Embed Size (px)
Citation preview
Underwri(enby:
#AIIMInforma(onIsYourMostImportantAsset–LearntheSkillstoManageIt
e-SignaturesinEurope:UnderstandingtheNewRegula(onand
HowItCanHelpYourBusiness
Presented10March,2016
e-SignaturesinEurope:UnderstandingtheNewRegula(onandHowItCanHelpYourBusiness
AnAIIMWebinarpresented10March,2016
Underwri(enby:
StephenMasonBarrister,Author,&ConferenceSpeakerstephenmason.eu
JoergLenzProductMarke9ngManagerEMEAKofaxDeutschlandAG
Host:TheresaResekDirectorAIIM
Today’sSpeakers
Underwri(enby:
StephenMason
Barrister,Author,&ConferenceSpeaker
stephenmason.eu
IntroducingourFeaturedSpeaker
Underwri(enby:
Weallusee-signatureseveryday
PersonalBuyingflights,holidays,shopping,etc,etc–overtheinternet
Usingcreditanddebitcards–ATMsandpointofsale
PuOngasignatureorasquiggleoracrossintoahand-helddevicewhenaccepRngaparcel
TheorganizaRonEnteringcontractswithemployees
Internalpurposestosignoffprojects
Approvinginvoices
Approvingexpenses
Underwri(enby:
Confusionaboute-signatures
Mostofusdon’treallyknowwhatanelectronicsignatureis
Buttheyareeasy
Whatisimportant?
Whendecidingwhichformofe-signaturetouse,youneedtothinkabout:
BalancingevidenRalweightagainstoperaRonalrequirements
Whatisbestforthebusinessprocess
Howthecustomerisgoingtoreact
Underwri(enby:
Somereasonsforusingasignature
Primarypurposeevidencethatthesignatoryapprovesandadoptsthecontentsofthedocument
contentofthedocumentshallbebinding
SecondarypurposeauthenRcatetheidenRtyoftheperson
contentofthedocumenthasnotbeenalteredsubsequentlytotheaffixingofthesignature
Recordkeepingpurpose[Foracompletelist,seeStephenMason,ElectronicSignaturesinLaw(3rdedn,CambridgeUniversityPress,2012),pp8–13]
Underwri(enby:
Formsofelectronicsignature
Typinganameintoane-mailordocumentInterestinproperty;loan;employment;contract;assignmentofguarantee;insurancepolicy;publicadministraRon;judiciary;statuteoffrauds;wills
Clickingthe‘Iaccept’or‘Iagree’icon
UsingapersonalidenRficaRonnumber(PIN)Usingascannedsignature
Usingabiometricmeasurement
Usingadigitalsignature(moreaccurately,ahashcryptographicsignature)
Electronicsound
Thenameinane-mailaddress
Underwri(enby:
Provingthelink
Wealluseelectronicdocumentstoconductbusinesseveryday
ThereisapercepRonthatsomehowcontractsarenotvalidorcannotberelieduponiftheyareinelectronicformat
Yetweallenterintocontractseverydayelectronically,andweuseelectronicsignatures
Whatusuallyma(ersiswhether,ifsomethinggoeswrong,wecanproveweenteredintoacontracttoenforceourrights
Finally,insomejurisdicRons,youcannotenterintosometypesofcontractelectronically[thesearenotdiscussed]
Underwri(enby:
Theprac(calissue
InsomejurisdicRons,theformatthatanelectronicsignaturetakesisnotrelevant
Whereonepartyreliesonanelectronicsignatureandtheotherpartydeniesusingtheelectronicsignature,theburdenofproofremainsasformanuscriptsignatures:
Thepartyrelyingonthesignaturemustprovethesignatureisnotaforgery
Theproblemthataffectseveryformofelectronicsignatureisthis:
Therecipientdoesnotknowwhetherthesignaturewasaffixedtothee-mailordocument,orthePINwasusedbythepersonwhosesignatureitpurportstobe
Underwri(enby:
Therelyingparty
Thepartyrelyingontheelectronicsignaturehastoaskthemselvesiftheyhavesufficientevidenceinplacetorelyonthesignature
Ifadisputeoccurs,consideraRonmustbegivento:Howtoprovethenexusbetweentheapplica9onofthesignature,whateverformittakes,andthepersonwhosesignatureitpurportstobe
Noformofelectronicsignature,includingdigitalsignatures,provestheusercausedthesignaturetobeaffixed
Underwri(enby:
EuropeanUnionlegisla(on
DirecRve1999/93/ECoftheEuropeanParliamentandoftheCouncilof13December1999onaCommunityframeworkforelectronicsignatures,OJL13,19.01.2000,p.12
