Zsolt Hankó, eSignatures.io: “the approach to privacy is also an important element of superior security systems”
The world is moving further and further away from tangible traffic encryption tools. However, when it comes to signing documents, there still are people that cling to the good old “pen and paper” method. But maybe it’s time to let it go?
Of course, skeptics would say that digitizing the signing process comes with certain security risks, and a handwritten signature, on a piece of paper adds some sort of finality to whatever business deal. But the electronic signing process is a lot simpler, and a simple line of code, often unseen, has the same legal power as handwritten signatures.
Zsolt Hankó, the Founder of eSignatures.io, an electronic signature provider, told CyberNews all about their company’s focus on simplicity and convenience to the client, as well as touched upon some of the challenges and myths of the electronic signature world.
What was the journey like since your launch in 2015? How did eSignatures.io go from an idea to a business?
It all started in Australia. At that time we developed an e-signature solution for real estate agencies with the aim to tailor it specifically for their needs. Their main goal was to be able to close deals as fast as possible. They needed a simple, fast, and mobile-friendly solution. That
was the moment when our main innovation was born which makes us truly unique up until today in the e-signatures market.
Instead of using PDF files in the signing process (which was the industry standard), we developed our own contract template editor. As a result, contracts sent with eSignatures.io were responsive. Like a website. Text layout and the font size were always optimal for the signers on any device. A truly mobile-friendly signer experience was born.
We realized after some time that there is a clear market gap that we can target with our new approach. The first non-real estate business was actually a local radio station that called us and said that they wanted to use mobile-friendly e-signatures. Then there were many others.
Shortly, we launched the first version of eSignatures.io and started to get customers (mostly by word of mouth) and continuously develop the software.
Today, we can proudly say that eSignatures.io operates worldwide and we are one of the best e-signature solutions in the market with many integration possibilities, including a first-class API. We are the only ones with a truly mobile-friendly signing experience, pay as you go pricing, and unique innovations like contract signing via SMS or QR code.
It seems like ensuring simplicity is one of your top priorities. Can you tell us more about your vision?
Absolutely. Simplicity is a core value that we have. In our opinion, it's the most important element when you innovate. Think about human beings developing tools from ancient times to become stronger or faster. In today's business world, you can be faster if you can make complex tasks or processes simple most of the time.
We still remember the story of one of our early customers. He called to tell us that he loves the simplicity of our solution because he can get signed contracts and close deals while having phone calls with their customers. We were happy and proud on one hand, but on the other hand, that was an important moment. We just realized how valuable simplicity is for businesses when it makes them faster.
Simplicity saves time. And time is money.
If you consider all aspects of creating and signing a contract it can be a really complex and time-consuming process. Think about it - people just want to make agreements which can also be done with a handshake. It’s simple but not trustworthy enough, so that’s why making an
agreement becomes more complex. Our vision is to create a world where making a trustworthy agreement is as simple as a handshake.
What are the main security challenges surrounding document signing?
We handle sensitive information, and probably the toughest security problem to tackle is the Advanced Persistent Threats. It requires very sophisticated monitoring systems operating across several layers of the infrastructure, and it’s a never-ending project. Every online service faces this problem, and in my opinion, it should not be underestimated. Ideally, every project should be built with that in mind from day one, but realistically speaking, the best time to lay down the foundations is when the service starts to gain traction. Later, as the project evolves it would become increasingly more complicated and costly.
The approach to privacy is also an important element of superior security systems. All the data we collect can only be used for the sole purpose of signing contracts. We don’t share, sell or even analyze any data, including anonymous data. That makes it easier to secure the infrastructure, simply because of the restricted use and storage of information.
Have you noticed any new cyber threats arise as a result of the pandemic?
We haven’t noticed any radically new types of cyber threats since the pandemic has struck, but the volume of attempts has definitely increased. Behind some of the penetration attempts, we recognize the good intentions though, as many white hat hackers are appearing in the cyber arena, and that’s a very good sign, I believe. We are very happy to see that becoming a white hat hacker is a more and more viable option to conduct work online. It’s a win-win for businesses and white hat hackers.
Which security measures do you think are necessary to combat these threats?
We rely on both proactive and reactive approaches to secure our services against malicious attacks. Gone are the days when adding honeypots was enough to secure services. It requires a major effort to get everyone on board in a business with security guidelines and tasks. Luckily there are many standards that help to organize the processes around security best
practices. We’ve become ISO-27001 certified in 2020, and our processes and policies are all documented and conducted with security and privacy in mind.
Even though the electronic signature is becoming a widespread practice, there are still some myths around it. What misconceptions do you notice most often?
A very common misconception is that people want to use hand-drawn signatures because they think it is necessary. Probably they think it makes the signatures more legally binding but when we are talking about electronic signatures, that is not the case. Electronic signatures are ensured by email or phone number identification and log data like IP addresses. If you make a drawn signature with a mouse or with fingers on mobile, it doesn't add anything to it. However, there are still some government institutions that still require handwritten signatures.
In our default settings, signers just need to click the “Sign” button as it is the most simple, and the fastest way to sign electronically a document but “hand-drawn signatures” can also be enabled. Although it's not required, we still support it for the cases when clients would
still like to use it. That’s a good example of how we are working on our vision - making agreements as simple as a handshake - in every small detail.
As work from home becomes the new normal, what are some of the worst habits when it comes to sharing and signing sensitive documents across the remote workforce?
The ultimate leader is the use of personal email addresses. People tend to send sensitive documents from or to their personal email addresses. It’s much more secure to use professional service providers. It’s a very good example that shows that the education of the workforce is key to ensuring the security of sensitive information within a company. Humans and their habits are usually the weakest points of every security system.
Talking about the future, what predictions do you have for the electronic signature landscape for the next few years?
The electronic signatures market is in the middle of a boom. It’s not a surprise considering the effects of the COVID pandemic as there is a huge demand for doing things remotely. Consequently, the environment in the next few years will still be very favorable for electronic
signature solutions. From the end-user perspective, we expect a further rise in mobile device usage. Today, it's a “nice-to-have” to sign contracts on mobiles but it will be a “must-have” in the next few years. We can also see a huge user demand for integration possibilities. There are a lot of very different “use cases” where even smaller businesses or individuals want to integrate electronic signatures with other apps that they use. We strongly believe that it will be the most decisive development area for the next coming years.
Share with us, what’s next for eSignatures.io?
We will focus on to keep delivering innovations to the e-signatures market based on our truly mobile-friendly solution. Last year we introduced an innovation - “signing via QR code”- as the first ones in the market. It was the first step on this journey but there are many more to come. We have ambitious plans for 2022 so stay tuned!