Reply
 
Thread Tools Display Modes
  #1  
Old 09-22-2017, 04:03 AM
MaverocK MaverocK is offline
Guest
 
Join Date: Dec 2013
Posts: 131
What is the right and appropriate to sign a document or form?

I often receive documents that has to be filled and signed. These PDF files can be edited via Adobe Acrobat. But I do the filling and signing in the old-fashioned way (I sound as if there is a modern way BTW): first I fill in where I can by typing in the PDF file, then I print the document and then I sign it. I can add a signature in the PDF file by choosing a picture (a scan) of my hand-written signature but I don't want to do it because one of the organizations in the past rejected it and they asked me to print it out and then sign it and then scan it and then send it. Since then I never put my signature in the PDF file via computer.

But I often feel bad and anxious about sending and receiving this type of forms and documents because I am not sure what they prefer and they are never explicit about what they want. This is very frustrating.

What is the right way to do? Should I keep doing this print-out-sign-and-then-scan routine because it guarantees no one complains?
  #2  
Old 09-22-2017, 04:52 AM
Aspidistra Aspidistra is offline
Member
 
Join Date: Feb 2001
Location: Melbourne, Australia
Posts: 4,352
Signatures are about 90% security theatre. Scanned signatures are 100% security theatre, and not worth the electrons it takes to send them. My frequent practice, when required to email a scanned signed form is to photoshop the scanned copy I have on my computer onto it because I find it easier than elbowing my family off the Computer That Scans, finding paper, making sure there's toner, and so on. There is absolutely no way that they can tell the difference.

Any application in which the signature is not security theatre will either:

- Tell you to mail them the original, or
- Make you sign in front of a witness. Or both.

Which is not to say that you're all free and clear to scam organisations that you've sent scanned forms to, by maintaining that you didn't sign them/agree to whatever is in them. Mostly they have pretty good evidence that you agreed to whatever's in the form because you send the forms back from your own email address. But you might as well sign with a big X for all the difference that an actual signature makes.
  #3  
Old 09-22-2017, 04:57 AM
bob++ bob++ is online now
Guest
 
Join Date: Jan 2013
Location: Worcestershire UK
Posts: 5,527
I just sent a 'signed' PDF off relating to a holiday booking. I suppose that adding a scanned signature is a more positive act than ticking a box; we all tick that one that says "I have read and understood.... etc" without a second thought. Maybe it's time someone came up with something better.
  #4  
Old 09-22-2017, 07:32 AM
FinsToTheLeft FinsToTheLeft is offline
Member
 
Join Date: Nov 2010
Location: Toronto, Ontario
Posts: 312
I once received a PDF form for signature. I signed it electronically and returned it via email. Their response: we don't accept electronically signed documents, I had to fax it to them!. I forwarded the PDF to my eFax service and all was good.

I sign virtually everything electronically these days either with Adobe or DocuSign. No reason to get anxious over them being arbitrary
  #5  
Old 09-22-2017, 07:42 AM
kayaker kayaker is offline
Member
 
Join Date: Jul 2009
Location: Western Pennsylvania
Posts: 27,112
Quote:
Originally Posted by Aspidistra View Post
Signatures are about 90% security theatre.
My gf frequently forgets her reading glasses, so I wind up signing for her credit card purchases. Although I'm not a forger by trade, I do a reasonable facsimile of her sig. There's never been a problem.
  #6  
Old 09-22-2017, 08:48 AM
shunpiker shunpiker is offline
Member
 
Join Date: Jun 2006
Location: Central North Carolina
Posts: 1,344
I'm not sure about right/appropriate, but i often use a .png image of my actual signature, inserted as a picture. It's blue ink on a transparent background... looks real enough.
  #7  
Old 09-22-2017, 08:53 AM
md2000 md2000 is offline
Guest
 
Join Date: Feb 2009
Posts: 13,240
Quote:
Originally Posted by FinsToTheLeft View Post
I once received a PDF form for signature. I signed it electronically and returned it via email. Their response: we don't accept electronically signed documents, I had to fax it to them!. I forwarded the PDF to my eFax service and all was good.

