Building trust in digital agreements in the world of web3 

Sameer Hajarnis at OneSpan explores how businesses can secure digital trust by using e-signature and notarization solutions that involve multi-factor authentication, identity verification and encryption

 

As the digital economy thrives, businesses and consumers are becoming increasingly comfortable conducting high-value transactions online. To adapt to the Web3 era, organisations must provide flexible, digital alternatives to their traditional business processes.

 

For those in the C-suite responsible for security practices such as CISOs, one such process being turned to is the electronic signature, or “e-signature”. E-signatures, which serve as a digital substitute for in-person transaction signing, can help improve the consumer experience process and better secure each step along the transaction lifecycle.

 

Similarly, many CISOs are also looking to remote online notarisation as a means of securing high-value transactions such as contractual agreements, mortgages, and powers of attorney. 

 

However, amidst the evolving threat landscape, there are growing concerns that hackers can and will tamper with the integrity of these digital agreements. This is especially true as the value and volume of these online transactions rise. 

 

According to MSB Docs, 65% of companies using traditional pen and paper methods report that collecting physical signatures adds an entire day to their work process. In addition to streamlining workflows, e-signatures improve customer experience, eliminate errors, and enable process tracking.

 

The rapid rise and convenience of e-signatures, however, has led many businesses to overlook certain security issues.

 

The Neustar International Security Council recently found that only around 50% of companies have sufficient budgets to meet their current cyber-security requirements. This – along with high profile attacks such as Operation CloudHopper, which targeted managed service providers, compromising thousands of organisations – poses a significant risk for industries conducting high-value transactions online.

 

In fact, Cifas, a fraud prevention service in the UK, has previously pointed to surges in identity fraud. Cases filed to the National Fraud Database increased by 11% in the first six months of 2021, showing the UK’s cyber-security laws need to be strengthened to effectively protect vital services and the supply chains they rely on. 

 

One of the main challenges for CISOs is how to implement stringent cyber-security practices without disrupting the customer journey. Abandonment and customer drop-off rates are always a risk, and even the slightest inconvenience can drive consumers away. While customers seek trusted online experiences, many organisations mistakenly believe that security processes can disrupt the customer experience.

 

However, Digicert’s 2022 State of Digital Trust Survey revealed that 47% of consumers have stopped doing business with a company after losing trust in that company’s digital security, and another 84% of customers would consider switching providers.

 

To mitigate these consequences, it is up to CISOs to stress the importance of prioritising both cyber-security and customer experience, rather than one or the other. The following cyber-security initiatives serve as a great starting point on the road to securing digital interactions.

 

Compliance is key

In the year ending March 2020, cyber-related fraud incidents increased to 61% from 53%. UK Finance also reported a staggering 151% rise in fraud, with 246,285 offences compared with the year ending March 2021.

 

In response to a 2022 public consultation and this rise in cyber-related fraud, the government updated cyber-security laws and implemented strict security measures, setting higher cyber-security standards in the UK.

 

These updated laws enhance the UK’s resilience against online attacks and strengthen the 2018 Network and Information Systems (NIS) Regulations, designed to protect essential and digital services from sophisticated and frequent cyber-attacks, now and in the future. 

 

Compliance requirements may vary based on company location and industry. Nevertheless, non-compliance with security measures can now result in fines of up to £17 million. This highlights the critical importance of organisations adhering to security laws when implementing e-signature solutions. By doing so, CISOs can ensure maximum security for users and minimise the ongoing risks of identity fraud.

 

When CISOs consider remote online notarisation as another means of securing high-value transactions, such digital alternatives introduce additional complexities in compliance. Unlike traditional notarisation – involving in-person screenings to protect personal rights and property from threat actors – remote online notarisation requires organisations to virtually authenticate applicants’ identities.

 

This authentication process often involves ID verification and Knowledge-based Authentication (KBA) to meet stringent standards of authentication and verification. Only after successful authentication can the e-signature be executed, ensuring compliance with the necessary security protocols. 

 

Authentication at every step

Digital processes and customer interactions need to be secured at every step along the cycle of a transaction. While one-time verification may seem secure for transactions, continuous authentication is essential for securing e-signatures and notarisations.

 

Organisations should ensure security measures are integrated into every touchpoint in the customer journey. The digitisation of high-value transactions offers numerous benefits to organisations but exposes them to various risks if the associated cyber-threats remain ignored.

 

In the age of Web3, organisations must gain full awareness of such cyber-attacks and compliance failures capable of jeopardising the validity of online transactions.

 

Industries handling valuable information, such as automotive, banking, real estate, legal, and insurance, particularly need to ensure that online notarisations operate within a secure environment.

 

Having this awareness, application providers need to prioritise weaving security into all their choices. CISOs should embrace heightened security integrated into the fabric of all transactions and agreements.

 

Organisations involved in high-value transactions should invest in e-signature and notarisation solutions that use multi-factor authentication, identity verification, encryption, and other secure processes. These measures help safeguard sensitive information and ensure the authenticity of transaction parties. 

 

---

 

Sameer Hajarnis is CPO at OneSpan

 

Main image courtesy of iStockPhoto.com