RegulaRon(EU)No910/2014oftheEuropeanParliamentandoftheCouncilof23July2014onelectronicidenRficaRonandtrustservicesforelectronictransacRonsintheinternalmarketandrepealingDirecRve1999/93/EC,OJL257,28.8.2014,p.73–114
TheRegulaRonrepealstheDirecRvewitheffectfrom1July2016
Underwri(enby:
TypesofelectronicsignatureundertheEUlegisla(on
(10)‘electronicsignature’meansdatainelectronicformwhichisa(achedtoorlogicallyassociatedwithotherdatainelectronicformandwhichisusedbythesignatorytosign;
(11)‘advancedelectronicsignature’meansanelectronicsignaturewhichmeetstherequirementssetoutinArRcle26;
(12)‘qualifiedelectronicsignature’meansanadvancedelectronicsignaturethatiscreatedbyaqualifiedelectronicsignaturecreaRondevice,andwhichisbasedonaqualifiedcerRficateforelectronicsignatures;
Underwri(enby:
Trus(ngthesignature
Whenrelyingonadocument(contract,indemnity,loan–tomenRonafewexamples),youneedtobesaRsfiedthateverythingisinorder
Forinstance,ifyouenteracontract,youneedtoensureyouaresaRsfiedofanumberofthings,someofwhichinclude:
TheotherpersonorlegalenRtyiswhotheysaytheyare
Thepersonsigningthecontractiswhotheysaytheyare
ThepersonsigningthecontracthastheauthoritytosignonbehalfofthelegalenRty
Thereisnodifferencebetweenthephysicalworldandtheelectronicworld
Underwri(enby:
Reference
StephenMasonandTimothyS.Reiniger,‘“Trust”BetweenMachines?EstablishingIdenRtyBetweenHumansandSorwareCode,orwhetherYouKnowitisaDog,andifso,whichDog?’,ComputerandTelecommunica9onsLawReview,2015,Volume21,Issue5,135–148
h(p://www.stephenmason.eu/?page_id=218
Underwri(enby:
Whatyouneedisevidence
FromtheperspecRveofproof,someoftheissuestoconsiderinclude,butarenotlimitedto,establishingthefollowing:
1.TheverificaRonofaclaimedidenRtyofasignatorybyvalidaRon(confirmaRonthatapersonwithaparRcularsetofidenRtycharacterisRcsexists)andverificaRon(confirmaRonthatapersoniswhotheyclaimtobe)
2.Thatanydocumentssubmi(edarenotforgedandareaccurate
3.Thesystemusedtocapturethesignatureissufficientlyrobusttolinktheelectronicsignaturetothedocument
Underwri(enby:
Nextsteps
Assesswhichpartofthebusinessorprocesswillbenefitfromtheuseofe-signatures
Whichdocumentdoyouwantsigningwithane-signature?
IsitnecessaryorappropriateforthatparRculardocument?e.g.,Highvalue/valuablepersonalconnecRons–mediumvalue/intermediatepersonalconnecRons?
Analysetherisksfordifferenttypesofe-signature
IncludeananalysisofthereliabilityandintegrityoftheITsystemyouareusing–thesystemprovidesthetechnicalproofofsigning
Thinkaboutlong-termstorageifyourindustryrequiresverylongtermretenRonofrecords(e.g.,nuclear,insurance)
Underwri(enby:
JoergLenz
ProductMarke(ngManagerEMEA
KofaxDeutschlandAGpartof
LexmarkEnterpriseSorware
IntroducingourSpeaker
18
Underwri(enby:
PersuasiveEviden(alWeight
EvidenRalweightofasigneddocumentisdeterminedbyaholisRcassessmentofallprocessstepsinadocumentlifecycle
AccessIdenRficaRonAuthenRcaRon
DocumentPresentaRon
AddiRonalData DocumentCompleRon
SignatureCrea(on
Archiving/Delivering
2!
capture&addphotos
ontabletface-to-facewebportal
app…
e.g. inserttext,Rckboxes…
eIDASImpact
19
Underwri(enby:
SigningScenariosandtheireIDASImpact
Wheretosignwhathow?ExampleTelco:SigningforaPhoneContractTelcosmustidenRfytheircustomersbyverifyingIDdocuments
Face-to-Face(In-Person) Remote
eIDASImpact:IDVerificaRonnowalsopossiblewithoutgoingtoashop
20
Underwri(enby:
OnelastpollquesRon…
Underwri(enby:
SigningSitua(onsinOmni-Channel
Face-to-Face(In-Person)
Remote
inoffice/branch
outofoffice/infield
Whereandhowshouldwhichdocumentsbee-signedbywhom(employees,customers,..)–e.g.,inanon-boardingscenario?
ondesktopPC
onmobiledevices
PotenRalGoalforselecRnganE-SignatureSoluRon:Achievingaconsistentuserexperienceacrossallchannels.
