PIN to apply a digital signature to a document.
The verification of the digital identity takes place online through a certificate authority. This verification is provided by a trusted third party that validates the digital signature. While it is not the same technology, you can think of this as similar to a secure website. When you log onto a website and go to a secure area for payment or information exchange, the site has been verified to ensure itcan be trusted. Such robust schemes have helped the deployment of digital signatures in the EU where it has been a legal form of signature for the past few years with national implementations as described in this article from Eldos.
One example of a successful implementation can be found in Brazil, where the government requires all businesses to use digital signatures to file their tax forms. This method improves efficiency and reduces fraud, and must therefore be the way forward for smart businesses. Elsewhere, in France digital signatures are used by companies to streamline various administrative tasks like declaring sales tax and registering new vehicles. We should follow the example of our friends from Brazil, France and elsewhere where fax machines have gone the way of the dodo.