Sameer Hajarnis, the Senior VP and GM of Digital Agreements at OneSpan, discussed the company’s core services in a recent SafetyDetectives interview. OneSpan specializes in electronic signatures, secure video collaboration, identity verification, and digital storage for various industries. Their solutions, including OneSpan Sign and OneSpan Notary, offer flexibility and security for remote signing and notarization. The interview also touched on biometrics in e-signature security, the trade-offs between visible and invisible security measures, the role of encryption in compliance, and striking a balance between user experience and robust security. OneSpan prioritizes user-friendly yet secure methods, combining biometrics and multi-factor authentication to ensure both integrity and convenience.
Hi Sameer, thank you for your time today. Can you tell me about your journey and your current role at OneSpan?
Thank you for having me! I currently serve as the Senior Vice President and General Manager of Digital Agreements at OneSpan, a leading secure e-signature company. In my current role, I am responsible for overseeing and leading the company’s digital agreement-related initiatives and operations. I help steer OneSpan’s growth trajectory while ensuring that our e-signature solutions not only meet market demands but also adhere to our growth plans.
Throughout my eight years at OneSpan, I’ve had the opportunity to hold various roles within the organization. These positions have included Vice President of Client Services, Vice President of eSignature Sales, Vice President of Growth and Transformation, and more. While the titles differed, the underlying mission remained consistent – to provide our customers with seamless and secure digital transaction experiences. These roles have collectively paved the way for my current position, where I blend leadership skills, technical expertise, and my deep understanding of the digital agreement landscape to further expand the business.
My career in the enterprise software and SaaS sector spans over two decades, encompassing a wide array of departments, including sales, strategic alliances, and customer success. Prior to joining OneSpan, I served as the Vice President of Professional Services at OpenText Analytics and held the position of Manager of Professional Services at Actuate. Throughout my journey, my focus has consistently revolved around enhancing the overall product and customer service experience. Now, at OneSpan, I couple those focuses with a deep commitment to driving innovation in the digital agreements sector. I can’t wait to see what the industry looks like a decade from now.
What are OneSpan’s flagship services?
At OneSpan, we specialize in electronic signatures, high assurance video collaboration, identity verification, authentication, and immutable digital storage that create exceptional and secure experiences. Our solutions enable trust that ensures the integrity of the people and artifacts associated with digital agreements and transactions across all industries such as banking, financial services, healthcare, and more. Our services include:
- OneSpan Sign: OneSpan Sign provides the most flexible and scalable solution to support all signing and agreement automation needs – while improving customer experience (CX). It enables secure and legal signing of documents remotely across a variety of industries, including banking, financial services, insurance, healthcare, and more. Whether a customer uses our web application or integrates our solution into their core business applications, OneSpan Sign makes it easy for signers, senders, and/or developers.
- OneSpan Notary: OneSpan Notary is a next-generation, all-in-one, cloud-connected solution that enables organizations to transform the way notaries and customers complete agreements and notarize documents in a secure and trusted environment. Unlike other industry solutions, OneSpan Notary was co-designed in collaboration with commissioned notaries across industries to ensure security and help achieve compliance with a streamlined user experience. This innovative solution provides a new level of flexibility, making it refreshingly easy for notaries and signers to transition from a cumbersome paper process to complete and trusted notarization in the cloud.
- Authentication: OneSpan provides a wide range of strong, frictionless identity verification solutions and invisible security capabilities to help companies achieve their critical business goals. Our specific offerings include Intelligent Adaptive Authentication, which provides multi‑factor authentication and mobile app security.
Can you discuss the role of biometrics in enhancing the security and reliability of e-signatures?
Biometrics plays a crucial role in enhancing the security and integrity of e-signatures by adding an extra layer of identity verification to authenticate identities and/or documents in the digital world. In fact, biometric authentication is considered one of the strongest forms of authentication. Examples of biometric identifiers include fingerprints, facial patterns, voice, and more.
Unlike traditional verification methods like passwords or PINs, which can be easily compromised or forgotten, biometric data is difficult to replicate or steal. This makes it highly secure to confirm the identity of the signer. Further, the use of biometrics can significantly reduce the risk of fraud in e-signatures. For instance, if a document requires a facial recognition scan to confirm the identity of the signer, it becomes much more challenging for a threat actor to carry out fraudulent transactions.
Can you talk about the trade-offs, if any, between invisible security and more traditional, visible security measures?
There are a handful of trade-offs between behind-the-scenes security measures and user-facing security measures in e-signatures. These trade-offs typically center around the user experience, trust, and the level of protection provided.
For example, invisible security measures, such as behavioral biometrics, are less intrusive for users and easier to use. This mechanism focuses on gestures, mouse movements, and typing speed of the user and measures and compares it against the profile of the user. This often requires minimal or no additional effort, such as inputting passwords or pins, and this results in a smoother and quicker signing process for users. On the contrary, some users may be unaware of the invisible security measures in place, leading to potential concerns about data privacy. Communication with customers is key here.
On the other hand, traditional, visible security measures such as multi-factor authentication (MFA) or standard security questions can enhance user trust by providing transparency and a sense of control over security. The trade-off is that these measures can be perceived as inconvenient and more time-consuming, deterring some users.
Many organizations opt for a hybrid approach, using visible security methods for initial user authentication and invisible methods to maintain security during interactions or transactions. This approach offers security without overly burdening users, striking the right balance between usability and protection.
Can you talk about the role of encryption and data protection in meeting compliance requirements?
Encryption and data protection are essential components in meeting compliance requirements for e-signatures. They help safeguard the confidentiality, integrity, and authenticity of electronic signatures and the documents they are associated with. They can also help facilitate access control – a critical component in ensuring compliance requirements are consistently met.
Encryption ensures that the contents of e-signed documents remain confidential and helps detect any unauthorized changes or tampering attempts. Many compliance regulations, such as GDPR (General Data Protection Regulation) and HIPAA (Health Insurance Portability and Accountability Act), require the protection of sensitive data, and encryption helps prevent unauthorized access to e-signed documents.
Additionally, encryption can be combined with access control mechanisms to ensure that only authorized individuals have access to e-signed documents. This helps protect any sensitive information, ensuring that personal identifying information (PII) isn’t put into the wrong hands.
How do you balance achieving frictionless user experience with the need for robust authentication and security?
Balancing a frictionless user experience with robust authentication and security is a common challenge in many digital applications, including e-signatures. It’s a delicate relationship as overly complex security measures can lead to a negative CX and low product adoption rates – while weak security can reveal vulnerabilities and sensitive information to malicious actors.
OneSpan has cracked the code on how to achieve this balance by implementing both biometric authentication and MFA as an additional layer of security across every transaction. OneSpan understands, however, that these security measures must embrace ease of use for customers, which is why we leverage quick methods such as facial recognition scans.
Customers choose OneSpan because we are the secure e-signature provider. A single cyber attack targeting a customer can not only damage the CX indefinitely, but be detrimental to the entire organization. Effectively conveying the potential impacts to all stakeholders is critical, not only to ensure alignment and the integrity of interaction but also to ensure a seamless user experience.