#1
  1. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    May 2004
    Location
    Boston, MA USA
    Posts
    571
    Rep Power
    51

    Digital Signatures


    Hi:

    I have a business management system which is written in PHP/MySQL and includes various functions such as CRM, Business Development, Sales Management. etc. My customers (SAAS) use it to manage their businesses and THEIR customers can login to access important documents, purchase products and services, etc.

    I would like to add electronic signatures as a feature so my customers can have their customers digitally sign agreements. Currently, there is a simple "Type your name here and check the box indicating you agree to the terms of this [document] ". Technically, that is not a digital signature and I am sure it could be challenged in court. For more robust purposes, the system has the ability to download, scan and upload actual paper signatures.

    What's the best way to include a verifiable digital signature. I'd like not to go down the road of Docusign (or similar) because I think it will get pretty pricy, given the number of users.

    Does anyone have any experience developing simple electronic signatures? Is it something I can program myself and have it legally binding?

    Thanks
  2. #2
  3. Impoverished Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    16,887
    Rep Power
    9646
    Digital signatures are not literally signatures in a digital form. They're part of a cryptographic system.

    You may not need full cryptography - if you're worried about courts then consult a lawyer, of course, but it's likely sufficient to simply prove that a particular user agreed to the terms. Which your application should already be able to do by virtue of existing.
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    May 2004
    Location
    Boston, MA USA
    Posts
    571
    Rep Power
    51
    OK, thanks for the reply... I will start by investigating "cryptographic systems".

    Originally Posted by requinix
    Digital signatures are not literally signatures in a digital form. They're part of a cryptographic system.

    You may not need full cryptography - if you're worried about courts then consult a lawyer, of course, but it's likely sufficient to simply prove that a particular user agreed to the terms. Which your application should already be able to do by virtue of existing.
  6. #4
  7. Impoverished Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    16,887
    Rep Power
    9646
  8. #5
  9. Wiser? Not exactly.
    Devshed God 2nd Plane (6000 - 6499 posts)

    Join Date
    May 2001
    Location
    Bonita Springs, FL
    Posts
    6,271
    Rep Power
    4193
    If I remember right, when I did my taxes turbo tax's e-signature setup was basically just a place to type my name and current date, nothing real fancy. Most places where I've had to e-sign something has been a similar process. I have no idea what exactly the rules are for such a system though, that's where you'd have to ask a lawyer.

    If the users have an account there, you could perhaps require them to re-enter their password at the same time in order to sign something as an attempt to verify that it is indeed them submitting the signature.

    If you want to use cryptographic digital signatures then your users would have to obtain and keep a digital certificate to use for the signing process. I wouldn't trust your average Joe to do such a thing since most people can barely keep their passwords and photos.
    Recycle your old CD's



    If I helped you out, show some love with some reputation, or tip with Bitcoins to 1N645HfYf63UbcvxajLKiSKpYHAq2Zxud

IMN logo majestic logo threadwatch logo seochat tools logo