Ask HN: Why is Docusign a $50B company?
I have been searching for a solution to e-sign some lease agreements. It is something that I need to do maybe once a year and the only thing I need is a legally binding way to put signatures and timestamps on a PDF. I do not need any fancy features.
I was doing research, and it seems like most document signature companies all charge monthly subscription fees! This does not work for me as I am not using the platform on a monthly basis.
Are there free, open source alternatives to Docusign? If so, why do more companies not use them?
347 comments
[ 2.9 ms ] story [ 256 ms ] threadYour use case unfortunately is just not worth it to them in comparison.
One may as well ask "Why does Adobe charge $30/mo for Photoshop?"
Just to put one alternative company into the fray, there's Docsmore (https://client.docsmore.com/features.html), a local startup (North Carolina) that offers document management / signing / document flow as a service. I'd imagine it would be hard to go up against a giant like Docusign unless there are compelling additional features.
The Docsmore founders seem to have more recently used the service as a jumping-off point for a separate insurance claims-processing automation company, Benekiva (https://www.benekiva.com/) (Iowa/North Carolina). That seems even more lucrative than straightforward document signing/data-collection.
EDIT: I have no relation to the company, I've met some of the founders before
[0] https://www.hellosign.com/
https://github.com/brinley/jSignature
https://github.com/szimek/signature_pad
It all started in 2006 when the economy grew at 6.6% in Q3 and the Fed still claimed that not tightening was a great insurance policy.
Fast forward:
Subprime crisis
Bernanke says "subprime is contained"
Subprime was not contained
Wheels come off in 2008
Everybody runs away like chicken with their heads cut off
Everybody goes back to Bernanke asking for solutions
Bernanke proposes QE, something that he claims "works in practice, but not in theory"
Slow recovery
More panic
More QE
Temper Tantrum
More QE
13 years of regular QE
2 years of QE on steroids due to COVID
Asset prices only go up
Everything bubble
And here we get to the current scenario where scam companies are worth trillions and Docusign is worth 50B
If you really want to chuck a hand grenade at the crypto-cultists ask them to rationalise Tether.
A company which produces 1% of all global cars is worth more then the companies who produce 90% combined? Sounds legit.
Next you'll be telling me a company which has only shipped 160 trucks to employees is worth 100bn... Oh wait...
If the original comment was just exaggerating for effect, then fair enough. I was genuinely curious by the possibility of not only one trillion dollar scam company, but many.
So don't compare them with toyota, compare them with apple and it makes a lot more sense. All the top tech companies work the same way. Vendor and ecosystem lockin, forced depreciation of old products that aren't currently extracting profit, and selling surveillance.
One quarter it was going negative on profits, so he pump and dumped crypto to keep it positive and the hype going.
It either produce most of the world's cars or it is going to fall out and I hope we wouldn't be the one facing the consequences, but we will :))
Most enterprise software is purchased to do something the company requires, but is not within the company's actual line of business. Payroll, tax calculations, identity verification, etc.
In these cases "cheap" is not very important so long as the solutions are cheap enough relative to the value of what the company's business. This is also why companies routinely contract out vast amounts of work to highly-paid lawyers - paying someone six figures to do work on a deal that's worth 9 figures is a rounding error, and is not a cost worth optimizing.
More importantly, the third party provides two important pieces: responsibility and liability. Docusign is on the hook if they fail to validate the signers' identity, and if anything goes awry Docusign is on the hook for fixing it. These are features, not bugs, to enterprises who need a function performed but really do not want the liability or responsibility around it.
This is similar to why tech companies outsource to cloud services rather than run on their own metal.
Well, it's kind of like plumbing. Once established, you don't think about it much until something goes wrong. Maybe someone notices, "Hey, our annual maintenance is $x, but I think the normal rate is only $x-y."
But unless it's time for a lot of belt tightening, making that change is pure risk if the system mostly works, problems are fixed quickly, etc. Because maybe you change plumbers, and there's a catastrophic failure that would have happened anyway, but now via the magic of post-hoc fallacies it looks like the change is what caused the problem. (And maybe it did! who knows?)
So there are many things in any organization that only get optimized/updated (or even just simple maintenance) when they become a noticeable problem. The old adage about not fixing what isn't broken-- you need to really be able to show a likely failure in order to make a preemptive change.
