7 Ways to Protect Yourself from Contracts That Aren’t Binding
In this free guide, we'll outline seven practical things to look for when creating and sending contracts to your customers.
WordPress Audit Trail for WP E Signature
WordPress Audit Trail for WP E Signature is one of the most advanced audit trail systems in the online signature industry. We pride ourselves in esignature security and invest heavily in doing everything that we can to protect you and your signers if a document should ever be challenged in a court room …
See How the E Signature WordPress Audit Trail Protects You & Your Signers
Interactive Image: Hover & Click the elements below
Unique Document ID
Each WPESignature contract, document or agreement that is generated using ApproveMe's WordPress Contract Plugin will receive a unique document ID (or identifier). Similar to human DNA each WordPress eSignature generated contract will have its very own DNA string. The document id is the numeric and text string that is used to identify the one of a kind and unique document DNA.
eSignature User’s Gravatar
ApproveMe's WordPress eSignature plugin loads your signers Gravatar automatically (if they have a gravatar) in your document signature certificate. A gravatar follows users from site to site appearing beside their name when they do things like comment or post on a blog (or in this case electronically sign your document). Avatars help identify people on blogs and web forums, so why not add it to the audit trail?
Each WordPress eSignature Audit Trail includes the document name.
Each signature certificate includes the signers name attached to the WordPress audit trail and the signers profile so you can easily identify the signer that was associated with your document.
Signer Party ID
ApproveMe’s WPESignature will generate a custom WordPress Audit trail which will include a customer “Signer Party ID” for EACH party that is associated with your document. The Party ID is a unique text and numeric ID (or identifier) that is assigned to a particular signer (or party) of a document. Think of this as the “social security number” or unique number/identifier of a particular signer, it is this text and numeric string that WPESignature uses to identify your signer.
Signers IP Address
The IP Address is a unique string of numbers that are separated by periods and identifies each computer that uses the Internet protocol for communicating over a network. If your computer (smartphone, tablet, etc) is connected to the internet then the device will have a unique ip address (which can be traced back to the internet provider).
WP E Signature logs the ip address of your signing party in their signer profile so you can have record of the network connection that was used to electronically esign your document.
Signer Authentication Security Level
ApproveMe's WP E Signature has multiple authentication and verification methods. The security level will vary per document based on the security method that the document sender selected when creating their document. It is important to note that some regions/countries prefer specific security and authentication methods on documents that have a digital signature.
Available Security Methods:
• Email Verification
• Access Code
• Public Records
• SMS Text Message
Because we are security fantastics! And because we truly do want to protect our customers and their signers, we have decided not to allow a user to "upload a photo” or image of their legal signature.
Our current method traces the mouse strokes (or trackpad strokes when using a tablet or smartphone), our application encrypts these strokes, and then stores the encrypted data in a unique database table on your website. If a database onlooker were to look at the database table they would not be able to see the mouse strokes but rather a “password protected encryption sequence” of the mouse strokes.
Whenever a contract is called in our application, our proprietary software un-encrypts the signature database entry and generates the saved mouse strokes on demand as if it were just drawn.
The WordPress audit trail and signature certificate includes the unencrypted and drawn (or typed) signature for each signer.
Multi-Factor Digital Fingerprint Checksum
The Multi-Factor Digital Fingerprint for WPESignature is an incredible security feature in your signer certificate. Similar to a human fingerprint each recipient of a WordPress E Signature generated contract will take on a unique Multi-Factor Digital Fingerprint. The fingerprint is made up of a series of data events that are associated with the signer party’s digital signature which was used to electronically sign their document.
Digital Fingerprint Barcode
With your smartphone or tablet you can find any number of free (PDF417) bar code readers from your app store. Once you've installed a bar code reader app on your device you can easily scan the digital finger print ID barcode. Scanning the barcode should return the numeric and text ID of the digital fingerprint as it is printed in the audit trail.
If the digital checksum fingerprint that is printed on your document does not match the numeric and text string that is displayed on your tablet or smartphone device when scanning the barcode, you can have reason to suspect the authenticity of the document. WPESignature scanned digital fingerprint barcodes should match the exact multi-factor digital fingerprint checksum that is generated on your document.
