Wet Signatures vs. eSignatures | Which is more secure?

eSignatures have been around for over two decades, but many businesses have yet to make the switch from paper signatures to electronic ones. One of the main concerns is that eSignatures lack the security necessary to ensure that the document’s contents are kept confidential and the signatures coming back are legally valid. Let’s see if this is true by doing a side-by-side comparison of paper signatures and electronic signatures.

Wet Signatures

Physical or “wet” signatures are the traditional pen-and-paper signatures that are physically applied to a document. For these types of signature, the document to be signed may be sent to the signer via mail or other method to be signed privately. At other times, the document is signed in the presence of one or more other people. Paper signatures are a physical representation of a person’s identity and serve as proof of their consent to and acknowledgement of the contents laid out in the document. More often than not, a paper signature’s validity is based on trust. As the person who requested the signature, you must trust that the person who signed the document is who they say they are. As a signer, you must trust that your signature is not being forged to sign documents without your consent. Since wet signatures don’t come with a report that tells you what happened to a document prior and during signing, there is no way to directly trace the signature back to where and by whom it was signed.

In addition, with wet signatures, if the documents are not scanned and uploaded to the cloud, there is a risk of a natural disaster occurring and destroying the contents. This is another risk that businesses must face if they opt to continue to sign papers using paper.

eSignatures

An eSignature is an electronic piece of data that is created by an individual. The application of this piece of data to a document represents the signer’s identity and consent to and acknowledgement of the contents in the document. It serves the same function as a wet signature. However, since all the signing activity is done in the cloud, eSignature applications can track and observe a signer’s actions during signing. Signority’s eSignature solution tracks the name,  email address, IP address, and time of date of every action performed by the signer during signing. This allows document senders to have a full traceability report for each of the documents they get signed. Compared to wet signatures, this makes verifying a signer much easier, and can save businesses legal headaches down the line. For a signer, as long as you have full ownership over your email address, only you will have access to the documents you should be signing. If someone does try to impersonate you and eSigns a document without your consent, all their activity will be logged through the document’s audit trail. This information can be used to show who really signed the document. Furthermore, the use of SMS 2-factor authentication, and other authentication methods helps ensure the identity of the signer.

In terms of document storage, digitally stored documents are backed up in the cloud, so in case of a disaster, you won’t lose your documents. In addition, almost all eSignature providers have industry best-practice security certifications such as SOC I and SOC II certification and ISO 27001:2013 certification. These certifications verify that the company handles their customer data securely, protecting it from outside attackers, and can effectively recover from incidents that would otherwise lead to loss of data.

Finally, documents signed with eSignatures often come with a digital signature applied to the document by the eSignature provider. This digital signature can act as a type of tamper-proofing mechanism to detect whether or not a document has been tampered with. You can learn more about what digital signatures are here.

With all this information, it’s clear that eSignatures are a good choice for many companies. They provide superior security and traceability for signed documents. Not to mention they also cut down on the time you spend on each document that needs to be signed!

If you want to learn more about eSignatures and how they can benefit your business, download our free eBook titled “Introduction to eSignatures”.

What is Data Residency & Why is it Important?

Have you ever asked yourself, “how important is my personal information, and where is this kind of data being stored?”  These are the kinds of questions that are asked when discussing data residency. Before diving deep into what data residency is, and its importance, let’s first break down what personal information is and its different types.

What is Personal Information?

The Office of the Privacy Commissioner of Canada (OPCC) states that, according to The Personal Information Protection and Electronic Documents Act (PIPEDA), personally identifiable information (PII) is classified as “any factual or subjective information, recorded or not, about an identifiable individual.” According to the OPCC website, PII includes: 

  • Name, age, ID numbers (SIN), income.
  • Social status, evaluations, opinions, disciplinary actions.
  • employee files, credit score, employee files, loan records

Other types of information include Personal Health Information (PHI) which, according to the Information and Privacy Commissioner of Ontario’s Guide, 

  • Relates to the individual’s physical or mental condition, including family medical history; or
  • Relates to the provision of health care to the individual; or
  • Is a plan of service for the individual; or
  • Relates to payments, or eligibility for health care or for coverage for health care; or
  • Relates to the donation of any body part or bodily substance, or is derived from the testing or examination of any such body part or bodily substance; or
  • Is the individual’s health number; or 
  • Identifies a health care provider or substitute decision-maker for the individual

Data Residency

Data residency, otherwise known as data localization, refers to the legal and administrative prerequisites forced on the geographic or physical location of an individual’s or organization’s data.  In addition to addressing data storage, data residency also highlights how data is processed and creates conversation among legislators and citizens regarding data management and the safety of citizens’ data. When sensitive data is being managed, it’s vital that an organization’s data stays secure and locally stored. Companies and organizations could also qualify for various tax benefits based on what kind of data is being stored and where it resides. More importantly, the data being stored would be subjected to the laws and regulations of the country that stores it. While the Government of Canada does not have severe laws prohibiting companies or organizations from storing their data outside the country, numerous provinces have put up guidelines and regulations regarding the protection and handling of their resident’s data.

How Signority Can Help Secure Your Data?