But many/most of us have probably also worked in environments that were far too conservative about changes, so that may be the more common problem.
We're the team behind https://forwardemail.net
Everything 100% transparent, open-source, privacy-focused, with fair pricing
I'm just wondering about the commitment that you will never increase prices - that seems kind of unsustainable? Even if cost goes down over time, inflation tends to move pretty fast these days, quickly eroding your real earnings.
IANAL, but the idea that a signature is what makes a contract legally binding is not exactly true. It is a symbol of the acceptance of the contract, but legal acceptance can take many forms - so whether you use a service to signify acceptance, or just sign it using acrobat or Adobe's site, or even just a verbal agreement... those are all valid acceptance, legally speaking.
DocuSign's use case is not the signing, but the management of those documents and signatures - tracking which documents are sent, which have been read (yes, the doc owner can get notified when you even look at a Docusign document), which have been signed, and being able to store copies of signed docs. It is mostly for the companies sending you contracts, not for you as the signer.
Either way, as noted, DocuSign has other features.
A very few places will reject the Preview-signed copy, wanting a hand signature, but you can filter the pages a bit (tilt slightly, add noise) and they won't know the difference.
Could have been handy a while later but I never managed to find this post again... It was an open source program hosted on Github FWIW.
https://news.ycombinator.com/item?id=23157408
You can also do it with Photopea albeit it's s bit harder
Source: https://www.ecfr.gov/current/title-21/chapter-I/subchapter-A...
Plus, yeah, you get to see if the other party signed, all the appropriate spots for signing are flagged, the entire audit trail of the document.
It's super convenient.
Also, it's cheap AF. A personal account is like $10-15 and a business account is $25-45. That's pocket change for the service you get.
EDIT: I've worked on document management software. Let me tell you that people will pay bank for document management -- without even the signing part. In any field.
A pay as you go model would qualify as "cheap AF," but the subscription model can be extremely expensive on a per document basis if you need to do a couple a year.
It’d be “cheap” or an acceptable price if a signed document costed $5. Subscriptions are BS for occasional users.
If you are creating documents to be signed , 10-20$ is insignificant cost even if it is was per document.
Most contracts are worth lot more, most lawyers who draft these types of documents costs more . Sending a copy of a physical document by USPS for overnight delivery to couple of people will cost you that much.
We use DocuSign because FDA requires electronic signatures that follow 21 CFR Part 11. A lot of companies will be very hesitant to roll their own or claim compliance if the supplier (like DocuSign) doesn't claim it's compliant.
The document can be deleted.
But it's not about whether something is legally binding, it's how much deniability you might have in court, and what sort of evidence is admissible in the first place.
These legal hurdles make it easier to establish that someone accepted a contract based on a signature than based on spoken words. That's why a notary public or at least a witness is usually involved when you sign papers involving potentially large liabilities against yourself.
...for some contracts. A large number of jurisdictions require written contracts with signatures for contracts that meet various criteria. These rules are often based on or descended from the Statute of Frauds [1], so that gives a good idea of the general kind of contracts that usually have writing and signature requirements.
[1] https://en.wikipedia.org/wiki/Statute_of_frauds
And something like documents signatures is so inherently based on trust that unless it was built by a large company and made open source.
Instead, the pathway to trust was decades of slow growth and bootstrapping (of trust) from a small startup DocuTouch, acquisition, investment in legal analysis and lobbying, a few key early partners, etc... And then you find yourself as the defacto trusted vendor.
Note that I'm putting aside questions of security etc. Assuming no wide-scale high-profile breach or fraud, actual security in this space is secondary. Legal acceptability is more important, especially since any moderately complex contract is going to have other stages and processes that ensure the correct parties are the ones signing the contract. Or at least be no worse than similar risks IRL.
Legally binding, court-accepted levels of trust are simply orthogonal to the goals of open source software. However, we're now at a point in the acceptance of digital signatures that a startup that happens to open source its code could still disrupt the market. The most around any such business would be the expensive legal expertise and legal bills required to defend their products in court when they are inevitably questioned in contract disputes or possible frauds.
No one has noticed so far :=)
A scanned signature is not a handwritten one and it leaves you with a sub-standart signature. But courts accept it while it even if its not to the letter of the law.