I sign virtually everything electronically these days either with Adobe or DocuSign. No reason to get anxious over them being arbitrary
I think there was a similar Dilbert cartoon. "We don't accept photocopies, only the originals. If you are in a hurry, you can fax them to us instead."
  #8  
Old 09-22-2017, 04:57 PM
Chronos Chronos is online now
Charter Member
Moderator
 
Join Date: Jan 2000
Location: The Land of Cleves
Posts: 73,152
The purpose of a signature isn't to prove that you're really you (there are electronic means of doing that which are much more reliable). The purpose of a signature is to make sure that the person signing it understands that what's in the document is Serious Business.

Quote:
My frequent practice, when required to email a scanned signed form is to photoshop the scanned copy I have on my computer onto it because I find it easier than elbowing my family off the Computer That Scans, finding paper, making sure there's toner, and so on.
I once spent about an hour in Gimp figuring out how to get the scan of my signature just right, for including in electronic forms... before discovering that Preview (the Mac application used for viewing PDFs) could do a better job of it, in about ten seconds.
  #9  
Old 09-22-2017, 05:02 PM
Blakeyrat Blakeyrat is offline
Guest
 
Join Date: Feb 2010
Posts: 1,249
Quote:
Originally Posted by FinsToTheLeft View Post
I sign virtually everything electronically these days either with Adobe or DocuSign. No reason to get anxious over them being arbitrary
DocuSign is really good about this, but I'm sure signatures are still basically security theater when signed with nobody watching you do it. Even DocuSign lets you copy-and-paste an old signature instead of going through the motions each time.
  #10  
Old 09-22-2017, 09:17 PM
FinsToTheLeft FinsToTheLeft is offline
Member
 
Join Date: Nov 2010
Location: Toronto, Ontario
Posts: 312
Quote:
Originally Posted by Blakeyrat View Post
DocuSign is really good about this, but I'm sure signatures are still basically security theater when signed with nobody watching you do it. Even DocuSign lets you copy-and-paste an old signature instead of going through the motions each time.
On PDFs I use my scanned signature. DocuSign, I don't even bother with the charade. The upside is that you can actually read my name 😁
  #11  
Old 09-23-2017, 07:06 AM
Tired and Cranky Tired and Cranky is offline
Guest
 
Join Date: Dec 2014
Posts: 679
The U.S. has adopted the Electronic Signatures in Global and National Commerce Act (ESIGN) Act which basically says that if the two parties agree to enter a contract electronically, they can. Under the Act, any "electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record" counts as a signature. So if you copied your signature onto a PDF with the intent to sign the document, it counts.

https://en.m.wikipedia.org/wiki/Elec...l_Commerce_Act

The electronic signature just proves intent to enter a contract. Proving it was you who signed the contract is a different matter but that's true anytime people enter a contract. Different companies have different ways of establishing who entered a contract. For example, a company may feel fine accepting a contract from me if they know an email is mine (like my work email), and they email me a link to a secure website for uploading the document. Another company might ask questions that presumably only I would know, like confirming addresses I've lived at and my mother's middle name. Another might think a scan of my driver's license is good enough.

To enforce the contract, the company just needs to prove by the preponderance of the evidence that it was you who entered the contract. In most cases, there are no disputes about contracts. In the minority of cases where there is a dispute about the contract, both parties usually agree that they had a contract but they disagree about what it required the parties to do. Only in a tiny minority of cases does one party say they didn't have a contract at all. In that case, the company trying to enforce the contract will use the evidence above to prove it was you who agreed to the contract.
  #12  
Old 09-23-2017, 07:11 AM
Bullitt Bullitt is online now
Member
 
Join Date: Apr 2012
Location: SF Giants Nation 10-12-14
Posts: 21,713
Quote:
Originally Posted by MaverocK View Post
What is the right way to do? Should I keep doing this print-out-sign-and-then-scan routine because it guarantees no one complains?
Comment here, not a complaint: if there is one universal truth about humans, it's that no matter what you do, nothing guarantees that no one complains.
  #13  
Old 09-23-2017, 07:44 AM
bob++ bob++ is online now
Guest
 
Join Date: Jan 2013
Location: Worcestershire UK
Posts: 5,527
Quote:
Originally Posted by Tired and Cranky View Post
For example, a company may feel fine accepting a contract from me if they know an email is mine (like my work email), and they email me a link to a secure website for uploading the document. Another company might ask questions that presumably only I would know, like confirming addresses I've lived at and my mother's middle name. Another might think a scan of my driver's license is good enough.
In the UK, drivers licences have become defacto ID's. There is no way I would send a scan of mine to anyone. Same for my passport.