Signority takes great pride in being the largest Canadian eSignature provider whose data centers are located in Canada. Signority’s main servers are in Montreal and we have ensured that our back servers are also located in Canada. This ensures two things. First, if one server location is affected by an outage, your documents will remain safe, secure, and accessible. Secondly, this ensures all our customer’s personal and private information is securely stored within Canadian borders, a key requirement ensuring our compliance with the PIPEDA and HIPAA acts, as well as the SOCIII, ISO270001, and PCI certificates. In addition to complying with Canada’s data residency laws, Signority follows strict security protocols when handling customer data. 

On top of the many security features, Signority also offers products and services at a low price without compromising the quality of our customer service received or our product itself. 

Now, ask yourself again, “how important is me and my client’s personal information, and where is this kind of data being stored?” 

Ready to send secure eSignatures with Signority? Sign up for a 14-day free trial today!

Will InsurTech Be The New Normal?

InsurTech as the new norm

Examining the powerful forces driving massive change within the insurance marketplace

This is an excerpt from our most recent guide “What is Insurtech? And Why The Insurance Industry Should Take Immediate Notice

When compared to other sectors of “big business,” the insurance industry has—at least historically speaking—been left to operate uninterrupted, out of reach from the aggressive startup movement that has radically transformed and reshaped so many other industries.
This simply isn’t the case any longer.
Over the last three years, in particular, startup funding has increased dramatically. In fact, according to a recent PWC report released last year, 90 percent of insurers say that they fear they will lose business to startups as investments in InsurTech has increased five-fold.
To understand why the InsurTech marketplace has seen such explosive growth over the past few years, we need to understand the competitive forces that are most significantly impacting the insurance sector as a whole.
For the purposes of this post, let’s go over the five, key forces we need to understand:

  1. Incumbent carriers are feeling the heat from more nimble, tech-focused startups – Historically flat IT budgets and outdated legacy systems have made it more difficult for large, incumbent organizations to adapt to a new, modern marketplace. More importantly, InsurTech startups have shown the ability to quickly fill gaps in the marketplace, creating entirely new products and service offerings specifically tailored to tech-centric Millennials — the largest living generation of American consumers.
  2. The legislation simply cannot keep pace, leaving startups to quickly fill the gaps – The rise of the peer-to-peer (P2P) sharing economy (think Uber and Airbnb, among others) highlighted an important fact; legislation, as a general rule nowadays, simply cannot keep up with the pace of change. Lawmakers and startups could not be more polar opposites of each other—one group moves begrudgingly slow and the other lightning quick. This divergent movement creates gaps and loopholes (not to mention regulatory nightmares), allowing nimble startups to introduce never-before-seen products and services that often threaten the very existence of larger, more traditional insurers. While usually good for customers, it can spell doom for big business.
  3. Big data continues to confound traditional insurers, empower new entrants – Insurance is a data-driven business, and big data is BIG business. The rapid increase in available software, specifically cloud-based computing, connected devices and telematics, has made data more accessible than ever. Still, most traditional insurance companies, burdened by rigid, antiquated systems, have yet to capitalize. Instead, smaller, more agile, InsurTech startups have stepped in to fill the void. Big data remains one of the most difficult challenges for large, incumbent insurers.
  4. New entrants are joining forces to solve the cyber security puzzle – Cyber crime costs are projected to reach $2 trillion by 2019, which makes cyber security a puzzle that’s obviously worth solving. Yet, as the free flow of data (specifically, Cloud data) becomes more accessible, insurers—not unlike other big businesses—face mounting security challenges. To solve some of these challenges, there are new entrants like Cyence, a startup that provides a first-of-its-kind cyber risk analysis for insurers. According to Cyence, the economic cyber risk modelling platform “helps companies when they’re the target of cyber-attacks.” Many of these companies have joined forces with FinTech (yes, that would be “Financial Tech”) startups who are solving similar challenges.
  5. Traditional insurers, in an effort to close the gap, continue to gobble up talent – Talent tends to follow funding. As a result, there has been an influx of skilled software talent. Traditional insurers, too, have joined the hunt for top-notch tech talent — albeit in a slightly different way. According to Gartner, the global insurance industry (North America, in particular) is investing heavily in insurance technology start-ups. In fact, Gartner reports that 80 percent of life, property and casualty insurers worldwide will “partner with or acquire InsurTechs to secure their competitive positions by the end of 2018.”

Download the free guide What is Insurtech? And Why The Insurance Industry Should Take Immediate Notice.  
Needless to say, traditional insurance companies are at a crossroads. And judging by the number above, most have made their decision.
But, who are these InsurTech startups?
Let’s take a look.

