By Matthew J. Schiltz
Online banking is widely considered to be one of the all-time greatest applications of the Internet, yet many banks are squandering the opportunity to add droves of new online customers because they do not offer customers an alternative to signing paper documents to open an account online.
Consider the following statistics from Changes Sciences Group, a New York-based research company that evaluates banking Web sites: nearly 60 percent of sites make logging in more difficult than it needs to be and 73 percent of sites do not adequately show people how online banking works.
But perhaps the biggest shortcoming of banks doing business on the Internet is that they stymie the process of opening an online account by requiring a customer to put a signature on paper. This involves mailing a paper welcome kit to prospective customers who are required to sign and mail back the documents. Forcing this final step to be on paper seriously reduces the business value of the entire e-commerce investment. An analogy for this is forcing someone who is buying a new word processing package to type the purchase order with a typewriter. Inserting snail-mail into the process of opening an online bank account ironically alienates the very people who chose to bank online for the convenience and ease of a paperless transaction environment. Any person savvy enough to sign up for online banking services is the last one who should be forced to deal with the very thing he or she is trying to avoid: the burden of filling out paperwork.
“Any time you require people to return things in the mail, you’re going to decrease the number of accounts successfully opened,” said Steve Ellis, a partner at Change Sciences.
These unnecessary paper signature steps put a serious dent in new deposits flowing into banks – deposits the industry sorely needs. Although deposits as a percentage of assets rebounded in the fourth quarter of 2006, they hit the lowest point in the FDIC’s history in last year’s third quarter.
It is important for banks that are considering using electronic signatures to understand their positive business impact. For example, prior to adopting electronic signatures as a core part of its customer acquisition process, a financial services customer of DocuSign, an electronic signature service provider, experienced only a 35 percent success rate getting signed paper agreements back from prospective customers via snail-mail. In other words, two-thirds of their customer acquisition efforts failed. What’s more, this failure rate increases the effective cost of an overnight envelope from $18 to a whopping $54 per successful paper transaction. Once the customer implemented electronic signature services, its rate of completing customer documentation jumped to 80 percent – a dramatic increase in the overall close rate of 128 percent. Another DocuSign customer case study in financial services reveals that is it not unusual to experience on average a two-week delay in mailing and getting back correctly signed paper account documents. Since implementing electronic signatures, the time to obtain a signed agreement has been reduced in some cases by more than 93 percent. Financial services companies have discovered that the two metrics are interrelated: If you reduce the time to obtain a signed agreement, a prospective customer has less time to change his or her mind or shop the competition, therefore the close rate increases.
Banks have no reason to restrict themselves to using so-called “wet” signatures on paper. When Congress enacted the federal E-SIGN legislation in 2000, it gave the same legal protections to electronic online signatures as traditional pen-and-paper signatures. Since then, large corporations including Microsoft and AOL have successfully tested the legislation by winning lawsuits in which customers attempted to renege on signed electronic contracts. DocuSign has executed millions of customer signature events in its system without a single legal issue. The signatures cover important legally binding documents such as loan agreements, purchase agreements, mortgages, real estate transactions, non-disclosure agreements and supplier contracts. Electronic signatures are in volume use today by corporations as large as General Electric to small sole proprietorships.
Advantages for Banks
With the E-SIGN legislation gaining clout, visionary banks are working to eliminate the paper-signature bottlenecks that bog down the online process of opening accounts. They understand that using paper not only decreases the number of online accounts that will be opened, but also puts a crimp in a number of advanced online-banking features, such as immediate online approvals and the ability to instantly fund accounts through electronic transfers.
At the same time, taking paper out of the signature process offers a significant upside. Electronic signatures enable banks to secure deposits faster, effectively lock out the competition and reduce the cost of acquiring deposits and customers. That low-cost advantage makes it ideal for Web-based business models that strive for rapid deposit growth without the overhead of traditional banking. It also enables banks to cross-sell services to customers quickly and efficiently. In addition, secure electronic transactions reduce the chance of ID theft because total control over the information is maintained at all times, unlike the paper process that is the source of 88 percent of all ID theft.
While a number of banks have implemented electronic signatures, not all have done an effective job. One large institution, for example, created a box on its Web site that looked like a physical signature card – complete with a dotted line and an X – with the instruction “Sign here.” No doubt it stumped a lot of people about exactly what they were supposed to do. “Banks are having a hard time wrapping their heads around what an e-signature is,” Ellis said.
