Signatures on paper or digitally? John Lageman, director of ValidSign, is convinced that the expiration date of the physical signature has expired. It is inefficient at a time when all information is digitally processed and stored. More than 1200 organizations use its ValidSign platform to sign electronically. Safe and trustworthy.
Many organizations digitize their processes, but forget to take the last step, is the experience of John Lageman of ValidSign. “They draw up their contracts digitally, whereby the intermediate steps are often controlled automatically. But where the entire process has been digitized, it often gets stuck at the last step.” The document is printed, signed, scanned and then emailed to the supplier or customer. “The process is far too cumbersome and you turn a digital original into a paper document.”
Besides being impractical, the process of printing the PDF and scanning it after signing is not secure. “A PDF is easy to edit, leaving the original signature of the sender underneath. Without you realizing it, you get another document back, with two signatures, in which the integrity of the agreement has been compromised on a number of crucial parts. ” He warns: “The adjustments will only become apparent if a conflict arises and you fall back on the signed contract.” The message Lageman gives: “Make sure that the digital contract remains digital and is signed electronically.”
ValidSign is specialized in the complete management of the signing process. Electronic signing takes place with certificate technology, where the sender/contractor adds the various internal and external signers to the contract. You can do this visible or invisible, with certificate technology. “It doesn’t matter whether one or twenty signatures are needed. The sender, the contract drafter, determines who can sign.” Checking the identity is an important additional assurance that the signatory is also the person you assume. He continues: “If you also make sure that the agreement complies with the open standards, you can archive the document digitally and open it in ten or fifty years.”
Identification, authentication and authorization are often used interchangeably, explains John Lageman. “When you identify yourself, it’s about who you are. Authentication is about checking whether you are really who you say you are. And then you can perform an authorization check. In doing so, you look at the authority from your role or position to act. What we use are the authentication methods to verify that the person on the other end is who he or she claims to be.” When signing, ValidSign assumes that identification has already taken place. “We check whether that is actually true, by means of authentication.”
ValidSign uses various secure means of identification, of which SMS, DigiD, eHerkenning and iDin are the most important. “We include that as part of the transaction.” For certain professional groups, authentication and control are extra important. For example, in the annual accounts and auditor’s report. “Those documents have to refer to eachother. We provide an electronic signature that we are sure has been signed by an accountant. We do this by using a so called professional certificate.”
ValidSign is a provider that ensures that the consensus between two or more parties is recorded. “We ensure that the document is honest and that the identity of the signatories is established. We facilitate transactions.” He mentions the Ymere housing association as an example, where the signing of leases is done with ValidSign. The landlord and tenant can easily sign and the contract is digitally signed and archived.
In a previous position, Lageman was involved in the modernization of the municipal database, the idea being that municipalities can convert the personal data with one click when moving house. “In fact, you don’t even have to, you have an administration for everyone.” It inspires him to dream of an electronic passport with which you can identify yourself and share personal data, so that you no longer have to create a profile at webshops and other organizations. “I actually do not want organizations to store my personal data. I would much rather give them the opportunity to use some of my personal data, such as the address details, without them being saved.”
Digital signing offers a double guarantee: you establish the identity of the signer and ensure the document integrity.
Lageman monitors the integrity of Validsign’s role as process monitor. He is an outspoken opponent of commercial parties also wanting to play a role as ‘trust partner’. “ValidSign is there to facilitate the transaction. Not for commercializing the data. Contracts that are completed will be removed from our environment after 90 days. “I don’t want anything to do with the content of the transaction. Ownership of this belongs to the customer himself.”
“We are there at the time of the transaction process. We facilitate with everything there is to complete the transaction properly and then we let it go. We provide an unambiguous way of signing or sealing information. We want to play a leading role in that. ValidSign is there at the time of the signing process, during the establishment and completion of the transaction, and no more after that. We place the burden of proof on the owner of the transaction.”