Google
AspAlliance.com Web
AspAlliance
Register
Edit My Profile
Author List
Write for Us
About AspAlliance
Contact Us
Privacy Policy
Link To Us
Advertise

Subscribe
Free Newsletter
Newsletter Archive
RSS Syndication

.NET Tutorials
Learn .NET
Learn WCF
Learn WPF
Learn ASP.NET
Learn AJAX
Learn Silverlight
Learn Visual Studio
Learn ADO.NET
Learn LINQ
Learn C# (CSharp)
Learn VB.NET
Learn Web Services
Learn Controls
Learn BizTalk
Learn SharePoint
Learn Mobile
Learn SQL
Learn SQL Reporting
Learn Windows Forms
Learn XML
Learn Crystal Reports
Learn FarPoint
Learn DevExpress
Examples
ASP.NET 2.0 Examples

ASP Tutorials
Learn ASP
Learn VBScript
Learn JScript
Learn SQL
Learn XML

Software Resources
Shopping Cart Ecommerce
Charts and Dashboards

Other Resources
Learn Java
Learn Oracle
Opinion / Editorial
Crystal Reports Alliance
WPF Resources
AJAX Resources
Silverlight Resources

Free Tools
Cache Manager
SimpleCMS

Reviews
Book Reviews
Product Reviews
Expert Advice

Books
ASP.NET Developer's Cookbook
Sample Chapters
Book Reviews

Community
Regular Expressions

Print This Article Print  Add To Favorites Add To Favorites    Email This Article To A Friend Email To Friend  Rate This Article Rate This Article   
Understanding Digital Ink and E-signatures
page 4 of 8
by Arindam Ghosh
Feedback
Average Rating: 
Views (Total / Last 10 Days): 40380/ 71
How do we define e-signatures?

The term digital signatures or e-signatures can be used interchangeably to refer to digital certificates administered by trusted third parties ("certificate authorities") and similar technologies, as well as digital ink signatures created on the Tablet PC.

Leading-edge organizations moving forward with Electronic Signatures:

High performing enterprises maintain their edge by quickly seizing upon the opportunity to create worthwhile operating efficiencies while maintaining or ideally enhancing the experience for their customers. Because of the widely known efficiencies gained from e-Commerce and paper eradication, Electronic Signatures is clearly one of these opportunities. In moving forward with electronic signatures these enterprises have thoughtfully considered the following.

1) The application and user requirements

Examples:

Internet

Signing a form, document, or

2) The operating environment and system integration

Examples:

Based on Internet Browser

Adobe Acrobat PDF form

Microsoft Word Document

Custom application

Win 2000, Unix, Palm OS, or others

The future needs to expand or merge the electronic signature application.

Laws and regulations of applicable states and agencies, since in addition to state laws there may be regulatory bodies within a particular industry that need to be considered. With this analysis, it becomes easier to focus on the right technology partner.

In the United States, electronic signatures are covered under the Uniform Electronic Transactions Act and Electronic Signatures in Global and National Commerce law. Passed by the US Congress in 1999 and 2000, respectively, these two laws serve as the framework for electronic commerce implementation in the United States, as most state-level E-commerce laws are identical to Uniform Electronic Transactions Act or a slightly altered version. These laws specify exactly what constitutes a valid electronic signature, as well as the conditions under which it is legally binding. An electronic signature is a “sound, symbol, or process, logically associated with a document” such that it is:

unique to each user

under the sole control of the signer

linked to a document in such a way as to prevent tampering, and

capable of being authenticated

Several different methods and technologies exist for attaching electronic signatures to documents according to these stipulations. Two common types of signature technologies that are widely available, yet differ greatly in substance, are PIN/Password signature stamps and digitized handwritten signatures. A PIN/Password stamp inserts a single fixed signature image into each signed document when a user types a password or PIN. Digitized handwritten signatures are captured with special pen-and-tablet systems that convert a user’s signature accurately into pen events or a summary image. These methods have different ramifications for security and authentication.

What happens when we bypass PIN/Password

While companies that provide PIN signature stamps may claim that their technology is legally-compliant because it qualifies as an "electronic sound, symbol, or process," it falls far short of the holistic requirements enumerated above. As a practical point, each and every one of these "signatures" is identical in form and composition, as if they were made with a single rubber stamp. The appearance of the signature on a document is not a record of a person’s signature, but rather a result of a particular password being typed. A forensic examiner that views the signature image cannot determine its point of origin since any person could have typed the PIN or password. As such, PIN signature stamps fall short of the authentication requirements of criterion (4) listed above. Should a password become compromised, each and every document a person had ever signed with the PIN method would be questionable, since each signature appears identical and it cannot be proven which are authentic and which are fraudulent. For these reasons, businesses are advised to invest in an electronic signature technology that creates a unique electronic record for each signing instance and not to rely on a "rubber stamp" technology. PKI digital signatures and certificates are simply a more complex version of "rubber stamp" technology, except that a larger (often 128-bit) encryption number is used, meaning it is too large to be remembered and typed. Portability is also limited because the key is permanently linked to a host computer or a "secure" smart card which can be lost, stolen, or hacked.
View Entire Article

User Comments

No comments posted yet.

Product Spotlight
Product Spotlight 





Community Advice: ASP | SQL | XML | Regular Expressions | Windows


©Copyright 1998-2024 ASPAlliance.com  |  Page Processed at 2024-05-10 5:29:31 AM  AspAlliance Recent Articles RSS Feed
About ASPAlliance | Newsgroups | Advertise | Authors | Email Lists | Feedback | Link To Us | Privacy | Search