When you're buying an apartment for many multiples of that, it's Docusign or nothing.
No way you could buy an apartment with docusign.
Apart from that you can sign most contracts however you like or not at all if you can proof that both parties agreed to the contract e.g. by paying the invoice.
Most people will also purchase title insurance in case the current owner has liens on the property that the lawyers did not find.
I don't want to go into details but depending on which country you need your signatures to be legally binding and the type of contract you are signing, you might need a higher signature standard than the one you get from DocuSign.
At Skribble we offer all 3 signature standards defined by the European law. The lowest standard is very similar to what you get from DocuSign.
Also, at Skribble you get 2 signatures per month for free and a pay-as-you-go model for individuals.
I'd be happy if you give it a try at [1].
[0] https://www.skribble.com/en-eu/ [1] https://my.skribble.com/signup/
The same way I'm not going to take any claims from the product manager of a new VPS company that they're more secure than AWS.
It seems that DocuSign has been suiting up on eIDAS signatures, too[0]; I'm not sure if they're compliant with the Swiss snowflake ZertES though since that one's incompatible with eIDAS.
[0] https://www.docusign.co.uk/how-it-works/electronic-signature... ("Easiest-to-use, eIDAS compliant digital signature solution, including EU Advanced and EU Qualified Signatures")
One of the requirements is that certificate has to be issued by accredited CA. And there is one such CA - National CA (https://pki.gov.kz/), it issues such certificates for free.
Also there is a service that allows anyone to sign any file using a certificate issued by National CA - https://sigex.kz, thus making it legally significant. It's free for use (except for heavy RPS enterprise users and the ones, how need support).
So in Kazakhstan you can do e-docs signed by e-signs totally for free.
P.S.: Pardon, but the links are in Russian.
- Kazakhstan man-in-the-middle attack https://en.wikipedia.org/wiki/Kazakhstan_man-in-the-middle_a...
- "Certificate cannot be trusted" warning in Kazakhstan https://support.mozilla.org/en-US/kb/certificate-cannot-be-t...
- Kazakhstan Attempts to MITM Its Citizens https://www.f5.com/labs/articles/threat-intelligence/kazakhs...
Imagine you're a legal department. You have to choose between DocuSign, which you know the court will accept, or a competitor. DocuSign costs 10x as much as the competitor. But that's nothing compared to the cost of litigation, or worse, the cost of losing litigation. So you will likely choose DocuSign anyways.
It's the same reason Coinbase, Square, Stripe, Airbnb (among many others) are worth what they are (ie rich multiples on sales). Their domains are extraordinarily difficult to do very well and now that large competitors are in place (in those segments) it's borderline impossible to take a big chunk of the market away from them. They're entrenched, potential future monopolist tech monsters.
The market loves these types of stories, right up until the growth inevitably declines to/near single digits and then they get a boring eBay valuation (circa ~2003-2019).
The short of it is, a lot of the future returns have been pulled forward.
DocuSign’s feature list is huge. It’s not just overlaying a signature on a doc. It’s a massive and complex app that most people will ignore or trivialize, but that shit just works.
Mark all the signature locations?
Multi-user?
Chained dependencies?
Recording and redownloading later?
SSO
Audit / identification
Salesforce integration?
Contract generation?
Orange site minimizing huge successful company because they care about one feature seems super on brand.
I wouldn't agree that DocuSign's continued success is because of the maturity of the product.
While I recognize their value, a potential competitor could replicate them within a reasonable timeframe. What they couldn’t replicate is the brand name.
Lots of services can sync files and folders. Having used many alternatives (One Drive, Google Drive, iCloud Sync, even scripted rsync), it turns out I still pay for Dropbox. It’s the most reliable for my use cases, and is not too expensive.
There is a huge difference between “I can conceive of how to implement this feature” and “this feature works for years on end at large scale with adequate reliability and usability and low enough cost.”
I'd rather pick insert an image in a document and keep a log of it as a weekend project.
FWIW I sign a lot of documents (CEO of a company) and I use HelloSign/ Docusign interchangeably. Honestly, there's 0 meaningful difference, except I found HelloSign a bit easier to onboard, and I'd rather support them since I think the entire market of "sign a fake piece of paper" is the dumbest fucking thing ever and I hate that there's a company making shitloads off of it.
Seems a bit of a moot point, though, as I'd expect most customers here see this as something they want to just work without problems, so they'll be heavily biased toward known major brands. It's sort of like the space for cloud computing in that way. Usually, my most important criterion for a cloud vendor is that their shit will stay up forever, because my whole goal is to not think about a bunch of things.
As for the features, of course it's not whip it up in a weekend. But MS/Google/Apple are all in a position to put out a competitor that integrates into their platforms. It probably won't put DocuSign out of business but would cut into their margins.
In most cases , investors only care about growth. As long as they continue to see double digit growth, the stock will continue to grow . E.g TSLA. It is only when the growth stops that the stocks starts to crash - e.g. Peloton and Zoom .
You know that old joke "if I go to work today, I'll make $100, which in a month is gonna be $3000, which in a year is gonna be $30000, which I'll invest properly and turn into a million! I'm rich, why should I even go to work today?" (prolly butchered it but you get it).
Replace the wage with potential sales/users/growth/revenue and you can see how a company selling reusable butt scratchers can be valued at billions.
However, qualified electronic signatures are harder to manage than what eIDAS simply calls "electronic signatures" (i.e. anything you put your name on): DocuSign value-add is a third-party to record an audit trail (time and date, IP address, assurance signatory has access to a particular email address...), basically, someone with no interest in misrepresenting facts about signatories to a document.
There's a lot of legislation around this too, and that can be costly.
A self driving car is hard, a web app to edit a document with a few integration is not hard.
The value is not in how technically great they are, it's in their market position.
Sure, it should be simpler. Much simpler.
But given what we currently have, to have the option of abstracting all that away via pretty clear, mostly predictable and well documented APIs really is nice.
It’s also complex for a reason, and not just because of inherited legacy processes and systems.
If you disagree, why not run a payments service at no or low cost yourself?
It could be a nice passive business to be a small payment gateway provider. It's not rocket science, I could implement it alone. You invest some money to make it compliant with the security standards of the sector, charge less than all the other fat companies and you have another income stream.
The only cons is you have to abide to so much stupid regulation in order for it to be legal (not secure, I'm fine with the private rules to ensure safety in running the service), and then making sure your customers are not doing something your government doesn't want them to do (like cleaning "dirty" money) and identify your customers (KYC).
I looked also into starting a bank (you can do it with just 1mln in some places!) but you run into similar issues.
It's a legal nightmare; if there was no government, I'd definitely do it.
If we exclude government, and avoid any fees from external providers (let's imagine a cryptocurrency-like asset), how would you warrant your solvency in fulfilling all the transactions and converting to fiat (which is ultimately what customers need today in a payments processor).
I can't see it having a widespread appeal without costs matching the order of magnitude existing ones do (sure you can do it cheaper, but why haven't cryptocurrencies achieved it?)
You can handle banks misbehaving and defaulting on their obligations with a competing system of private banks, third party services reviewing and auditing these banks and by paying a private insurance tied to the amount you own.
Given that generally banks will make money with your parked resources they could be able to pay for the private insurance from the interests on your money.
I don't think cryptocurrencies are the answer, they're a technical answer to a political problem and governments will probably just squash it or find a way to benefit from it.
all the same, i agree with you: it’s already cheaper to use Coinbase Pro as an on-ramp to obtain USDC and then trade the USDC on a decentralized exchange that charges 1/5th the fees as Coinbase Pro. that wasn’t the case 2 years ago, and i don’t see any compelling reason to believe that Coinbase the company won’t continue to lose its mote, over the long term, in an industry which is fundamentally about decentralization.
My understanding is different. When you place an order, you're absorbing liquidity from the marketplace. A market maker is the party that generates liquidity by fulfilling orders, not the party that destroys it by placing them.
A market taker takes orders away from the market by completing transactions, thinning the order books.
> A market maker or liquidity provider is a company or an individual that quotes both a buy and a sell price in a tradable asset held in inventory, hoping to make a profit on the bid–ask spread, or turn.[1] The function of a market maker is to help limit price variation (volatility) by setting a limited trading price range for the assets being traded.
> In U.S. markets, the U.S. Securities and Exchange Commission defines a "market maker" as a firm that stands ready to buy and sell stock on a regular and continuous basis at a publicly quoted price.
