e-signatureIn my opinion, yes. The use of mobile phones is bringing about the biggest change in the insurance industry since the Internet.  There are more mobile phones now than cars or credit cards. More than 80% of adults in the US alone own one; half are smartphones that can carry out electronic transactions and can capture an e-signature. People are using their phones to engage with insurance companies. Increasingly, consumers expect to be serviced via any channel. And more than that, they expect to be able to start a transaction through one channel, and complete it in another.

Carriers in turn are developing apps for the growing market segment that wants to use their mobile screen to obtain quotes, check on submitted claims and buy coverage. Regardless of which devices consumers use – and whether the screen is a 17-inch agent’s laptop, 9.7-inch display on a tablet like the iPad, or a 5-inch LCD on a Samsung Galaxy smartphone – application forms and policy documents still need to be signed.

Digital signature technology is pivotal to enabling mobile transactions (beyond just informational apps). Not only in terms of straight-through processing (entirely electronic, paperless transactions), but also for full compliance, legal enforceability and record retention. Carriers can find detailed information on these topics in a free webcast on Insurance, Mobility and Electronic Signatures, presented by electronic signature provider Silanis Technology and Ellen Carney, a Senior Analyst with Forrester Research.

Carriers are using online signature technology to meet consumer expectations for real-time, “right now” purchasing and service, without paper. Combining an online signature with mobile devices allows for a convenient method of presenting documents to clients during face-to-face interactions with agents. This is actually the most common usage of mobile e-signing in North America — through agents who use wireless devices like an iPad to close business on the road. Due to the lightweight form and screen size

of these devices, entire applications and contracts can be presented on-screen to the consumer in a web browser. Mobile technology is rapidly pushing change and it’s no surprise this has become a strategic focus for insurance companies.

Change is not without challenges, however. Authentication is the single most important issue that preoccupies carriers when they first consider mobile e-signing. Who really signed? Do you really know the person’s identity? Has the document been signed in the legal sense – was it really the individual in question who applied the e-signature? What happens if two signers share the same mobile device? Did they both sign separately, or did one person sign for both?

Authentication, or validating that a person really is who they say they are, happens at three levels. To ensure an insurance application or contract is reliably e-signed, a carrier will likely use a combination of different techniques to add further signer validation at the time of signing in each of these three areas:

  • Ÿ Identifying the signer
  • Ÿ The method used to sign (“an electronic sound, symbol or process…”)
  • Ÿ Signature attribution

Identify

Sign

Attribute

Click sign

Signature capture

Email notification

Shared secret

Voice signature

SMS passcode

Knowledge-based

Driver’s license

Credit card

Other physical

 

 

 

 

 

 

 

 

 

 

 

 

Identifying the signer  

Identification is the first step to establishing authentication in electronic transactions. This is easiest to do via an in-person meeting between agent and applicant, using government-issued ID such as a driver’s license. However, when customers are remote, accessing a transaction from their mobile devices – without any prior face-to-face interaction – more sophisticated techniques are needed. When evaluating how to identify people, consider how customer identity is verified in other remote channels such as call centers and by mail. These processes often identify applicants using out-of-wallet information like a credit card or other physical credentials. Identity is also confirmed through the transaction process itself, since a significant amount of personal information will be collected about the applicant in the context of a life or auto insurance application process, which will in turn be validated through a third-party consumer credit verification database such as Experian or Equifax.

Another technique is knowledge-based authentication, which relies on a set of shared secrets that both parties agree to use before initiating the e-signing session. As an example, it could include a user name and password, an insurance application number, the last three digits of the consumer’s SIN, year of birth, etc. In this approach, the online application process would present these questions, which the consumer must correctly answer before accessing the e-signing session. This is another means of ensuring that Jane Doe Applicant really is who she says she is.

This is easy to do in a self-serve, Web-based transaction. Members log into the application using their personal credentials and are in sole control of when and what documents they sign.

However, this is not the case when processes take place in-person because service representatives and agents must share their mobile device with consumers, raising the question of who actually e-signed – the consumer or the representative?