InsurTech Startups: the most disruptive, well-funded startups currently reshaping the insurance marketplace

There is an ever-growing laundry list of startups currently taking aim the insurance sector (here are more than 100 of them)—and that doesn’t even count other FinTech startups who are attempting to do the same thing!
Some are taking aim at auto insurance, exclusively.
Not to be outdone, here are eight more hoping to disrupt the life insurance market.
You get the idea.
Yet, there are a handful of startups, in particular, that are making waves early in 2017:

  1. Lemonade: Lemonade offers fast and low-coverage homeowners and renters insurance “powered by technology.” It sells rental insurance policies for as low as $5 and home insurance for as little as $35. The company has raised more than $90 million, including $34 million Series B in late 2016.
  2. Metromile: Metromile offers pay-per-mile car insurance powered by a proprietary device, Metromile Pulse, a free wireless device that plugs into your car. Once the device is installed, it calculates your monthly mileage to determine your bill. The company claims its customers save an average of $500 annually. To date, Metromile has raised more than $200 million in funding!
  3. Trov: Trov calls itself “on-demand insurance for the things you love.” Essentially, Trov lets you purchase low-cost, accidental theft, damage, and loss policies on everyday items—with just a few text messages. That’s right. The entire experience can be handled safely and securely from a smartphone. The Australia-based company has raised more than $46 million to date and plans to launch in the U.S. later this year.
  4. Clover Health: Clover is a full-service insurance company that “implements metrics to figure out the best protocol for a patient who is at risk for health problems. It aggregates reports from a patient’s various medical services to generate a comprehensive profile of the person’s health” (source). Clover is currently available in New Jersey only, though it has plans to expand elsewhere in the near future. And get this—Clover has raised nearly $300 million in funding!

Obviously, this is but a small sampling of the types of startups who are benefitting from an influx As you may already know, of investment dollars (and clearly for good reason). If you want to learn more about insurTech, you can download the full guide for free here: “What is InsurTech? And Why The Insurance Industry Should Take Immediate Notice”.
Sources: http://insights.instech.london/post/102d2yk/24-companies-shaping-instech-globally

 

Ready to take your business paperless? Sign up to get a 14-day free trial on a Signority eSignature Plan!

The Insurance Risks of Cyber Attacks

The Insurance Risks of Cyber Attacks

As the use of technology is becoming more prevalent in everyday business, insurance included, there are aspects that are prone to high levels of risk, and require ramping up on security. While it may look like a mundane issue at first, it can have severe consequences for your company. As more insurance companies, in particular, are migrating towards digital channels in order to create tighter relationships with their customers, they also are trusted with sensitive personal information for each client such as Social Security Numbers, credit card data, and so much more. In case —  but, hopefully not — you are a victim of a cyber attack, what does this mean for you? Let’s take a look at some of the insurance risks to consider when looking at cyber attacks!

Lost Sales

Cyber attacks are not always orchestrated by large-scale, highly qualified hackers, but even small DOS (denial of service) attacks can pose a great risk and affect your company severely if they catch you unprepared. Seeing as insurance companies collect data from their customers that range from personal information such as addresses, passport numbers, Social Security Numbers (SSN) or EIN, to financial info including, but not limited to credit card numbers, PINs, anything really, it is understandable for your customers to be wary, in case you have had to deal with a cyber attack previously. Studies say that 60% of SMEs who have been a victim of such attacks go out of business within three months.
Another type of cyber attacks that can cost your company quite a lot is called ‘Social cyber attack’. The most clear-cut example was the group of protesters who collectively attacked PayPal for not allowing payments to WikiLeaks. While it didn’t go down entirely, the lost sales were tremendous.

Protection Costs

According to a recent article published in Forbes magazine, cyber crime costs are projected to reach $2 Trillion by 2019. Which means that businesses need to be extra-vigilant when it comes to protecting their data.
Doing business online comes with a great number of rewards, but also with a risk or two. If you do insurance online, then you have to be aware of the cyber attacks at all times. For this, you have to prepare and protect yourself before hackers even try to get to you, and this preparation has to be thorough.
To avoid the risk of getting hacked and losing critical data, you have to hire qualified and capable people who can take care of the cyber-security section of your digital business. If you want your help to be highly professional, then you will have to spend a good amount of money for supporting it, both in terms of hiring competent IT staff and for other overheads required for smooth operations.

Changing your business model

Financial costs are not the only thing insurance companies have to worry about when dealing with cyber-crime. They have to remodel the way information is collected, stored and handled, so as to ensure that sensitive information is safe and non-vulnerable to these kinds of attacks. Many businesses have elected to altogether stop storing their customers’ financial and personal information, some others have shut down their online presence, at least online stores, if not all. This is all done when they cannot protect themselves properly, as the implications such attack can have on them, can be fatal.
Lately, customers also are being more proactive in educating themselves on online security and request to be informed on how their insurance company of choice handles security issues. You may have noticed that clients are more likely to choose businesses that are upfront and sincere about their methods — we noticed this soon after we launched our post on transparent pricing!
Making these changes to prepare and protect you and your company from these cyber risk are integral and can be daunting, but minor changes in the way you conduct business, the infrastructure, and various technological advancements can all be used to help mitigate much of the risks and improve your company.
Begin looking into cheap and secure methods to improve small processes of your work before ramping up to bigger, more complex security issues. Try looking into things like eSignature solutions, that can provide extra layers of security to already existing workflows and processes! Learn more by checking out our website or feel free to contact us directly with more questions!
Looking to take your business paperless? Sign-up now and get a 14-day free trial to a Signority eSignature Plan.