In case you’ve never had the pleasure of digitally signing a document, e-signatures allow anyone to sign documents from any device with a couple of clicks. It’s typically the last step of a very long and tedious paperwork process. With digital signatures we eliminate further elongating the paperwork process; no more shuffling physical documents and hunting down people for wet signatures.
The instant gratification of e-signatures means it is the expectation for customers when interacting with digital products that include documents. Whether it’s an online mortgage, digital insurance policies, or employment offers, having e-sign embedded as part of your product flow provides a better, hassle free experience while also minimizing customer drop-off.
When building e-signatures into any product, it is tempting to “roll your own”. Maybe it is a core part of your product flow and after spending countless hours perfecting your product design, you want the final step to perfectly match your brand. Perhaps you looked around at various e-sign providers and were turned off by the pricing or difficult integration. Whatever the reason, there are a couple of things to consider when trying to roll your own e-signatures.
First, it’s important to understand if you need an e-signature or just a digital signature. E-signatures are digital signatures, but not all digital signatures are e-signatures. The biggest reason for choosing e-signatures over a simple digital signature is whether an underlying PDF is needed in order to represent an agreement. Common processes that use e-signatures include:
- Sales Contracts
- Government documents
- Financial Agreements
Digital signatures are more commonly used in what are known as click-wrap situations, where a user is asked to “read some text” then “check a box”. This is more common when all that is needed is a simple acknowledgement of the legal text.
What constitutes an e-signature is defined somewhat vaguely by various laws. The most notable are the USA Electronic Signature Act and the EU eIDAS laws. Both laws state what can and cannot be considered a signature but leave the implementation details to the technology industry. PDF, the most common file format for agreements, has a technical specification that spells out how to properly implement e-signatures within a PDF document. The process includes a couple of steps:
- First, you must track personally identifiable signer information such as IP addresses, email, timestamp etc.
- This is followed by a cryptographic step where the document is signed using a cryptographic PKI system.
For a document to adhere to the e-sign laws, both the logging and the cryptography actions need to happen.
To further complicate matters, the EU eIDAS rules identify different levels of signing authenticity based on the importance of documents. Certain documents need a higher level of security and scrutiny than basic agreements.
Beyond just implementing the e-signatures, there is a lot of table stakes software that is needed to manipulate PDFs in preparation for the signature. This is detailed in a previous blog post, Build vs. Buy: PDF Service. After the PDF infrastructure is set up you will also need to set up your cryptography service, which includes.
- Purchasing a signing certificate from a certificate authority
- Purchasing access to a timestamp authority
- Implementation of logging mechanisms to properly identify signers
- Tying everything together in order to track, log, verify and encode the signature data into the PDF document.
While you may think that e-signature services are getting away with exorbitant pricing, in most cases it is actually much cheaper to integrate with an existing provider than to roll your own service. Only at an extremely large scale does it make sense to build and maintain your own e-signature service if it is not your core product. Costs to implement include.
- PKI Certificate cost - if you want your signed documents to be recognized by authorities you will need to purchase a certificate from a recognized certificate authority. This starts in the 5 figure range and can easily reach the 6 figure range depending on your certificate requirements and hosting.
- Timestamp Authority - also a monthly or yearly cost in order to gain access to a recognized timestamp authority. This can be in the hundreds to thousands of dollars a year.
- Hosting - PDF manipulation and cryptographically signing documents is a slow and compute intensive process. This translates into high hosting costs.
- Engineering - Building and managing a compliant, scalable signing service is a full-time job. Building your e-signature service will be the work of at least one, if not 2-3 engineers, for as long as you need the service.
Is building e-signatures a core part of your product offering, or is it just the final step in your product flow? Does owning the e-signature infrastructure give you a competitive advantage over your peers?
If there isn’t a strong business case for rolling your own e-signatures, then your team's time is probably better spent building differentiated features for your product. PDFs and e-signature systems require a lot of effort to implement and ongoing effort to maintain. When trying to find product market fit, testing new ideas, it absolutely makes sense to focus effort on quickly rolling out products vs building infrastructure.
There are a whole host of e-signature providers out there. DocuSign being the most notable, and often the preferred choice when brand recognition is most important. But there are strong reasons that make Anvil the preferred e-signature provider for technology first companies.
- Developer Focus - Anvil (in our humble opinion) is the most modern, API first e-signature provider. We built Anvil using modern web technologies like GraphQL and React. We also provide client libraries in common languages to further accelerate your product development.
- Customizability and Embedding - Anvil allows you to do more than just change the colors of the signature UI. You can style the UI to perfectly match your brand using custom CSS stylesheets. Plus – you can embed Anvil Etch e-sign in flow so your users never have to leave your product to login to an external signing service.
- Pricing - Anvil has the most fair and transparent pricing. We only charge when a signature packet is completed by all signing parties. This, combined with our pay-as-you-go pricing model provides the lowest barrier to entry for any company. Contrast this with the current industry standard of charging for each packet that is sent (regardless of if they get signed) and hefty annual commitments.
Anvil is the paperwork automation platform for builders. We created Anvil to help product teams build, deploy, and scale software that automates paperwork; from data-collection, to document generation, and e-signatures. Anvil is built to blend seamlessly in your product, with custom styled UI components to robust API endpoints and webhooks. Let us help you build table stakes document automation features so you can focus on building value added features that make your product stand out.