Until now, the only way to get around this problem was to equip every point of sale with a costly hardware device, like the ones that are used by many courier companies today, to capture member’s handwritten signatures electronically. The problem is that most organizations, carriers included, are reluctant to assume the cost of buying, deploying and managing signature capture pads. E-signature solutions that use SMS and voice authentication features solve the problem by providing additional, software-based methods for identifying users in electronic transactions.

With SMS text authentication, for example, the representative enters the member’s mobile phone number prior to e-signing. A unique PIN is then automatically generated by the application and sent to the member’s cell phone as a text message. The agent hands over their computer to the member who then must enter the unique, one-time password in order to continue the e-signing process.  As such, SMS helps attribute a signature to a particular individual.

The method used to sign  

According to the US Federal E-SIGN law, an electronic signature can be “an electronic sound, symbol or process”, which opens the door to many different means of signing. Common methods of mobile e-signing are:

Ÿ Click-to-sign, where an individual is asked to take the mouse and click to apply their name as their signature. “Click-to-Sign” buttons are placed over signature locations on the document. This method is a true zero-client solution, meaning the signer doesn’t need any special hardware or software other than a web browser.  With the Silanis E-Sign Enterprise Platform, for example, documents can be signed on the iPad in exactly the same way as on a laptop’s browser. The click-to-sign signature method works by tapping on the iPad touchscreen with a fingertip.

Ÿ A handwritten signature captured electronically on either a signature pad (commonly used by courier companies), a tablet PC such as an iPad, laptop or smartphone. Any of these mobile devices can be used to capture a consumer’s signature image and intent to sign. In fact, thanks to its large screen area and easy to use scrolling and zooming features, the iPad is perfect for reviewing and signing documents while away from one’s main computer. An agent can use the iPad to walk the customer through an e-signature process without having to carry around a laptop and signature capture pad, or worse, a briefcase filled with paper forms.

Ÿ Voice signature, which can be captured through the built-in microphone of an agent’s laptop, for example, thereby providing irrefutable evidence of the customer’s participation during an e-signature process. While less frequently implemented, audio can be used in conjunction with mobile devices to capture consumers verbally accepting disclaimers, affidavits or signing documents.

Signature attribution  

Signature attribution applies to a scenario in which sales or service representatives interact with customers in a face-to-face environment. Picture a consumer reviewing and signing contracts in a retail branch or at their kitchen table. As more and more field and branch automation applications become hardware-free (no signature tablets), the challenge becomes how to prove who actually signed.

When using the digitized handwritten signature capture method, a carrier typically would not need to add additional layers of authentication because a handwritten signature is relatively unique in terms of proving who applied it. However with click-to-sign electronic transactions, carriers may want to take extra steps to attribute the signature to a specific person – to show who was actually holding the mouse at the time of e-signing.

One of the most practical approaches for establishing attribution is SMS password (PIN). During the initial data capture process, the agent would input the customer’s mobile phone number. When the e-signing session is initiated, a one-time, unique password would be sent via text message to the customer’s cell phone. When control of the session is handed over to the signer, that person is prompted to enter the SMS password. This links the customer to the transaction and provides an audit trail that becomes part of their electronic signature.

Yet another (or additional) option for attributing in-person, click-to-sign signatures is voice capture. The signer navigates through the signing process, clicking to accept in all the designated places. At the end of the process, the signer is prompted to confirm their agreement to e-sign through a voice signature. Once clicked, a dialog box appears with a prepared statement that the signer reads (i.e., “I, Jane Doe, do solemnly swear that I am the person signing this contract…”). As they read it, their voiceprint is recorded and associated to the e-signed documents in question.

While there are many possible combinations of techniques that reinforce authentication for non-repudiation of legally binding business contracts, the main point is for carriers to weigh the risk involved in the process versus the ease of use and cost of authentication methods in deciding how to best approach mobile signing. Learn more in the 60-minute “Insurance, Mobility and E-Signatures” webcast from Silanis.

What did you think of this article?

[This is a guest post]