What Authentication Level Should I Use?

What signor authentication level you require depends on your choice and use and balance between hassling the users (signor(s)) and ease of use.

• More secure = more hassle for user.
  Greater legal defense.

• Less work (easier) = less secure / less proof of identity.

NOTE: Your legal rights may be affected by the choices you make within the authentication settings.

Simplest / Default: “Constructive Evidence” mode.

Use this only if you have additional proof the signer is who they claim to be. Example: Someone signs a waiver, and they are also on your newsletter with that same email, and you have corresponded back and forth using that email. You can reasonably believe they own that email.

Examples when this might be appropriate:

• A trampoline park wherein the name matches a credit card receipt very close in time, and thus you have a separate method to prove this probably is the person in question. 
• A website flow in which the person signs a waiver, then pays a fee. The name on the waiver + time-date stamps will match the payment, and thus a reasonable burden or proof exists of signer identity.
• You have email correspondence from this person or people using the same email address, approximately on the same dates or close to it, thus providing “constructive agreement”.

TIP: If someone e-signs using contact name / phone / email that does not match the above, this may be a yellow flag on which you should get proof of identity.

Want more security? We have options you may wish to consider. Note some options require higher level plans.

e-Sign Authentication Options:

• Email Verification: A link the user must click to complete their signature, which proves they have access to the claimed email.
• Phone Verification: A link the user must click a link we SMS, or enter a code based on a phone call to complete their signature, which proves they have access to the claimed phone.
• Sign-in via Google or Facebook Required: We’ll pull a photo and some information. This indicates the user has access to that given account, which due to those platform’s security systems, is a level up on security. It usually will provide a photo and some basic info about the user, which will usually (but not always) match.
• Government ID: Some locations (i.e. Italy) require upload of government ID in order for an e-signature to be legally binding (such as a passport or driver’s license).
• Webcam photo is an option; this is helpful should the person ever show up in court and try to deny they signed it (and the doc contains a photo of them).
• Location may be helpful for people signing on-location via phone; example: A plumber, working on-site on a location, with geo-location matching the claimed service address.
• Photo of Signer: Used typically with kiosks & tablets for on-location signatures (example: Karate school waiver, gym membership).

FURTHER READING & MORE RESOURCES:

1. https://ogletree.com/shared-content/content/blog/2016/april/california-appeals-court-provides-guidance-on-the-use-of-electronic-signatures-by-employees

As always, if you have any questions or concerns about this matter please contact us, and we’ll update this article.

Disclaimer:

We take this seriously, but are not attorneys. This may affect your legal enforcement options. If you have doubts about the above, we formally recommend you seek legal counsel licensed and appropriate for your legal jurisdiction.