Secure Signatures In Armstrong Break Unsafe Signing Habits

In the May issue, our story "Stealing your signature is easy" opened a lot of eyes and garnered a ton of feedback. Many readers told us they were surprised to learn that PDFs can be easily hacked, and that their data and signature can be lifted or altered easily. And many commented that they'd never considered the notion that a "digital signature" is really nothing more than a picture with no intelligence and no way of being verified. So the idea of focusing on identity and data authentication in our upcoming version of WinTOTAL, codenamed Armstrong, rather than focusing on the PDF of the report itself, seemed to hit a nerve. This article may hit another as we look at some unsafe signing habits many appraisers will need to kick in order to have truly secured documents.

Before we get to unsafe habits, it's germane to repeat some of what was in the May article about the specifics of secure signing in Armstrong. (pq)

The way most appraisers think of "digital signatures" today is really a holdover from the 90's, before the Uniform Electronic Transactions Act (UETA) of 1999 and before true e-signatures and industry standard identity authentication. The "digital signatures" used in formfillers today are simply pictures displayed on screen and printed on your PDF. It's time our industry catches up.

Armstrong uses our SureDocs technology to handle secure signatures and report escrowing. SureDocs, our mortgage product (used by major lenders like Flagstar), has already applied millions of legally binding e-signatures to documents worldwide. Visit to see how it works. But exactly how is SureDocs going to work for appraisers in Armstrong?

First, an important change in Armstrong is the introduction of a username and password to log into WinTOTAL, which is a prudent security improvement. This login will be tied to your existing a la mode Login (think of it like a "passport"), which you already use to access to the Vault, InterFlood, your XSite, etc. So by tying WinTOTAL on your desktop to all your online products, one identity is used for everything.

Second, Armstrong will walk you through a one-time Equifax question-and-answer session to prove you're actually you by pulling in real time data from your credit report and other online databases. (It isn't recorded as a "credit check" and is a common identity verification method.) Once you pass the challenges, SureDocs grants a digital key verifying you've been authenticated, and this too is tied to your a la mode Login (one will be created on-the-fly if needed). You'll then be able to apply authenticated signatures in Armstrong.

When you actually sign a report in Armstrong, SureDocs generates a serial number and digital fingerprint of all the data in the report. As you can see from the screenshot above, when a report is signed with SureDocs the image of your signature also shows the serial number. Each time you sign, a new, unique serial number and digital fingerprint of the report is generated and when you deliver the appraisal, you'll have the option to automatically escrow the PDF on our SureDocs servers.

WinTotal Signature

The authenticity of the signature and report data can now be verified at any time via our website if someone types in the serial number and the signer's name. If someone steals your signature and makes up a fake number, it will be immediately evident. It's also important to note that when you sign with SureDocs, an essential notice - like a short addendum - is added to your report, telling the reader that the report is matched to the serial number and can be verified against the appraisal online.

Incorporating all these security measures into Armstrong prevents identity theft once a file leaves your control, but perhaps the greatest security risks exist while a file is still in your possession. There are two unsafe signing habits that many appraisers will need to seriously think about addressing.

Appraisers let supervisors or office managers apply their signatures for them daily out of convenience. If you're out of the office and a client needs a report change, it's common for an office manager to "unsign" the report, make the change and then reapply your signature. Someone other than you had access to your signature and they used it. This spells security breach.

Consider the scenario where a trainee completes a report, signs it and sends it to the supervisor who then needs to make a change. The supervisor removes the trainee's signature in the formfiller, changes the report and re-applies both their own signature and the trainee's.

Do either of these scenarios ring any alarms? An appraiser signing a report for another appraiser is a security risk. It's not a matter of trust. It's a matter of retaining sole personal control of your signature identity. At the risk of igniting a USPAP debate, read USPAP FAQ 157 on Signature Authorization and decide for yourself. With SureDocs, your secure credentials are needed to do the actual signing, and you alone should retain control of them.

It's interesting to consider the large scale effect SureDocs can have. Over the next few years, the vast majority of our customers will transition to WinTOTAL Armstrong (either the Standard or Enterprise versions). And with half of all appraisers using WinTOTAL, the prevalence of serialized, authenticated signatures and reports will be overwhelming. By virtue of sheer market share, lenders and AMCs will view SureDocs signed reports as the norm, and would-be fraudsters might not be as quick to risk attempting appraisal signature and data theft. We can all agree that would be a very welcome change indeed.