Identity and trust services represent the last mile of the digital transformation of signature workflows for global enterprises, and the future of e-signatures.
The last mile typically refers to the final stage in the delivery of a product or service—think of a product being shipped and delivered to a consumer’s door. This is the last step in a seamless experience to get the product to the consumer.
When running a marathon, the last mile is the most important and will take you across the finish line. You need to understand the terrain and navigate the course as efficiently as possible.
The last mile is the most important step. It is not a barrier but an objective that can be clearly defined and achieved.
For document approval and signing workflows, this means implementing identity verification and trust services to drive the last mile of transformation—something enterprises should be paying attention to.
E-signing digital maturity
Enterprises and government agencies are in the initial stages of their e-signing digital transformations.
Many organizations accelerated their digital transformation initiatives at the beginning of the decade to move beyond digitization (paper to digital documents and e-signing) to automating internal approval and e-signing processes and implementing customer self-service options to streamline and reduce friction in employee and customer experiences.
The pandemic forced organizations to further accelerate digital initiatives to support remote workers and maintain operations, yet many have not started to implement the next wave of digital transformation—identity verification and trust services.
Some organizations still rely on email to confirm identity. It isn’t hard to create an email address, however, and it isn’t as strong as it should be for signer identity verification and intent. Collecting and confirming forms of identification—like asking for an ID to be shown, emailed, or uploaded every time that person approves and signs an agreement—is neither efficient nor provides a good employee or customer experience. Businesses have done the “easy stuff” or initial stages of transforming their signing experiences but have not yet gotten to the legally complex processes that require the strongest proof of identity.
Current market environment
Enterprises face fragmented and evolving legal and regulatory environments around the world, relying on identity and trust services to comply with country-specific e-signature regulations and meet industry-specific compliance outcomes to manage risk and reduce fraud.
A well-known regulation in the European Union, eIDAS (Electronic Identification, Authentication, and trust Services), includes specific requirements around what constitutes a legal e-signature. Other countries have followed suit with their own flavors of eIDAS.
Globally adopted regulations like eIDAS are more nuanced than US e-signature regulations. These regulations correlate legal validity and contract enforceability with a prescribed, heightened level of identity assurance applied to a signature. A high level of assurance (LOA) means less risk of fraud. Unfortunately, in an all-digital world, identity fraud is all too common. Most people have multiple email addresses used professionally and personally, meaning email alone cannot be a definitive identifier for an individual. Yet it is the standard for signature identity in the US. The rest of the world does not agree and demands additional forms of authentication for a higher level of assurance.
Global enterprises based in the US are already navigating the complexities of US versus EU regulations and are adopting more stringent levels of assurance to align with companies outside the US. Adobe provides services that match these needs through partnerships in regional markets that address local legality and compliance requirements.
Industry regulations add an additional layer of complexity, which include specific requirements to manage risk, reduce fraud, and drive compliance outcomes. There are multiple use cases where business-critical documents and agreements require high levels of security and compliance, such as research studies in healthcare, new account agreements in financial services, employment agreements, citizen services applications, and many others.
Based on their specific needs, an organization may use a verified signature or digital signature. A verified signer means that technology is used to verify identity and provide a higher level of assurance than email for the signer. Digital signatures require a verified signer be issued a certificate to digitally sign and encrypt the document.
What can organizations do now?
Over the next decade, the standards and regulations that define identity and trust services will continue to evolve. Identity delivery and storage (like wallet) technologies will become easier to use and more prevalent. Standards for identity will rise as fraud increases. Navigating these challenges will require a strategic partner with high levels of trust and compliance at the corporate level in order for enterprises to avoid compliance breaches or worse.
The ecosystem of such service providers is divided between Identity Providers (IDPs) and Trust Service Providers (TSPs) that supply certificates for digital signatures, each focusing on different aspects of the industry.
- Identity Providers (IDPs): Third-party identity providers verify the identity of a signer prior to signing. Their services go beyond basic government ID verification and may include scanning an identity credential using a near field communication (NFC) enabled smartphone, video verification, biometrics, or automated AI-powered techniques for identity verification.
- Trust Services Providers (TSPs): Digital signatures rely upon third-party trust service providers (TSPs) and have the highest level of legal evidentiary weight. A digital certificate is issued by a TSP using cryptographic technology to authenticate signatories. When a PDF (Portable Document Format) document is opened in Adobe Acrobat, a blue bar along the top will indicate if the signature is confirmed as valid by the TSP.
For compliance and risk mitigation, e-signature platforms should be integrated with global TSPs and IDPs to support employee and customer needs for international business. Depending on an organization’s scale of operations, this could require integration with dozens of providers.
By implementing an e-signature solution now that has integrations with the top TSPs and IDPs, an organization can meet demanding industry and regulatory requirements, manage business risk through higher levels of assurance, deliver better employee and customer experiences, and quickly adjust to evolving trends and regulatory environments as needed, preparing for the changes in the coming decade.
Adobe Document Cloud delivers the last mile with identity and trust services
Adobe Acrobat Sign, part of Adobe Document Cloud, helps organizations achieve the last mile in digitally transforming their document and e-signature workflows and navigate fragmented legal and regulatory requirements.
Acrobat Sign encompasses over 50 integrations with top global TSPs and IDPs providing identity verification, digital signatures, and electronic seals and leverages Adobe’s full spectrum of identity and trust services that enable organizations to meet regional and country-specific regulations, as well as industry-specific compliance outcomes, to manage risk and reduce fraud.
Adobe’s end-to-end ecosystem makes it easy for organizations to use and validate digital signatures. With access to Adobe’s “Trust List” of rigorously vetted TSPs from around the world, organizations can create a digital signature with an associated digital certificate from a partner TSP in Acrobat Sign. When a signed document is opened in Acrobat, Acrobat seamlessly validates the signature against the TSPs on the Adobe Approved Trust List (AATL) and the EU Trust List (EUTL), resulting in a visual blue indicator at the top of the document that the signature has been authenticated and is trusted.
Built to grow with your business and deliver exceptional industry-leading employee and customer experiences, Adobe Acrobat Sign’s flexible, open platform from the trusted leader in document management empowers your enterprise to simplify and strengthen e-signature compliance today and into the future.