PKI – Old Technology has a New Rival
Currently, when most people think of digital signature capturing the first technology that comes to mind is Public Key Infrastructure or (“PKI”). However, the old guard of PKI is a dying technology. PKI is a good solution with serious limitations that will hinder and impede its continued growth. PKI is both expensive to implement and expensive to maintain. PKI is also time consuming. Professionals do not want to slow down the sales cycle to send someone to a third party certificate authority just to make a sale.
Currently,
when most people think of digital signature capturing the first technology that comes to mind is Public Key Infrastructure or (“PKI”). However, the old guard of PKI is a dying technology. PKI is a good solution with serious limitations that will hinder and impede its continued growth. PKI is both expensive to implement and expensive to maintain. PKI is also time consuming. Professionals do not want to slow down the sales cycle to send someone to a third party certificate authority just to make a sale.PKI authenticates but it fails to identify who a user is. The
American Bar Association identified this critical weakness in its ABA PKI Assessment Guidelines, D.3.1.2 says “a pseudonym or alias may be used as the name within a certificate” and not their real name.VeriSign, one of the largest PKI solution providers, admits in their paper “ROI for PKI” that “PKI systems are particularly expensive to maintain.”
A Better SolutionBy giving power to the business and not a third party certificate authority, PrivaSign can aid businesses trying to comply with regulatory law and standards similar to the ABA Guidelines pertaining to electronic signatures.The vast majority of electronic signatures are captured through a method called “click-wrap”. People use this method every time they install new software or purchase something online using a credit card. The system will validate their identity and then require the user to click an “OK” or “I Accept” button to install the software or authorize a credit card transaction. The reason most people use the “click-wrap” process is in its simplicity. There is no training required and most users get comfortable with the process after just one use. Click-wraps have been tested in the courts by dozens of companies, including AOL-Time Warner, Microsoft, Netscape, Sun Microsystems and Dell just to name a few. The technology necessary to use the product is built directly into web browsers so there is no software to install. Finally, it is significantly less expensive to maintain, install and process than traditional PKI technologies.
PrivaSign uses a patented, proprietary “click-wrap” method to capture the actual signature and the industry standard form of encryption known as Secure Socket Layer (“SSL”) technology, along with MD-5, SHA1 and SHA2 file integrity hashes to protect the PrivaSign client’s data with a tamper proof seal. SSL is commonly available in virtually every web browser and the user does not need any special training or instruction in order to use the service. PrivaSign’s patented technology allows for fast digital signature capturing on virtually any document and from any web browser. This flexibility will allow businesses to keep implementation costs at a minimum and increase the likelihood that signatories will be able to use the system.
