May 12 2017 0comment

Process Agility with Digital Signature

Organizations around the world are transforming their businesses, using digital technologies to deliver agility, efficiency, cost saving and great customer experiences. Document signature processes represent one of the biggest opportunity areas to accelerate this shift. Workers spend countless hours hunting down approvals and ink signatures – and then print, scan, fax or mail documents to get the job done. The resulting delays frustrate customers, business partners, and employees alike – and it ultimately reflect poorly on the company’s brand.

It’s little wonder that organizations have embraced digital signature. Today leading companies in every industry and geography – including Yahoo, Tata and Linkedin – get fast, legal and secure signatures electronically. The results are very impressive. Many customers who have adopted this technology, successfully reduced their cycle time by an average of 3 weeks, with a 98% document turnaround time improvement. The biggest question today isn’t whether to adopt digital signatures – it’s how to go about it.

A digital signature is basically a mathematical technique used to validate the authenticity and integrity of a message, software or digital document. It is a digital equivalent of a handwritten signature or stamped seal, but offering far more inherent security. Digital signatures can provide the added assurances of evidence to origin, identity and status of an electronic document, transaction or message, as well as acknowledging informed consent by the signer.

How does it work?

Digital signatures are based on public key cryptography, also known as asymmetric cryptography. Using a public key algorithm such as RSA, one can generate two keys that are mathematically linked: one private and one public. To create a digital signature, signing software creates a one-way hash of the electronic data to be signed. The private key is then used to encrypt the hash. The encrypted hash — along with other information is the digital signature. The reason for encrypting the hash instead of the entire message or document is that a hash function can convert an arbitrary input into a fixed length value, which is usually much shorter. This saves time since hashing is much faster than signing.

The value of the hash is unique to the hashed data. Any change in the data, even changing or deleting a single character, results in a different value. This attribute enables others to validate the integrity of the data by using the signer’s public key to decrypt the hash. If the decrypted hash matches a second computed hash of the same data, it proves that the data hasn’t changed since it was signed. If the two hashes don’t match, the data has either been tampered with in some way or the signature was created with a private key that doesn’t correspond to the public key presented by the signer (Authentication).

A digital signature can be used with any kind of message – whether it is encrypted or not simply so the receiver can be sure of the sender’s identity and that the message arrived intact. Digital signatures make it difficult for the signer to deny having signed something – assuming their private key has not been compromised as the digital signature is unique to both the signer and receiver, and it binds them together. On top of that, more countries around the world accept digital signatures because they comply with international standards for security.
Avaali supports mid to large enterprises to significantly improve process agility with Digital. For more information visit www.avaali.com.