Form Signature Pads vs. WP E-Signature
Are You Putting Your Signers at Risk with Your WordPress Form Signature Pads?
Did you know that most major WordPress form signature add-on plugins put you and your signers at risk?
The identity theft vulnerability is related to an insecure method used to store images of a signer’s hand drawn signature (the same signature which is used to buy a house, apply for a credit card, take out a business loan, etc.) on the ftp server of a WordPress website that was using the original non-compliant Signature Add-On. The original signature plugin available with most WordPress form plugins saves an image of hand drawn signatures on an ftp server, putting both the site owner and their signers at high risk for identity theft.
ApproveMe’s WP E-Signature offers a solution that patches this security vulnerability by closing the gap between applying it’s proprietary esignature security protocol’s to the signature transmission process and complying with the Uniform Electronics Transactions Act (UETA)/U.S. E-Sign Act.
The electronic signature industry is a highly regulated industry, harboring strict laws and regulations surrounding the electronic signature and digital signature transmission process. Given the consistent rise of WordPress usage (over 74,652,825 websites are currently running WordPress), and the fact that 23% of the internet currently employs the open source content manager, a large number of freelancers and small business owners are unknowingly putting themselves and their clients at risk for identity theft by using non-compliant and vulnerable signature plugins.
“Most WordPress contract plugins and signature Add-Ons out there are not legally binding, let alone UETA/ESIGN compliant,” says ApproveMe CEO, Kevin Michael Gray.
“These plugins and add-ons do not adhere to the strict laws and regulations in the document singing industry. Typical signature Add-Ons only capture signature information as it is drawn. The signature data is sent to the web server where this information is converted into a PNG image and stored on a server (which is often times shared with hundreds of other websites on a cheap hosting plan unbeknownst to the website owners),” says Gray.
ApproveMe.com has created the first legally binding, UETA/ESIGN compliant, self-hosted WordPress plugin that solves this esignature identity theft vulnerability. Their new WordPress plugin allows freelancers, entrepreneurs and small business owners to safely and confidently accept legitimate digital (encrypted) signatures on their contracts and proposals without exposing the actual signature of their signers to FTP intruders. No image of the legal signature is stored on the FTP server.
7 Ways to Protect Yourself from Contracts That Aren’t Binding
In this free guide, we'll outline seven practical things to look for when creating and sending contracts to your customers.
For more information about the ApproveMe WP E-Signature signer protection you can review the resources below: