Verified digital signatures anytime, anywhere.
Conceptual Cross-Platform Application, React Native
and legal authorization
Solo Product Designer
The problem in context: e-signatures
One of the biggest issues that we currently face in document verification is that outside of public and private keys, you can’t tell who signed your document, and you have no way of truly knowing if the signature is a forgery.
Electronic signatures are becoming dangerously easy to fake.
Theft of private keys through manipulating system-level access is becoming trivial.
All an attacker has to do is compromise a device to gain access to a user’s private signing key. Malicious app code is a large driver of this problem, and it’s only getting worse by the year.
- Device is compromised by attacker.
- Private signing key is hijacked.
- Digital signature is applied using key.
- Attacker walks away with signed document.
The worst offending apps are the ones we don’t know about
The problem with trying to police this issue on the respective app stores is that there are so many apps, even the respective platforms can’t monitor them closely enough to ensure 100% safety.
“The latest campaign, according to researchers with Human Security’s Satori research team, included 80 Android Apps lurking in the Google Play Store and, notably, 9 in the Apple App Store. All together, the team reported the malicious applications were downloaded at least 13 million times.”
Dealing with the root of the problem
Instead of trying to tighten down security to the point of infeasibility, the aim of BioSign is to make digital signatures so difficult to forge that it can’t be regularly done.
Recording and device data are
streamed to the server
Instead of relying on data transmitted from any one file, BioSign takes zero-trust a step further by continuously requesting, confirming, and verifying data as it’s submitted by the user.
This additional layer of verification makes e-signatures prohibitively expensive to fake
In order to effectively fake a signature on BioSign, an attacker would need:
- Emulated location data
- Spoofed device data
- A massive sample of user voice data for speech synthesis
- High-resolution headshots of the user talking for facial rendering
- Two deep learning models running in tandem to render the steaming output
- While believably emulating gyroscope data for hand movement/sway
- Perfectly rendering the recording with no discernible artifacts
- And finally streaming that data with matching time, date, and location stamps
- All while BioSign’s own AI is watching for ALL of the above attack patterns.
Like an engine-disabling car alarm, it makes it expensive enough that it's just not worth thieves' time.
management & organization
After files are created, sent, received, or otherwise modified,
the system stores them based on their status.
Search by any criteria, with automatic pattern matching
Looking up a particular document is as simple as searching for any data associated with it. Names, dates, companies, etc., it’s all fair game.
View any file with permission-based field filling
Any file that’s been sent to a particular user can be viewed, filled, signed, or rejected based on their permission level from the sender or their organization.
Document status & changes
are tracked every step of the way
Instead of having to play phone-tag or deal with massive chains of emails, document status is tracked per document, and updated as the document moves through the workflow (drag to scroll below).
And you’re always notified
whenever a document changes status
Whenever a document’s status changes, users are notified and can tap to view more information.
User reception & feedback
What users had to say about BioSign from post-use debrief interviews.
“Wow, I really like that this app is so clean and that it makes it easy to see who signed your documents.”
“If we had this at my work, I don’t think we’d need to use anything else.”
“I’d like to see the ability to add notes outside of the document description, that would be really nice.”
“Is there any way to tag the documents with specific keywords or hashtags?”
“This is cool, but I feel like Adobe Sign does more or less the same thing, and I can use it on desktop.”
“You know if I’m being honest, this is probably the first app I’ve ever seen that does this type of thing well. When is it coming out?”
Metrics derived from surveys, interview, and observations.
Of users surveyed
Stated that they were unsatisfied with their current methods of document signing and verification.
Of users interviewed
Reported being impressed by the overall presentation of the BioSign app, along with its intended functionality.
Of users observed
Were able to easily navigate the app in its entirety, send, receive, verify, and sign documents without assistance or intervention.
Thanks for stopping by!
I sincerely appreciate your time and consideration.
If you’re ready to take your next great idea from concept to marketplace, I’d love to help. Drop me a line, let me know what you’re looking for, and we’ll get the ball rolling.