The concept of the market maker is that, if you as a third party want to buy or sell whatever it is, you can do that because the market maker will instantly fill your order. ("Liquidity provider".) Without the market maker, your buy/sell order would have to wait around indefinitely for someone else to file a matching sell/buy order.
In particular, note that placing a buy order without a corresponding sell order doesn't satisfy any definition of market making. And if it did, limiting the order to 1 bitcoin would still be disqualifying; to fill the role of liquidity provider, the market maker must stand ready to buy as many bitcoins as anyone wants to sell.
The problem described above also doesn’t exist. A signature isn’t a necessary element of a contract, and even in situations where a signature is statutorily required for a certain type of contract, an e-signature is legally recognised (in all US states at least) without specifying that particular service providers or methodologies have to be used.
That's not what they said though, and while this sounds nitpicky it's vital to the point. You can choose between a well known accepted option or something else to save a few bucks. The cost of docusign is, as far as I can tell, low enough that even considering the question for long would easily cost more.
And this is not just about one jurisdiction, but also other ones, where e-signature laws may be different.
You can enter into a contract with even less than a signature (ie: just by accepting payment you can inadvertently end up in a contract), so the idea that a signature wouldn't work except in very specific cases seems pretty weird to me.
I've had very few wet-ink, notarized signatures required of me. Some documents are weird though ie: a picture won't be accepted, but a scan will be, etc.
God it's all so fucking stupid.
https://www.cogencyglobal.com/blog/getting-document-signatur...
I've never actually seen a proper esignature in a court document. Most court record systems are so outdated that it's honestly an enormous win if they allow you to view, upload or download documents over the web at all.
The concept doesn’t even make sense to me… Docusign is not attesting to the contracts they manage. They’re not an automated notary. They’re just facilitating something that anyone can do themselves: electronically sign a contract.
There probably is a “nobody got fired for buying Docusign” effect, but it would be supported by their mindshare, not some special status in courts. The vast, vast majority of Docusigned docs will never end up in a court anyway (most contracts are never litigated).
0: https://techcrunch.com/2021/09/22/pandadoc-the-e-document-st...
See for example, "The Problem of Sexual Harassment and Forced Arbitration": https://www.correiaputh.com/news/problem-sexual-harassment-f...
Parties with fewer resources are at a huge disadvantage in either system, but there are degrees of disadvantage. It is misleading to examine the outcome of arbitration once the rules are "agreed" to without taking into account that the process of setting the rules strongly influences said outcome.
Companies pay the arbitrators salary.
I have a $60,000 credit card judgment on me. (29,000 x 10% yearly) I had no say in the mediation. Just guilty on all accounts.
I'm Judgment proof right now, but I need to do a chapter 7 in Santa Rosa. I really hate giving a lawyer $3000 for a simple uncomplicated chapter 7, but don't have the balls to do it myself.
I just remembered the credit card company that really irritated me. It was Columbia Credit something. They screwed over thousands of people. Some people had their identy stolen, but got on sympathy. The arbitrators (Usually retired alcoholic lawyers) rubber stamped everything. Consumers fought back, but lost. A judge ruled all judgements were valid.
Do you prefer mandatory arbitration to being able to use the public court system? That's a privatized justice system.
No, it is mandatory in the sense that parties will be obliged by the normal justice system to submit to the specified process and will be held bound by the results by the normal justice system (with narrow exceptions.)
> if as the parent posits the normal justice system does not exist then everything becomes "Mandatory arbitration", right?
No, if the normal justice system does not exist, there is nothing holding anyone to a particular pre-specified arbitration process or enforcing the results of that process.
If the monetary damage was high enough vis-a-vis the ability of the public system to deliver me restitution for my losses, I'd very quickly be hiring private detectives yes.
This guy got arrested by the police, he was released and then run away to Dubai where he's from. He came back after a month and opened a company under a false name and started doing the same scam. I knew his address, I reported everything to the police and the police dropped the case without doing anything.
I'm already paying 25+k£ in taxes every year. If I didn't have to spend that and there would be no police or laws, private companies (aka burly guys with guns) would be needed to ensure citizens safety, in exchange for a fee. Different private companies would need to interact with each other to settle down cases, eventually agreeing on a set of laws to compensate people subjected to crimes.
In this hypothetical world, I would have been happy to pay for my protection agency to go and fetch this individual and bring him to a private court where my protection agency and his protection agency could debate whether the crime happened or not.
It was a blatant crime so there was no reason I would lose and that guy should have been forced to return my money (according to laws agreed on by contracts between our private protection agencies) or work in jail until I'm repaid.
Not that I'm happy with the current system, but I can't really see how a privatized one would not end up with an even bigger class divide where the laws are only enforced against people that are on the same level as you or below.
I don't see why corrupting a private judge would be easier than corrupting a public one.
The private one at least could default if they had no more business due to their unfairness.
There is definitely a competition between them; but is violence or negotiation the most business effective way of dealing with it?
Warfare is expensive, you risk men lives and weapons aren't cheap.
If there is violence on the street or if protection money is too high, no-one would want to live there and there would be less people to sustain your army.
I think the incentives are aligned to solve disputes in a pacific way.
For what history says about such firms, look up Pinkerton agents and London's policing before the current system.
An equivalent would be paying the expensive private security firm subscriptions for 10 years and then expecting service when something bad happens.
What if that meant that people could fire their police department and replace it with a different one if they didn't like the way it operated?
That would depend on exactly how things were set up, but we do it with politicians who have all the same bad incentives to keep power.
Even law making and law enforcing please.
Governments are incompetent by definition and hold too much power. I'd rather have a N local corporations competing against each other and not being able to extract money from everyone's profit - compared to a massive monopoly governing and profiting off millions of people.
I just wish someone would drag both political parties kicking and screaming into the modern age. Give Republicans their voter ID requirements they claim to want so much and give Democrats mandatory widespread adoption for every citizen homeless or otherwise. Make it mandatory to even pay income tax.
The quote is better interpreted as "certain vendors are mainstream enough that nobody above you is going to even question your reasoning for choosing that vendor"
the partner company sent us an implementation doc that was full of red flags, "just send your private API key to the client packed deep in a nested JSON and ROT13 it to authenticate requests, users aren't technical enough to unpack it" sort of place
after I kicked it back to the director saying there was no way I was going to sign my name to that jank code, they tried implementing it themselves anyway, and were found out during a routine "check if API keys are leaking" job
"Survivor" bias here. I imagine on average it ends excellently for the executive.
Then, about two months later, the client got into an accelerator, where they got free AWS credits. Suddenly, my choice didn't seem as good -- mostly because paying nothing is cheaper than paying something. (Never mind that the vendor I had gone with had stellar service, which was one of the reasons we chose them.)
The client told the cloud provider that I had been unauthorized to speak on the company's behalf (untrue), that no one had told him we were signing a contract (not true), and tried to wiggle out of the contract (which went nowhere). That didn't go anywhere. So he got angry with me, and canceled our consulting agreement.
As it happens, that client was simultaneously trying to figure out how to pay for taxes and pensions, and was getting rid of some other people. So it wasn't a direct cause-and-effect. But it did happen.
And this is yet another reason why I've been delighted to get out of the "regular" consulting world, and switch to only doing training.
Tell us more about this transition? Sounds interesting!
Here are two interviews I've given on the subject:
- https://devjourney.info/Guests/83-ReuvenLerner.html - https://doubleyourfreelancing.com/business-freelancing-episo...
I'm always happy to talk about training. I love it, and recommend that everyone in the consulting world look into it more.
I also have a training newsletter, at https://TrainerWeekly.com/.
Apropos of nothing, it's funny how nearly every single consulting contract I've seen which has been prepared by an attorney on the client side tries to slip in a clause like "you shall not act on our behalf or hold yourself out as having authority to obligate or bind us", when that's actually exactly what they're looking to hire me to do (eg. "Please come manage our projects, employees, customer relationships, vendors, banking relationships, products, research branch" or whatever else the role entails).
You are managing the projects etc. as a service being provided under contract.
You are not being granted actual authority to act as an agent of the company.
The clause they are slipping in actually protects you both. If you are appointed as an agent (expressly or by implication) then you become a fiduciary for them which might give you obligations that aren’t necessary spelled out in the contract.
So, this isn’t a clause most well advised people push back on.
