Tips & Tricks: How to Authenticate Users in OneSpan Sign

Dilani Silva,

To keep up with the pace of business, today’s organizations conduct business online with clients and prospects. The online world is a faceless environment and can put organizations at risk when dealing with the unidentified. Although individuals say who they claim to be, how can organizations truly know who they are doing business with at the other end of a transaction?

How to Authenticate Users in OneSpan Sign

  OneSpan Sign offers robust and flexible authentication options to add an extra layer of security when conducting transactions online. After adding your documents and recipients to a transaction, select the ‘Set authentication’ icon in the Recipients area of the page.   Blog image 1   Let me walk you through the several authentication methods we have available in our e-signature solution to help you verify your signer’s identity:   Email Authentication:  Email authentication is the standard security option OneSpan Sign uses to verify your recipient’s identity. The identity of your intended signer is verified using their secure name and password when logging into their email account. The signer simply clicks the link to access the document they need to sign.   Blog image 2 Blog image 3   SMS Authentication:   SMS authentication allows you to verify your signer’s identity by a secure SMS code sent to their mobile phone number. The recipient must enter the SMS code to access the signing ceremony.   Blog image 4   iPhone2   Q&A Authentication (Static KBA):  Q&A Authentication allows you to present challenge questions to your signer. These are commonly referred to as "shared secrets" since you need to formulate questions based on information you already have on file about your customer, such as the last 4 digits of their social security number or an application ID number. If the signer provides the correct answer, they are verified as the correct recipient of the transaction. This authentication method is ideal to use for transactions such as renewing an insurance claim or an electronic fund transfer.   Blog image 6   Dynamic KBA  With Dynamic KBA authentication, questions are compiled from public and private data such as marketing data, credit reports or transaction history. To initiate the process, basic identification factors (name, address, date of birth) must be provided by the consumer and are checked against a 3rd party identity verification service such as Equifax. After their identity is verified, relevant questions are generated in real-time, making it difficult for anyone other than the actual user to answer correctly. Dynamic KBA is ideal for high value transactions such as lending forms, lines of credit and mortgage applications. Dynamic KBA is a fee-based service add-on for OneSpan Sign. To activate Dynamic KBA to your account, please contact us.   With multiple user authentication options, you’ll have peace of mind and no longer need to play a guessing game as to whom you’re transacting with at the other end.   Check out the video tutorial below for a quick overview of the authentication methods available with OneSpan Sign. Download our white paper about user authentication best practices – a guide to choosing the best authentication methods for your e-signature implementation.  

Video: How to Authenticate Users in OneSpan Sign    

The Beginner's Guide to Electronic Signatures

The Beginner's Guide to Electronic Signatures

This essential briefing introduces important legal concepts and key considerations when creating digital business processes with e-signatures.

Download Now

With over 10 years of experience, Dilani Silva is a results-driven product marketer with a passion for helping organizations drive customer experience through digital transformation initiatives. As a Senior Product Marketing Manager at OneSpan, she manages and executes go-to-market efforts for the company’s Digital Agreements portfolio. She received her BComm in Marketing from Concordia University in Montreal, Canada.