On 18 August 2021, SigningCloud organised a highly-anticipated webinar to commemorate the launch of SigningCloud V2 on 16 August and was met with a big turnout! The virtual event, called ‘A New Way Forward With Digital Signing’ saw more than a whooping 2,300 viewers tune in for the 2-hour special. The virtual event was led by power-packed panel of speakers comprising Securemetric and SigningCloud’s CEO Edward Law, Krishna Rajagopal, CEO of AKATI Sekurity, James Lee, Solicitor at James Lee & Pang Advocates and Solicitors and the exuberant Jonathan Case as Host. With the theme ‘Online Hackers: Am I At Risk?’, the webinar set out to discuss the safety and security aspects of digital signing and how easily people can fall prey to cyber-attacks, identity theft, signature impersonation and more.
After a brief introduction by Jonathan, Edward kickstarted the event with a warm welcome to the virtual guests from all over the region who tuned in to gain insight and expand their knowledge on safe digital signatures. With a short history of the SigningCloud journey that began in 2020, Edward thanked users for their out-pouring support and spoke on how SigningCloud V2 is equipped with amazing new enhancements and added benefits. He also touched on plans to localise SigningCloud’s offerings to other Southeast Asian markets in the near future.
The session then moved on discuss the main agenda of the event – the topic of safe and secure digital signatures. With the theme ‘Online Hackers: Am I At Risk?’, the panelist broached the issue of digital security and each used their personal and professional experience to relay the vulnerability and risks that are ever present in today’s advanced world of digitalisation.
James noted that in his line of work with countless of contracts and invoices involved, his practice has adopted the usage of digital signatures for certain documents. The trio then discussed the various real-life instances of electronic fraud that they’d encountered over the years. Cyber-security expert Krishna pointed out that this usually stems from weak end-point protection or unprotected devices and servers and when organisations are equipped with the right mechanisms in place, such incidents are less likely to happen.
Further delving into the attacks related to e-signatures, Krishna highlighted two unique vulnerability attacks that seem to be on a rise – the Evil Annotation Act (EAA) and the Sneaky Signature Attack (SSA). Systems that don’t have proper tamper proof mechanisms are more prone to what is known as ‘Shadow Attacks’, hence why it’s vital to opt for electronic signature solutions that are fitted with strong multi-factor authentication in addition to more than one Certificate Authority (CA) providers for its digital signatures such as SigningCloud. Krishna also advices that e-signature platforms that use PKI technology are a much safer option for signers.
Given that digital signatures when deployed properly are clearly the safer, more efficient option for businesses, it’s no surprise that many organisations and entities around the world have already begun to implement it. James enlightened the audiences that the Companies Commission of Malaysia (CCM) has already adopted digital signatures when issuing certified documents to the public. The Commission also provides its users with a website to verify the authenticity of the certified documents. In addition, Malaysian Courts have started using the Electronic Filing System which enables lawyers to sign documents and file it directly back to the court using the platform. Outside of the legal world, Edward pointed out that government platforms such as ePerolehan and the Malaysian Administrative Modernisation and Management Planning Unit (MAMPU) have long adopted trusted PKI technology.
One very important aspect of electronic signatures in Malaysia is the laws that govern it – namely the Electronic Commerce Act (ECA) 2006 and the Digital Signature Act (DSA) 1997. James thoroughly explained what each Act entailed and elaborated how even basic e-signatures are protected by law, albeit less stringently by the ECA 2006 and in the event you wish for secure digital signing solutions such as SigningCloud’s qualified digital signatures, the DSA 1997 will be enforced. It can even prevent future instances of non-repudiation where the CA may be called to testify as forensic witnesses in a court of law. Can’t get more secure than that!
To wrap up the insightful discussion, guest speakers Krishna and James were asked to share their advice and tips on what factors to consider when implementing e-signature solutions. James opined that one should always look into the nature of the documents they wish to sign, as the ECA 2006 does not recognise electronic signatures as valid for certain instances, such a wills and cheques. He also advised to take note on the acceptability of certain documents that are signed electronically by government agencies and the likes of it. Krishna on the other hand reiterated his point earlier about choosing a platform that is equipped with the right security measures and given that digital transformation is inevitable, companies and individuals should embrace digital processes and not shy away from it.
The webinar ended with an extensive range of Q&A from eager viewers who posed their burning questions for the panelist. The comment section was buzzing with queries about SigningCloud’s offerings, information security, digital signatures and more and the audience members didn’t waste the opportunity to pick the brains of our brilliant speakers on their thoughts and views.