22
Underwri(enby:
eID+CardReader
SignerIDVerifica(on
Face-to-Face
RemotephysicalIDCheck
VideoConf.ID
ownemployee
virtualIDCheck
ServiceProvidere.g.,“Post-Ident”inGermany
ownofficeorinfield
*emergingIDVerificaRonMethods
(e)SIMID
eIDASImpact:ThesemethodsofidenRficaRonmightbeleveragedtoprovidecerRficatestosignwithAdvancedandQualifiedE-Signatures
?*
23
Underwri(enby:
SignatureRequirements
SignatureRequirementsimposedbylaw
forvalidityorenforceabilityreasons
QualifiedElectronicSignature(QES)explicitlyrequiredbylawasreplacementforwetinksignature(wri(enform)
NoSignatureRequirementsimposedbylaw
forvalidityorenforceabilityreasons
FormFreeAgreementsSigningonpapertodayisexecutedarbitrarily
24
Underwri(enby:
FormFreeAgreements
Forthefollowingbusinessprocessesphysicalsignaturesonpaper(“wet-inksignatures”)arenotrequireddejureinmostEUcountries:§ Banking:Accountopening,modificaRon,anddeleRon,cashdepositsand
withdrawals,consultaRonminutes,brokerproxies,standingorders,exempRonordersforcapitalgains,…
§ Insurance:applicaRons,agreements,damagereports…§ Telco:Contracts(mobile,DSL,cableetc.),servicereports,…§ URliRes:Contracts(powersupply),…§ Retail:Receiptsatthepointofsaleorpointofdelivery,applicaRonsfor
customerrewardschemesmerchandisereturn,servicedocumentaRon,…§ Manufacturing:Protocols,testreports,deliveryreceipts,…
DefactomanyofthemareyetsRllsignedonpaperarbitrarily. 25
Underwri(enby:
TakingSignaturesSeriously
Themorepreciseanddifferen(atedsignalsofthewriRngproceduremaybecapturedthehighertheevidenRalweightofaparRcularsignaturedataset
Desirable:Capturingofasmanysignals/secaspossible–alsorequiredforaccuratedisplayofarcsandloops,ideallyalsocapturingofdifferentlevelsofwriRngpressure
Thereismoreinahandwri(ensignaturethanmeetstheeye:VisiblestaRcsignatureimagecharacterisRcsInvisibledynamic(biometric)signalsofthewriRngmovementsuchaslocaRon(incl.startandendofeachstroke),speedandacceleraRon
26
Underwri(enby:
ExpertVerifica(onofSignatureCharacteris(cs
27
ForensicExpertsanalyzequan(ta(vesignaturecharacterisRcs
GraphologistsdealwithqualitaRvecharacterisRcs
Underwri(enby:
Signing:MoreMeaningfulwithStyluses
…fingerontouchscreen(similardatawouldbecapturedwithconvenRonalstyluses)
…acRvestyluscommunicaRngwithdigiRzer(=sensorboard)forelectromagneRcresonanceunderneaththedisplay
Comparisonofsignalpointscapturedwhilesigningwith….
