In conversation with Lawyers Weekly, Lara Paholski (pictured), who is the chief executive of thelawstore.com.au (which owns Livesign), said we’re at a stage where verification of identity (VOI) has generally been separated from the signing process, and no longer fulfils its original purpose — “which is to categorically know who the signer of the document really is”.

“It’s important to define what verification of identity is and isn’t,” she detailed. 

Firstly, Ms Paholski advised, VOI isn’t KYC (know your client/customer) or AML (anti-money laundering), which is often, she said, “a point of confusion in the industry”.

“VOI is a separate concept created by the Australian Registrars’ National Electronic Conveyancing Council to ensure that we verify the identity of the person who signs the property dealing. Verification of identity is better described as verification of signer,” she said.

“KYC and AML ensure that ‘Mary Smith’ the consumer is a real person. VOI, or VOS, ensures that Mary Smith actually signed the document that bought, sold or mortgaged her house.”

This can only be achieved, Ms Paholski said, if someone conducts a VOI at the precise point that they witness the execution of a document.

“Unfortunately, in the shift to digital, lawmakers have somewhat struggled with how witnessing can happen in a world of e-signing, and this important fraud safeguard has disappeared,” she said.

VIEW ALL

At this critical juncture, Ms Paholski posited, one big danger for practitioners and lenders alike is that they will be lulled into a false sense of security about the achievement of “safe harbour”, by simply conducting a face-to-face VOI process.

“But if that VOI process is separate in time from the signing process, then we don’t really know who has signed the document,” she warned.

“We are starting to see court judgements that make it clear that even where ‘safe harbour’ is achieved, the purported signature has been voided. The document is worthless.”

Another big issue, Ms Paholski continued, is that lenders and practitioners are being asked to keep copies of identity documents they have sighted during the VOI process.

“As we have seen with the Optus, Medibank and Latitude compromises, this is a ticking time bomb,” Ms Paholski proclaimed.

“The industry absolutely shouldn’t be forced to store their customers’ sensitive data, as they risk being sued by their own customers if their identity data is compromised — again, as we have seen with the recent class action launched against Optus.”

What can be done

In the face of such dangers, Ms Paholski outlined two headline practical challenges to be navigated.

Firstly, she said, how does one verify the identity behind a signature in a digital world? “Obviously,” she noted, “they can revert to face-to-face, in-person execution of key documents, but consumers now expect the convenience of digital signing”.

Secondly, how can one retain evidence of the steps they have taken to VOI the signer, without unnecessarily putting themselves and their customers at risk of an identity leak?

In response, Ms Paholski went on, practitioners can solve the verification-of-signer challenge by using a system that combines digital signing and digital identification into a single simultaneous solution, or they can simply revert to a face-to-face, in-person VOI at the precise point of document execution.

“Privacy concerns can be addressed by ensuring that they keep good records of the steps they have taken to VOI a signer, and redacting sensitive information where they are keeping photocopies of identity documents,” she suggested.

Moving forward

Further to this and when asked if any opportunities currently exist for practitioners pertaining to the presence of such dangers, Ms Paholski reflected that practitioners are “rightly risk-averse, and conservative by nature”.

As such, she mused, the ones that are aware of the timing gap between VOI and signing will revert to a paper process to minimise risk.

“However, customers who are signing aren’t necessarily as concerned to the same extent about the risk and will expect the convenience of e-signing,” she said.

“The opportunity for practitioners is to provide a customer signing solution that works for both parties.”

On the other hand, Ms Paholski added, practitioners also want the convenience of digital identification, but consumers don’t want to be handing over copies of their identity documents to be stored electronically or physically.

“The opportunity exists for a practitioner that can provide a VOI solution that gives their customer both convenience and safety,” she said.

Livesign, Ms Paholski concluded, is working through such matters to support practitioners by being in continual dialogue with ARNECC to address both the timing gap as well as remove any confusion about what evidence needs to be retained from a privacy perspective.

In the meantime, she said, “Livesign closes this timing gap to make it absolutely certain who signed the document, and we automatically redact any sensitive information when storing any identity evidence”.

“We believe we are the only organisation that is delivering biometric signing to the property industry, and provides an identity process that best aligns with Australian privacy principles,” she submitted.