This invention relates generally to authenticating documents and more particularly to methods for escrowing electronically signed documents with reliable authentication.
The disclosures of all of the following provisional and utility patent applications are incorporated by reference herein: U.S. provisional patent application Ser. No. 61/253,778, filed Oct. 21, 2009, entitled “Improved Systems and Methods for Document Signing”; U.S. patent application Ser. No. 12/908,827, filed on Oct. 20, 2010, entitled “Document Signing Systems and Methods,” U.S. patent application Ser. No. 12/908,840, filed on Oct. 20, 2010, entitled “Computer Form Action Zone Summary System and Method,” and U.S. patent application Ser. No. 12/908,847, filed on Oct. 20, 2010, entitled “Form Completion Rate Enhancement System and Method.” This application does not rely for priority on the U.S. patent applications listed above nor is a claim made of benefit from the filing date of the U.S. provisional patent application.
Businesses and individuals rely on legally executed documents in a variety of contexts, from completion of complex forms used by governments and institutions (e.g., insurance forms, car loan and purchase forms, and the like), to simple contracts between individuals (e.g., lease agreements, wills, and a host of miscellaneous arrangements), with a range of contracts in between.
Documents signed by overnight envelope take a minimum of one day to reach the recipient and an additional day to be returned. Due to intra-office distribution delays and recipients' tendency to put paper documents in to-do piles, the average cycle time using overnight envelopes is 5-7 days. Documents signed by fax have an average cycle time of 2-3 days, due to intra-office delays, procrastination of paper document tasks, and fax machine mishaps. Faced with the burden of signing a paper document and returning it by fax, scan, or mail, many recipients put it down on their desk and forget about it.
As a result, users are increasingly turning to exchanging executed documents online. These documents not only include a field for including a signature, such as the type described above, but may be more complex to include additional fields that may require the signer to initial, sign, or take some other action. To guarantee the authenticity of such documents, electronic copies of the documents may be kept in storage by a third-party electronic document escrow server.
Nevertheless, even the authenticity of document held by a third party escrow service may be questioned at some time. For example, written signature information, such as the shape of the signature, may be falsified by someone who surreptitiously obtained login data from a user, such as an email login. In this case, an emailed link to a secured document may fall into the wrong hands and the signature falsified as is done on paper documents. Determining whether the signature is real could become a job for a handwriting forensic analyst, which could make all the data carried by the electronic copy no better proof of valid execution than a handwritten paper and ink signature. In another case, a signature could be coerced by another party and/or the document executed on a machine other than that owned by the purported document signer. In yet another case, a device owned by the document signer may be stolen and unlocked (if it ever was locked) by another party, who fakes a signature of the purported document signer. In yet other cases, one of the parties may, for their own reasons, dispute the authenticity of a signature.
Thus, the authenticity of the signatures on an electronic document escrowed by a third party service is no better than the authenticity data collected along with an escrowed electronic document. To the extent that any of this data is unreliable or “hackable,” there is a chance that a stored document may not represent a validly executed document.
Furthermore, it is known that when a person clicks on a link on a cell phone browser or application, a document can be sent (i.e., downloaded) via email or via a link sent via email or other electronic method, such as a text message. The downloaded document can be filled out and signed by a possessor of any cell phone having access to a website or email server on which the downloaded document can be accessed. At best, if a document is downloaded and signed, all that might be proved in some cases is that someone who had access to an email account of the intended recipient downloaded and signed the document. There may be associated biometric data indicating how the document was signed, or there may be data indicative of only an image of a signature, but these indications may not be sufficient to verify the actual signer in at least some cases.
Some cell phone manufacturers such as Apple (e.g., iPhone 5) require or allow fingerprint recognition for unlocking certain of their cell phones, but do not now provide (nor have indicated that they will ever provide) accessibility to the fingerprint recognition device via an API for application developers. In addition, out of privacy concerns, many cell phones users may be wary of having their fingerprints accessible to many different application developers.
There is thus a need for apparatus and methods to enhance the reliability of the authenticity data stored along with escrowed electronic documents, and a related but separate preference to avoid collecting data that users of cell phones and other mobile devices would feel was an invasion of their privacy.