DocuSign meets and exceeds the most stringent US, EU, and global security standards. No other Digital Transaction Management (DTM) company can match the enterprise security and operations investments DocuSign has made—and third-party audit reports back it up. DocuSign is the only eSignature provider to be xDTM, ISO 27001 and SSAE 16 certified and tested internationally, across the entire company and its data centers.
Aug. 26, 2015
DocuSign’s Single Sign-On certificate used for SAML AuthN requests and WS_Federation encryption in our NA1/NA2/EU1 production environments is about to expire. As a result, the certificate consumed by your Identity Provider (IdP) will be rolled over to ...
July 29, 2015
On July 20th, an out of band security update was released by Microsoft to address a critical vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted document or visits an untrusted ...
I had been living in a new city for about three years, and it was time to stop renting and buy a home downtown. My goal was to remain close to all the activities and conveniences urban life afforded. After a few months of rigorous searching weeknights and on weekends, I found the perfect condo. The hard part was done, right? Wrong. It had been about 10 years since I purchased a home, but the nightmare of signing and sending back forms quickly jarred my memory. I received multiple e-mails to electronically sign forms, provide identification, etc., etc. Initially I was impressed with my realtor’s use of eSignature, but I immediately became skeptical of the security and validity of the transactions. What if someone hacked my account? How could my realtor know I was the one signing the forms in the first place? I hesitantly eSigned all the forms just to get ball rolling on the completion of my new home purchase, but I was uncomfortable about the entire transaction process.
This experience had me thinking about my business as well. How do we know if the person we mailed, faxed or e-mailed was the person who signed the document? What if their e-mail account was hacked? Is there a better way to add an extra layer of identification and authorization, especially in our digital world?
Of course there is. Have you ever been locked out of your social media or cell phone website? One of the first options for these companies to identify you are who you say you are is by texting a code to your phone. Once the code is entered on the site, you are able to update your password, and you’re back in action.
Enter SMS Authentication? SMS stands for “short message service” and is most commonly referred to as a text message. According to a 2014 Pew Research Center study of mobile technology, over 90% of American adults have a cell phone and 81% primarily use their phone for messaging.
The same capability is also possible with Digital Transaction Management (DTM) where you have a variety of secondary authentication methods, one of the most popular of which is SMS authentication.
What better way to identify a person than through a device that is often just as personal and safeguarded as a wallet? Using SMS Authentication reaches the majority of your clients and delivers a personalized pass code via the fastest and most convenient method of communication that customers expect when conducting business digitally.
We’ve created a guide to help you take DTM to the next level by providing security and peace of mind for both you and your customers.
Click here to learn more about how to add an extra layer of signer authentication using SMS.
Always feel free to e-mail us at KMteam@docusign.com to learn more.
The conversations will continue in full-force at DocuSign MOMENTUM 2015. Please click here to register today and meet 1:1 with the architects behind keeping your data and documents safe.
Security White Paper