Q: How do I verify that a specific employee is signing a document electronically?
A: There are various methods of verifying electronic signatures. If you have the technology, you can use special software designed for that purpose, for example, a “smart card” that looks much like an ATM card can be swiped on a reader attached to a PC to ensure authenticity of the signature. Because it is usually protected by a password, security is easier to maintain. Another method is called “PKI”, or public key infrastructure. This is a digital system that allows individuals to sign a document using a series of numbers or keys. The party receiving the signed document will be able to unlock the numbers or key with a “public key” to verify the validity of the signature. As with the “smart card”, this method also requires special, sometimes expensive, software. A simpler, less expensive way is to assign each person in a company a “signature” made up of numbers or letters (sometimes the last four digits of the employee’s social security number). Then, by having your organization’s IT department encrypt it (the letters/numbers would appear as XXXX), the individual receiving or reviewing the document would have the public key to unlock the code and would be able to verify signatures.