IDC’s latest forecast makes it clear: The worldwide esignature software market is expected to grow from $2.3 billion in 2020 to $6.4 billion in 2025 at a compound annual growth rate (CAGR) of 22.6%.
Unsurprisingly, the main driver for this growth is the recent pandemic, which forced organizations across the globe to rapidly accelerate their digital transformation and deploy solutions for remote work. The development of legal and technical frameworks, such as eIDAS in the European Union, has played a critical role in expanding the use of electronic signing services.
As experts in high-assurance electronic signatures and digital transformation, Entrust and Sysmosoft have seen an increasing number of requests related to the digitization of customer onboarding, and more specifically account opening processes. The major concern of organizations, especially in the banking sector, is to keep this electronic signature process:
- Integrated within their environment
- Respectful of their customers’ privacy
Data privacy, in the case of electronic signature, is complex to deal with because the strength of an electronic signature is intimately linked to the level of confidence about the signer’s identity, and identity verification processes do require signers to share personally identifiable data. And as of today, there is no standardized process to verify a person’s identity. Some countries are starting to deploy national electronic identity schemes, which are the most reliable way to safely verify someone’s identity with their consent, but these schemes are rarely made available to private organizations.
We often come across esignature scenarios where no national eID can be leveraged, and high-assurance digital signatures from trust service providers (TSPs) and certification authorities (CAs) such as Entrust cannot be implemented. High-assurance, certificate-backed individual signatures typically require the TSP or CA to use their own standardized identity verification process, which can:
- Be redundant with the organization’s own Know-Your-Customer process, which means signers end up going through two identity verifications
- Cause an issue for organizations who cannot share their customers’ details with a third party such as a TSP or a CA
The majority of these scenarios relate to a customer onboarding and account opening process. Upon consultation with legal advisers, most organizations get confirmation that they already have a strong enough KYC process to have an acceptable degree of confidence about the signer’s identity. In this case the type of deployment and implementation we recommend is a hybrid model with Sysmosoft’s on-prem signing solution with a secure and data-privacy aligned audit trail, and a signing workflow backed by trusted seals and timestamps from Entrust that help to ensure the origin, integrity, and non-repudiation of signed documents.
 IDC Worldwide eSignature Software Forecast, 2021–2025 by Steve Charbonnier and Holly Muscolino, December 2021
 These use cases do not constitute legal advice. The suitability, enforceability, or admissibility of electronic signatures will likely depend on many factors such as the country or state where you operate, the country or state where the electronic document will be distributed, as well as the type of electronic document involved. Appropriate legal counsel should be consulted to analyze any potential legal implications and questions related to the use of electronic signatures.