ESIGN and Authentication Best Practices: Authentication Processes

With both "wet" and electronic signature, authentication processes assures that the person who signed your contract is the person he or she claims to be. How important is authentication in your paper contracts and how important should it be in your electronic contracts? Learn about what your authentication options can do for you and your business in this series on Authentication Best Practices.

Authentication Processes: Post and Prior Authentication
Questions to Consider

What types of authentication do you use now? How do you obtain necessary signatures and validate users in your current processes? Do you use third party authentication tools? Do you verify against government issued ID such as drivers licenses? What other methods do you use to verify a person's identity?

Do you have a history of challenges to your executed contracts or problems with signer verification? Have you had signers sign who aren't who they say they are? What percent of documents have these types of problems? What manual processes have you put in place to prevent these problems?

What is the business impact, damage, and cost of someone signing a contract who isn't the intended signer? When you have a problem with signer authentication and as a result, lose a transaction, what is the possible dollar cost impact to your business?

What authentication mode(s) do you use? The two types, "Prior Authentication" and "Post Authentication" serve different purposes.

Prior Authentication

Prior authentication processes deal with authenticating a signer BEFORE contract signing, to prevent a signer from improperly representing his or her identity. Prior authentication is often used when funds or value will transfer on the basis of the signature. If the signer were posing as someone else, the funds or value may be lost. Prior authentication always takes place BEFORE the contract or transaction is agreed. Examples of prior authentication include validating a driver's license, Knowledge Based Authentication, validating a signature against a known prior signature or using a notary.

Prior authentication causes more customer confusion and restricts transaction volume due to the additional steps required to obtain access to the transaction. For this reason, some businesses decide "the risk is worth it" and forgo prior authentication practices.
Post Authentication
The vast majority of business transactions rely on post authentication measures because the act of signing binds the entity to a contract. To execute the contract, several steps must be taken to ensure that the signature is that of the proper person and that person can easily be found later. An example of a post authentication process is relying on a person's signature when the individual collecting the signature does not know the signer. Only in the event of a challenge would post authentication begin. For example, a handwriting analysis may show a person's handwriting is in fact his or hers.
An astoundingly large number of transactions are executed with little or no PRIOR signer authentication. For example, prior authentication is rarely used in the following types of transactions:
1. Credit card transactions: Today, a buyer is rarely required to show a valid driver's license unless the credit card holder has written a request for ID verification. In many cases, the buyer is not even required to sign, such as at Starbucks. Why? The business decision was made as the cost of fraud prevention (signing the ticket and presenting a driver's license) was far more costly than the small amount of actual fraud. 
2. Non-disclosure agreements: "Print this out, sign it and fax it back" There is no prior authentication. A signature and a fax number are the only factors. The recipient rarely validates the signature against a "known good" signature. Recipients also rarely dismiss faxes from Kinko's or from a hotel lobby.
Understanding the your current authentication process and the different modes of authentication will help frame your thoughts regarding online authentication. As you consider going paperless or expanding your paperless initiatives, understanding online authentication, electronic signature and online contract execution will help you make an informed decision to improve customer satisfaction, shorten sales cycles and slash operational costs.