RateWatch #311 - E-signatures
July 6, 2002
By Dick Lepre

What's Happening

We have been cautioning that the wonderful bullish dip in Treasury rates and mortgages was about to come to and end. Last week the future hit its 105 objective, which means that the StoMaster forecast was right on and that Treasury prices, as driven by technicals, have peaked. We will see rates rise for the rest of the year. Extension of this window will come from any further ugliness such as the WorldCom thing or a serious terrorist attack.

Anyone who is of the mind that rates are going to continue to fall is in for a long summer.  If you are contemplating refinancing act now.

E-signatures

One scene from the saga of the 2000 Presidential election was the Florida Secretary of State and two other people signing the certification for the votes for Florida.  For 3-4 minutes the only sound was the scritch, scritch, scritch of pens fixing signatures to papers.  That act of fixing cursive patterns of ink to paper was important.  Signatures are important.

Recently the Electronic Signatures in Global and National Commerce (E-Sign or ESIGN) Act went into effect.  On the surface, the law is intended to give electronic signatures the same standing as "wet signatures" on paper.

I believe that this law should be regarded as a first step in the direction of things such as "paperless" mortgages. We are a long way off. 

A Brief History of Signatures

An understanding of what signatures (electronic or otherwise) are all about should involve a look into the history of  signatures.  Let's take a look at the Bible.  Dan 6:17 "Then a stone was brought and laid on the mouth of the den, and the king sealed it with his own signet ring and with the signets of his lords, that the purpose concerning Daniel might not be changed."

In ancient Mesopotamia around 3500 BC the cylinder seal was first used. At Uruk which is modern Warka, Iraq two small square tablets of gypsum plaster were uncovered that contained impressions of cylinder seals. A package or jar was sealed with soft, wet clay and the seal was rolled over it.

These folks were also instrumental in the development both of writing which had as perhaps its main purpose - accounting and of banking.  In a real sense, the development of culture is tied intimately to commerce and banking.  Banking originated in Babylonia surrounding the activities of temples and palaces which provided safe places for the storage of valuables. Grain, cattle, agricultural implements, and precious metals were all accepted. Accounting systems were put in place using seals (signatures) to provide assurance of identity of the owner.

Just before the birth of Christianity the Greeks and Romans used signet rings carved with the portraits of the owners for the purpose of sealing documents.

Use of signatures was recorded in the Talmud.  This included data integrity procedures to prevent the alteration of signed documents. The Talmud even describes use of a form of "signature card" by witnesses - these folks were notarizing their signatures! The practice of authenticating documents by affixing handwritten signatures began to be used within the Roman Empire in the year 439 AD. The subscripto - a short handwritten sentence at the end of a document stating that the signer "subscribed" to the document - was first used for authenticating wills. The practice of affixing signatures to documents spread rapidly from this initial usage, and the form of signatures (a hand-written representation of one's own name) remained essentially unchanged for over 1,400 years. It is from this Roman usage of signatures that the practice obtained its status in Western legal tradition.

In the sixth century the quill pen appeared in Spain.  I guess that Europeans were preoccupied by trivia such as the Crusades, the Renaissance, the Plague and the exploration of America because the next significant change occurred in 1677 when the English codified the requirement for signatures with the adoption of "An Act for Prevention of Frauds and Perjuries."  In the U.S. this is codified in Article 2 Section 201 of the Uniform Commercial Code. This states that a contract of $500 or more is not enforceable unless signed.  Legal opinions have extended this for the cases of telegrams, faxes, and clicks on those boxes that software firms place on their products.

Getting Digital

Next came public key/private key encryption.  In 1977, three scientists at the Massachusetts Institute of Technology developed a mathematical algorithm for the generation of pairs of numerical "keys". These keys were capable not only of securing electronic data transmissions, but could also positively authenticate where that data came from.

Using these, the signer creates a digest of the message, the message is "hashed" with the signer's private key and the signature algorithm to calculate a 128 bit output signature value that is appended to the message.  The recipient, having obtained the signed message, uses the same hash function as the sender to generate a message digest of the received message. If the message has not been changed since the signer applied the signature, the signer's and the verifier's hash calculation will result in the same message digest.  The recipient obtains the senders public key and inputs it, the message digest and the signature value into the signature algorithm and can verify 1) that the sender sent it and  2) that the content was unaltered.

The added value here is that this assures not just the signature but the content integrity as well.

Why Signatures?

Signatures, whether handwritten or digital, have three functions: -
- assurance of identity
- non-repudiation
- integrity of content. 

Assurance of Identity

If you give someone a check for $5,000 and he is not known at your bank and the teller will, in addition to assuring the identity of the payee, check your signature card to see that it matches the signature on the check. Clerks are also supposed to do this with credit card transactions. It is the clerk's responsibility to assure that the credit card bears a signature that can duplicated by the purchaser. 

