Bidazzle respects each individual's right to personal privacy. All information You share with Bidazzle or its Services is handled with the highest caution possible and the security of the contents is of the highest priority.
SECURITY REGARDING E-SIGNATURES
Electronic signature and e-signatures are often mistaken to be the same as a digital signature but there is a very important difference. An e-signature can be as simple as a typed name, initials or a scanned handwritten signature that is added to the document. The downfall with e-signatures is that there is no regulation of how they should be implemented and the security behind it are dependent of how the vendor has implemented it. A document signed with an e-signature are not guaranteed to be sealed and tamper proof. Often you need to get this verified by the vendor providing the signature service. This means that your electronically signed documents are not vendor independent. Forrester Research suggests that a good stress test to evaluate e-signature vendors is to imagine that the vendor disappears and see what evidence you have to support you in court. When an e-signature is combined with a digital signature you will get a signed document that is tamper proof and you can easily see if there has been any changes in the document after signing. The digital signature uses a certificate to create a unique fingerprint of the document at the time of signing and this is permanently embedded into the signed document. This makes it vendor independent and totally tamper proof.
HANDWRITTEN VS. E-SIGNATURES
The old fashioned handwritten signature is often mistaken to be the most safe way of identifying a person and agreeing upon a contract. In comparison to a well implemented e-signature a handwritten signature will not give you an advantage if you end up in court regarding a signed document. A handwritten signature do not capture the actual signing time which can be critical in certain situations. Bidazzle timestamps every activity and stores it in the evidence log. An external trusted timestamp service is used which means that the timestamps itselfs can not be modified after it has been logged. For the US market ESIGN and UETA has established that electronic records and signatures carry the same weight and legal effect as traditional paper documents and handwritten signatures.
IDENTIFY THE SIGNER
Dependent on the risk of the document you are getting signed you can choose different ways of identifying the signers. The different methods are implemented on document or recipient level.
All recipients are treated the same
E-mail: All documents are sent to a specific e-mail, and this itself is one part of identifying the actual signer. This is the lowest secured authentication method.
Written signature: You can choose to add handwritten signature to the document. Every recipient then must write their signature on the screen. If signing on a device with touch screen the recipient can produce a signature similar to a "wet" signature.
Authentication methods activated on different recipients. You can choose if it should be promoted when document is opened or/and signed.
Question and answer (Q&A): You attach a question to the document and communicate the answer, in any way that you wish, to the recipient. The recipient must enter the answer to view and/or sign the document.
SMS: You provide a phone number that can receive a SMS text message. The recipient receives a message with a unique 6-digit code that must be entered to view and/or sign the document.
BankId (for Swedish market, not yet implemented):The most secure way of identifying a person where a third party trusted provider is used. Read more about BankId. Only available upon request to a service fee.
FULL EVIDENCE LOG
Will the evidence material you have be useful in a conflict and will it be able to use in court? This is a crucial part to ensure when choosing a e-signature vendor.
Every document has a unique document id that reflects the actual content of the document. Bidazzle documents can be tracked through every step of the process. A complete, automated history of every activity listed below are stored and added to the document. Activities are stamped with a trusted timestamp, e-mail, IP-number and IP-location. This audit trail will give you a full evidence log to bring to court if any conflicts occur. The audit log is added to the final signed document and are sealed as the rest of the document information preventing any tampering of the data.
Stored activities: - Sending, The user information from of the sender and IP-number and location and all addresses of the recipients. - Open, including chosen authentication methods - Full review (scroll through the whole document) - Download - Printed - Comments - Signing including chosen signing and authentication methods In many countries (such as Sweden) the legality of the signed document is dependent on the actual proofs you have
WHERE IS IT ACCEPTED?
The need for a digital signing process within the business segment has pushed different countries to treat e-signatures equal to handwritten signatures in terms of legislation.
United States: ESIGN and UETA established that electronic records and signatures carry the same weight and legal effect as traditional paper documents and handwritten signatures.
Europe: The European Union (28 member states) and Switzerland. Sweden and most of the other European countries has established laws connected to the legal recommendation eSignature in the EU .