Any bank considering implementing electronic signatures needs to be sure that it fulfills core requirements for an electronic signature as defined by law. Intent is required for a valid electronic signature. In other words, signers must understand that they are dealing with a legal document, and they are signing it. For that reason, the e-signature process should always occur within a structured online setting that takes signers through various overt actions, such as creating a unique, legally binding signature that is solely under their control, acknowledging that it’s legally binding, and applying it to a document. These steps make it clear to signers that they are signing a binding agreement or contract.
Another important factor is non-repudiation – when there is no chance someone could deny they signed a contract. Non-repudiation eliminates arguments such as, “Somebody changed the document after I signed,” or “I didn’t see that part of the contract.” The best e-signature solutions will manage the entire signing process, including authentication with a strong, very detailed, tamper-proof audit trail that indisputably associates the content of the contract, the date signed and the parties involved.
Also critical to the effectiveness of the online signing process is establishing the identities of the parties involved, since they do not see each other as in a traditional signing. This is an important task because proof of identity must be firmly established without imposing mechanisms that are too cumbersome or complex. The best solution is establishing identity using only a Web browser.
A relatively simple method of authenticating users that has gained credibility in the online world is something known as “out-of-wallet” verification. “Out of wallet” refers to personal information that is readily known by a customer but is not generally known, and would not be discovered through access to a lost or stolen wallet.
Typical out-of-wallet questions include: “Which of the following addresses have you previously lived?” (customers must find the correct address from a list) and “Which companies have you worked for in the past?” Answers to such questions can be verified through vast collections of public information managed by credit and other information agencies. Such methods are already in wide use by large financial institutions for phone-screening customers.
Recently, biometric methods of verifying people have become more sophisticated and can now be implemented without hardware or software. A biometric that is particularly well-suited to opening online accounts measures computer keystroke timing. Just as handwriting is unique to individuals, so is the way they navigate a keyboard. Keystroke timing recognition measures such details as the length of time between keystrokes, the length of time that each key is held down and a person’s typing speed.
These different types of authentication, as part of an electronic signature system, represent several options, from a simple password up to true multi-layer authentication for very sensitive transactions. An advantage of these methods is that they do not require additional hardware or software to be installed by the user. In that respect, they differ from public key infrastructure (PKI) or signature pads that require special hardware and software and cannot be used for remote or Web-based signing.
PKI technology has been available to the banking industry for years, but “adoption of key-based signatures for customers has really not taken off,” said Madhavi Mantha, a senior analyst at Celent, a Boston-based financial services research company. She attributed the industry’s lack of interest to PKI technology’s “cost, complexity and intrusiveness.”
It is also critical that an electronic signature service vendor delivers enterprise-class security within a data center that meets the very highest standards of security for a financial services business. The facilities must be completely secure, the encryption of documents and signatures must be based on the most advanced algorithms and confidentiality must be absolute.
An electronic signing method that is easy to execute and closely imitates the ceremony of signing on paper is highly likely to strike a positive chord with customers. E-SIGN legislation does not require as much, but for consumers, it is satisfying to see their e-signed name in cursive at the appropriate spot in an online document signature block. This provides a critical personal affinity with a traditional “wet” signature. This psychological benefit helps complete the leap from paper to electronic signing. In our extensive experience, we have found that customers want the best of both worlds: the ease and speed of e-signing combined with the familiarity of the “wet” signature ceremony.
The look and feel of the electronic signature is only one consideration when making a vendor selection. With security and reliability being paramount, institutions should investigate whether a solution has been successfully reviewed by other major corporations. Large institutions in particular will want to ensure the technology has been architected from the ground up for enterprise-class use. Finally, institutions should ensure each e-signature produced by a system is backed up by a complete and fully legal audit trail. For example, DocuSign houses its data center in a full Statement on Auditing Standards Type II data center. Fortune 50 companies can then apply their due diligence rigors, including security audits, advanced network and data penetration testing. It is critical to make certain an e-signing supplier has a world-class platform housed in a world-class data center.
Banks whose goal is to secure a strategic online advantage will look at the real-world results of a 128 percent increase in successful customer acquisition rate, and the 93 percent reduction in time to receive signed documents and be quite motivated to catch up with the state-of-the-art in online e-signing. Financial institutions that make the leap to e-signatures can look forward to closing deals more quickly, boosting online deposits and locking out the competition. Their investments in e-commerce will finally enable them to “close the deal.”
Matthew J. Schiltz is president and CEO of DocuSign (www.docusign.com), a Web-based electronic signature service provider.
Copyright 2007 The Warren Group