Non-repudiation

Most transactions that involve a signature involve multiple parties.  In the case of a credit card I may be buying stuff from a store but parties other than myself and the store are likely involved.  XYZ Bank may have issued the card. They need to be protected against any false denial of participation on my part.  My signature on the credit card receipt is a good starting place.

I think that this is an area where electronic signatures have their inherent weakness and work needs to be done.  If I wind up in court and someone has what purports to be my wet signature on a document I can't really say "Well, it looks like it was written with my Mt. Blanc pen but I didn't do it".  Pens don't get up (except in cartoons) and write signatures, people do.  The electronic signature has a problem here.  I do not really sign the e-document, my computer does.  The integrity of electronic signatures makes the presumption that they are almost "hack proof". I think that there is a problem here.  Whereas experts can look as a handwritten signature and say, "that's not Mr. Lepre's signature but it looks like a forgery thereof" a similar statement may not exist for "forged" e-signatures. They are indistinguishable from the real ones.

Integrity of Content

Traditional ink signatures provide a low measure of integrity of content.  The use of indelible ink or tamper-proof check  paper may be concomitant thereto but this is the area in which electronic signatures can shine.  The digital signature can be a function of the entire content of the message or legal document and assure the character-by-character integrity of the document.

Let me give an example of something that I was involved in that may be the perfect case for e-signatures and recordkeeping.  We were negotiating a contract.  It was exchanged back and forth as a Word document.  We made changes. They made changes.  Eventually we had an agreement.  We signed the last page of the contract and sent it to them, they signed the last page of the contract and sent it to us.  We signed theirs, they signed ours.  Two months later we mutually chose to renegotiate a clause of the contract and found that "our" copy of the contract did not agree with "their" copy of the contract.  The culprits could be called haste or stupidity but I'd rather not think that I was the only person who had ever done this.  With many contracts, one only signs the last page. The solution of an electronically locked document with attached electronic signatures is infinitely more elegant.  Electronic recordkeeping and guaranteed integrity of content
goes hand-in-hand with e-signatures.

Getting Back to the ESIGN Law

The ESIGN law became effective on October 1, 2000.   Some states had e-signature laws but the Feds decided that it was time for a federal law to bring things into line.  There are two aspects to the law.  One is the e-signature aspect and the other is the records aspect.

This law was passed in an environment where several states already had e-signature laws.  One of the decisions of  lawmakers was to make this law "technologically neutral". Thus, it did not specify which technology was to be used. The upside of this is that new technologies can be developed. The downside is that it gives those directed to accept e-signatures no guidance as to what is legally acceptable. In plain English, if I accept your e-signature on a document and I need to take you to court it is incumbent of me to prove in court that you issued the electronic signature. Since this is new turf it creates the problem for me as to what technology will stand up in court.

What the Law Actually Does

As a consumer the main thing to know about ESIGN, at this time, is that it is voluntary.  Consumers must opt in if they are going to be bound by e-contracts.  In addition, consumers must demonstrate that they have the ability to access electronic records. Presumably, the consumer will be sent an attached document by e-mail and must constructively demonstrate his ability to open the attachment and reply to it by e-mail.  There must be a two-way communication of substance to demonstrate this.

Some Big Problems

A gigantic problem with e-signature is that the technology is changing so quickly.  This is what I would call the "8 track tape syndrome."  Let me just ask some questions here.  Will any storage medium that I have here at my desk: 3 1/2 inch disks, CD's, zip disks etc. be recognizable 20 years from now?  I have 5 1/4 inch disks from my first Apple II but I no longer have the computer.  Do any of these magnetic media have permanence?  Magnetic media deteriorate. Their lifetime depends largely on storage conditions but is likely between 1 and 100 years.  Data standards and operating system obsolescence are in play here. 

Perhaps e-signatures will only be used for transactions that have limited lifetimes.  I don't need my checks after the IRS states I no longer need my records and the bank does not need your signed note and deed of trust after the lifetime of the loan.

Another problem that can exist with e-signatures is the loss of an individual's private key.  This might be the equivalent of losing one's writing hand or the thumb that recorded one's biometric signature - thumbprint.

So What's This Got to Do With the Loan Business?

There have been mortgage loans originated entirely with electronic signatures.  This has been done largely as a demonstration project just to show that it can happen.

Many problems have to be worked out both with the law itself and the technology to make electronic signatures and paperless loans commonplace in the mortgage business.

We presently use appraisals with e-signatures and an additional statement from the appraiser in the appraisal report attesting that it has an electronic signature.  A clear value here is the lower cost of delivering the report and the significant reduction in the time (from days to seconds) which the report is "in the mail".

The Limits

At present e-signatures have limited value because of:

1) lack of standards
2) the opt-in nature of the law
3) technical questions about the lifetimes of the storage media and the need to preserve what will become the outdated technologies associated with today's media.

To receive this free RateWatch newsletter each week by e-mail, click here.
To view the archive of RateWatch newsletters, click here.