The most common authentication method I see is where they send an email with a link that I have to click.
  #14  
Old 09-23-2017, 08:06 AM
Bear_Nenno Bear_Nenno is online now
Charter Member
 
Join Date: Jun 2000
Location: Nangarhar Province
Posts: 8,035
Quote:
Originally Posted by Aspidistra View Post
Signatures are about 90% security theatre. Scanned signatures are 100% security theatre, and not worth the electrons it takes to send them. My frequent practice, when required to email a scanned signed form is to photoshop the scanned copy I have on my computer onto it because I find it easier than elbowing my family off the Computer That Scans, finding paper, making sure there's toner, and so on. There is absolutely no way that they can tell the difference.

Any application in which the signature is not security theatre will either:

- Tell you to mail them the original, or
- Make you sign in front of a witness. Or both.

Which is not to say that you're all free and clear to scam organisations that you've sent scanned forms to, by maintaining that you didn't sign them/agree to whatever is in them. Mostly they have pretty good evidence that you agreed to whatever's in the form because you send the forms back from your own email address. But you might as well sign with a big X for all the difference that an actual signature makes.
You left out digital signatures using PKI Securoty certificates. I sign documents with a chip-enabled ID card. PDF documents signed this way cannot be editted later. If they are not original files (like someone trying to print the document, then scan, then use that pdf) the signatures will not have tje green authentication check mark. The receiver will know the document doea not have an original electronic signature. These forms can be copied and emailed as many times as needed. As long as the form is not altered, the signature Adobe recognies the signature as valid.
There is no copy/pasting with this system. And in order to sign, the signer needs to have the smart card and the PIN. Two-level authentication... Something you hae and something you know.
By far the best and most reliable form of signing a document.
__________________
These statements are my own. Views and opinions expressed are not endorsed by the U.S. Army or Department of Defense and in no way constitute an official stance of any military or government organization.
  #15  
Old 09-23-2017, 08:42 AM
Chronos Chronos is online now
Charter Member
Moderator
 
Join Date: Jan 2000
Location: The Land of Cleves
Posts: 73,152
What happens if someone edits in an image of a green checkmark?
  #16  
Old 09-23-2017, 09:27 AM
Aspidistra Aspidistra is offline
Member
 
Join Date: Feb 2001
Location: Melbourne, Australia
Posts: 4,352
Quote:
Originally Posted by Bear_Nenno View Post
You left out digital signatures using PKI Securoty certificates. I sign documents with a chip-enabled ID card. PDF documents signed this way cannot be editted later. If they are not original files (like someone trying to print the document, then scan, then use that pdf) the signatures will not have tje green authentication check mark. The receiver will know the document doea not have an original electronic signature. These forms can be copied and emailed as many times as needed. As long as the form is not altered, the signature Adobe recognies the signature as valid.
There is no copy/pasting with this system. And in order to sign, the signer needs to have the smart card and the PIN. Two-level authentication... Something you hae and something you know.
By far the best and most reliable form of signing a document.
The reason why I don't think those sort of digital signatures (ie, "real" digital signatures) are going to catch on is that it's a bunch of work on behalf of the signer, but the person who has an interest in the signature being secure is not the signer, but the receiver.