Timestamp Document Activity
There are many visible (and invisible) factors that make WP E Signature a UETA/ESIGN compliant electronic signature application. Among these many factors is the document activity and events time stamp log.
The super admin user of the WPESignature software has the ability to select their default timezone settings for the audit trail. Once an event takes place the exact moment in time the event/activity took place will be recorded in the timestamp section of the signature certificate.
If a super admin user changes the default timezone it will not affect the recorded timestamps but will only affect all future timestamps. The actual timestamp (including the timezone) is logged in the database and is not a dynamic value but rather it is a hard-coded event.
Document Activity Audit Log
The document activity audit log records ALL events and data that is associated with a contract. This includes the signer, sender, or viewers name, email address and even their ip address. The events data includes information related to the type of activity i.e. document status, signature events, creation date and more.
Live Document Barcode
Some jurisdictions and industries require electronic records of signed documents to be made available for a specific time frame. The QR barcode that gets generated on the last page of your audit trail is a scannable url link that will redirect to the live version of the closed document.
You can easily download a free QR barcode scanner from your ios or andriod app store and use a smartphone or tablet to scan and verify the contents of a closed document.
If a document has been tampered with the url will not be active. Also if the site admin removes the eSignature software from their website or deletes the document all together scanning the barcode would result in a bad url.
If your document is still available and it has not been deleted (or tampered with) you can expect to access the document in it's original form.
Be sure to verify that the Document ID, Digital Fingerprint Checksum's, Audit Signature ID #, and Signing Party ID# all match the original document that was emailed or downloaded when the document was originally marked as closed.
Website the Agreement was Made On
The website the agreement was made on will be displayed in the bottom left footer of all pages that get generated using ApproveMe's WPESignature software.
Audit Signature ID #
The Audit Signature ID # is another one of our tamper resistant technology features that is included in the WordPress eSignature Audit Trail. This unique serial number protects you and your signers.
The audit trail and event log is made up of timezone specific timestamps, signer events, document activity logs, user ip address', legal names, email address and event data. Once a document status is changed to closed (i.e. all signatory parties have added their electronic signature’s to the contract) the audit signature id # will get generated in the footer of the document.
This signature id# is the sum of ALL document events and audit trail data related to each particular document.
Once a document is marked closed all parties will receive an email with the audit signature id# in the email body.
If ANY of the timestamps or audit event data is EVER manipulated in the database where the agreement lives the audit trail signature ID# will instantly be updated to a new sequence. If the audit trail serial number does not match the serial number in the emails that were sent out and in the footer of the originally completed document you can have reason to suspect document tampering.
Tamper Resistance Technology
Copy of the Digital Signature
A carbon copy of the e signature mark from your signer will be attached to the audit trail for digital signature accountability.
Digital Fingerprint Bardcode
Similar to a human fingerprint each esignature will have a unique Digital Fingerprint. Scan the barcode for verification... (read more)
Timestamp & Event Log
The detailed audit trail includes the time, date, ip address and identity of each signing activity to further substantiate the traceability of signer intent.
Audit Trail Serial Number
When a document is completed the audit log receives a serial number which is emailed to all signing parties. If the log is ever altered or tampered with in anyway, this serial number will be updated immediately (read more)
How to validate a Digital Fingerprint
Scan your eSignature code to verify
- Download a smartphone PDF417 bar code scanner for your app store
- Scan the Multi-Factor Fingerprint Checksum ID
- The barcode scanner should display the exact same text and numeric sequence that is beside the barcode inside of your smartphone app.
*If the digital fingerprint checksum does match the checksum in your Signature Certificate then you can suspect document tampering.
How this WordPress Audit Trail for eSignature Works!
WP E Signature transforms a WordPress website into a legally binding document signing application. Once a document has been signed a copy of the signed document and a detailed audit trail is available to the signers using your website. There’s no need to check back with WP E-Signature to verify a signature. So long as WP E-Signature is installed on your website it’s there.