28
Underwri(enby:
TakingSignaturesSeriously
Stylus
DigitalInk
DisplaySurface
29
Underwri(enby:
(a)itisuniquelylinkedtothesignatory;(b)itiscapableofidenRfyingthesignatory;(c)itiscreatedusingmeansthatthesignatorycanmaintainunderhissolecontrol;and(d)itislinkedtothedatatowhichitrelatesinsuchamannerthatanysubsequentchangeofthedataisdetectable;
DirecRve1999/93/EGArt.2paragraph2
RegulaRoneIDAS2014Art.3paragraph11,Art.26
(a)itisuniquelylinkedtothesignatory;(b)itiscapableofidenRfyingthesignatory;(c)itiscreatedusingelectronicsignaturecrea(ondatathatthesignatorycan,withhighlevelofconfidence,useunderhissolecontrol;and(d)itislinkedtothedatatowhichitrelatesinsuchamannerthatanysubsequentchangeofthedataisdetectable;
30
E-SignatureTerminologybyEuropeanCommission
eIDASprovidestailwindfortheconceptofAdvancedElectronicSignature(AES)–ThistypeofsignaturecatersforAuthenRcity&Integrity
Founda(onofTrustworthiness:Authen(city&Integrity
30
Underwri(enby:
BiometricData
Capture&StorageISO19794
Signature EncrypRon
DocumentHash
TimeStamp*
DigitalCerRficate*
*opRonal
Finger
Face
Speech
AUTHENTICITY INTEGRITY
E-Signature
SignatureObjectinPDFfileISO32000
“Self-containeddocuments”ValidaRonofIntegrityshouldbefeasibleinstandardPDFreadersincl.AdobeReader
31
BiometricsmeetCryptography
31
Underwri(enby:32
TrustworthyE-SigningofPDFFiles
32
Underwri(enby:
SneakViewintonewWhitepaper
33
Next:Quicklookon2E-SignatureExamplesfromEuropeand–beyondthewhitepapercontentasabonus–onefromAsia
Underwri(enby:
• Time-to-policyminimized,reducedcancellaRonrisk
• User-friendlyconsulRnganddealclosureprocess• Expensescutdownaspaperforms(andtheneed
toprint,send,store,scan…)etc.disappear• NoerrorsresulRngofcontenttransferfrom
papertofiles• Automatedarchiving,fastaccesstoelectronic
documentsforaudiRngCaseStudyonrequest
PaperlessCustomerOnboardingsince2011*
E-Signingonline&offlineoniPad-withKofaxSignDocSDKbuiltin;GPScoordinatesforaddiRonalevidenceVariouspolicyformssuchastheapplicaRonforlifeinsuranceandcustomerconsultaRonprotocol
* FiguresfromSlovakia,todayalsoinproducRoninothercountries** CetelemCustomerSaRsfacRonSurveyinRomania,2014
34
BestPra(ceExampleEurope
Underwri(enby:
• Time-to-finance:Reducedfrom3daysto3hours• 25%OPEXsavingsinY2• 60%DecreaseofcustomeronboardingRme• PaperSavings:1,6Msheets/year*• 91%ofcustomersprefersigningontabletover
paper**CaseStudyh(p://goo.gl/JqNufxAccesstoProjectReportVideo:onrequest
PaperlessCustomerOnboardingsince2013*
E-Signingonline&offlineonSamsungAndroidTablets-basedonSignatus,aworkflowsoluRonbyAnasorwithKofaxSignDocSDKbuiltin;combinedwithSecuritySystemSamsungKnoxLoanContractsin-branchin-field,e.g.forfurniture(IKEA)orelectronics
* FiguresfromSlovakia,todayalsoinproducRoninothercountries** CetelemCustomerSaRsfacRonSurveyinRomania,2014
35
BestPra(ceExampleEurope
Underwri(enby:
• 30.000Usersin11countries• ConsultaRonandconclusiononasingledevice,
anyRmeandeverywhere• CapturingofGPSCoordinatesforincreased
evidenRalWeight• Winner„AsiaInsuranceIndustryAward”(2013)CaseStudyh(p://goo.gl/JqNufxAccesstoProjectReportVideo:onrequest
iPOS(interacRvePointofSale)System–speciallydesignedfornewteamformobilesalesincl.E-Signingonline&offlineoniPads–basedonKofaxSignDocSDK;GPScoordinatesforaddiRonalevidenceContracRngforlifeinsurance
E-SigningSolu(onSnapsAsiahot:Asia
36
Bonus:SomemoreInspira(onfromAsia
PaperlessCustomerOnboardingsince2011*(StartinTaiwan)
Underwri(enby:
Thankyou
Contact&FollowJö[email protected]@Joerg_Lenzh(ps://goo.gl/JbJXLbh(ps://goo.gl/lhaBXn
37
Underwri(enby:
DownloadtheWhitePaper
E-SignaturesinEurope:Understandingthelegal
requirementsforproofofintent
h(p://info.aiim.org/e-signatures-in-europe-understanding-the-legal-requirements-for-
proof-of-intent
Underwri(enby:
AIIMistheCommunityforInforma(onProfessionals
AIIMbelievesthatinforma(onisyourmostimportantasset.Learntheskillstomanageit.
Ourmissionistoimprove
organizaRonalperformancebyempoweringacommunityofleaderscommi(edtoinformaRon-driven
innovaRon.
Learnmoreatwww.aiim.org
![[Webinar Slides] E-Signatures 101 in Europe](https://img.dokumen.tips/doc/110x75/58a2fa9b1a28ab5d1c8b6661/webinar-slides-e-signatures-101-in-europe.jpg)