Unless the receiver is demanding a really secure signature, there's no particular reason for you to put yourself to any bother to provide one. And if the receiver does start to demand this sort of signature, then they just get pushback from the general public - 'why are you making us go to all this trouble? Why are signatures suddenly not good enough for you?' (answer: because Photoshop. But a lot of people will take a fair amount of convincing on that front)

For most situations, "this agreement to XYZ came from the email of Joe Blow" is pretty good evidence that Joe Blow agreed to XYZ - much better than the scanned emailed signature that people frequently request - and organisations who have a real interest in ensuring the validity of signatures (eg, lawyers) seem to be quite happy with their current protocols for validation (stick it in the post). Real electonic signatures are pretty niche.
  #17  
Old 09-23-2017, 11:56 AM
Bear_Nenno Bear_Nenno is online now
Charter Member
 
Join Date: Jun 2000
Location: Nangarhar Province
Posts: 8,035
Quote:
Originally Posted by Chronos View Post
What happens if someone edits in an image of a green checkmark?
The green check is part of Adobe itself, and not the document. If that makes sense? Its produced by the application, not merely an age on the document. The digital signature is clickable. Adobe will tell you if it is trusted and/or valid. Think of the check as an icon with the Adobe program, not merely clipart on the document.
__________________
These statements are my own. Views and opinions expressed are not endorsed by the U.S. Army or Department of Defense and in no way constitute an official stance of any military or government organization.
  #18  
Old 09-23-2017, 12:00 PM
Bear_Nenno Bear_Nenno is online now
Charter Member
 
Join Date: Jun 2000
Location: Nangarhar Province
Posts: 8,035
... with that said, understand yhat the digitally signed document is only infallable in its digital form. A paper copy of tue signed document could indeed be a forgery. This isn't an issue for documents that mostly stay in the cloud or get shared and processed theough various digital means.
__________________
These statements are my own. Views and opinions expressed are not endorsed by the U.S. Army or Department of Defense and in no way constitute an official stance of any military or government organization.

Last edited by Bear_Nenno; 09-23-2017 at 12:00 PM.
  #19  
Old 09-23-2017, 12:06 PM
Bear_Nenno Bear_Nenno is online now
Charter Member
 
Join Date: Jun 2000
Location: Nangarhar Province
Posts: 8,035
Quote:
Originally Posted by Aspidistra View Post
The reason why I don't think those sort of digital signatures (ie, "real" digital signatures) are going to catch on is that it's a bunch of work on behalf of the signer, but the person who has an interest in the signature being secure is not the signer, but the receiver.

Unless the receiver is demanding a really secure signature, there's no particular reason for you to put yourself to any bother to provide one. And if the receiver does start to demand this sort of signature, then they just get pushback from the general public - 'why are you making us go to all this trouble? Why are signatures suddenly not good enough for you?' (answer: because Photoshop. But a lot of people will take a fair amount of convincing on that front)

For most situations, "this agreement to XYZ came from the email of Joe Blow" is pretty good evidence that Joe Blow agreed to XYZ - much better than the scanned emailed signature that people frequently request - and organisations who have a real interest in ensuring the validity of signatures (eg, lawyers) seem to be quite happy with their current protocols for validation (stick it in the post). Real electonic signatures are pretty niche.
The process Im describing is what's used across the federal government and military. I agree that it will be a long time, if ever, for it to catch on publicly.
But for a large corporation that needs a lot of internal memos and documents approved with a high degree of certainty the signatures are real and valid, it could make sense for them to adopt such a system.
I also had a Korean bank account that did a similar thing. They issued a Security Certificate on a thumb drive to the customers. Needed to have that certificate installed on any computer I intended to access the account with or sign and documents. Without that certificate and the PIN for it, I couldnt sign a loan application or access my accoubt, etc.
__________________
These statements are my own. Views and opinions expressed are not endorsed by the U.S. Army or Department of Defense and in no way constitute an official stance of any military or government organization.

Last edited by Bear_Nenno; 09-23-2017 at 12:07 PM.
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 06:35 PM.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2017, vBulletin Solutions, Inc.

Send questions for Cecil Adams to: cecil@chicagoreader.com

Send comments about this website to: webmaster@straightdope.com

Terms of Use / Privacy Policy

Advertise on the Straight Dope!
(Your direct line to thousands of the smartest, hippest people on the planet, plus a few total dipsticks.)

Publishers - interested in subscribing to the Straight Dope?
Write to: sdsubscriptions@chicagoreader.com.

Copyright 2017 Sun-Times Media, LLC.

 
Copyright © 2017