If they do still need to sign on behalf of the company in some discreet situations they look into getting a limited power of attorney instead. Safer and clearer for both parties.
Not legal advice of course. I assume your own attorney would have explained this to you anyway.
It wasn't just picking the wrong vendor but one of our competitors got a new CTO after a critical system was poorly migrated to the cloud.
Docusign is the only current major e-sign platform that works with the federal government (Adobe is applying).
If you have to pick one vendor and there’s even an outside chance you’ll interface with the fed govt, you just choose Docusign.
> A method [...] is used to identify the signer and to indicate the signer’s intention to sign the document;
> The method used is as reliable as appropriate for the purposes of the communication or is proven to identify the person and indicate their intention; and
> The signer consents to the method used, with such consent allowed to be express or inferred from the circumstances.
Guess what? Australian courts apparently accept a name written at the bottom of an email as passing this test as being "as reliable as appropriate" for many situations. The barrier to entry in Australia is essentially zero. Europe has much stricter laws, introduced in the same year, in a two-tier arrangement where the strict version requires something like DocuSign, and moreover that the ability to produce a signature rests in the control of the person it identify, and that person only. (This paper http://www5.austlii.edu.au/au/journals/MqLawJl/2017/9.pdf argues for adopting the European approach in Australia.) A sibling comment identifies the US federal government's requirements as being essentially "we must approve individual e-sig services for use with the federal government", which is insane to me but there you go.
> Docusign is not attesting to the contracts they manage
... but they are attesting that they have read the laws about e-signatures, those claims are affirmed by their continued existence, and that's worth a lot of time otherwise spent second-guessing your chosen platform.
I knew roughly the position in Australia, but wasn't aware of the European requirements -- DocuSign has done a medium amount of work researching and documenting their compliance to give you peace of mind, and quite a lot of work complying with the stricter laws that are out there. There's nothing in that that is particularly difficult to replicate, i.e. there's no secret sauce, it's just a lot of work. The overall product (works for doing business with anyone you need it to) is more than the sum of its parts.
This has (just searched for a link) been turned into EU law under the term "eIDAS Regulation" [0].
[0]: https://en.wikipedia.org/wiki/Qualified_electronic_signature
As such, DocuSign is unlikely to be valid as a qualified electronic signature in Germany or other European countries.
But in all of the contractual law ever present in the world, as long as you do not dispute that it's your signature, or there are witnesses to you agreeing to a contract (even verbal ones), a contract would hold as if signed by you.
> ...the use of electronic signatures or requires that the “written form” be used (which requires use of a qualified electronic signature), then any non-qualified electronic signature may be used.
As such, DocuSign is an "electronic signature", but not a qualified electronic signature. This seems to be defined directly in eIDAS, so it probably applies to most of EU countries, and countries on the path to joining the EU.
I think this confirms my guess above: https://www.docusign.com/how-it-works/electronic-signature/d...
(But they are making it vague on purpose instead of just stating in plain words)
As much as vendors like DocuSign provide UX and infrastructure for document management, they also package an aspect of legal compliance as a service.
I helped implement a solution during the peak period of pandemic that ended up handling millions of transactions. Probably took 3 days from handshake to live.
Someone is going to roll a decentralized ID system on blockchain and tank this whole sector...
Rarely, very very rarely, does the tech being differentiated ever matter. At Docusign’s level, it’s much more about sales and marketing. They’ve been the market leader for years, and even if they slip to 2nd or 3rd place, they’re still a massive multibillion dollar company.
I think engineers and technical people often have a hard time truly grasping how absolutely gigantic certain markets are (I struggled with this for years). Docusign’s market is unimaginably large.
In terms of pure tech and UX, its almost a disqualifier to have good tech or good design as ironic as that sounds.
"Weak Competition" or legacy players are largely irrelevant, which is an important distinction to make.
I have no doubt in 10 years there will be numerous ways to sign documents electronically and margins will be thin.
Think about cloud storage and other areas with a high amount of competition. All of these things will trend towards margin compression in the long run, almost by definition of being in a competitive/free market.
Cost of switching matters a lot too. It's easy to move from DocuSign to some competitor. It's more difficult to move from managed MongoDB to managed Postgres, due to having to define some translation layer.
The thing is that we're just early in the digitization cycle so all these first movers becomes pseudo monopolies. That won't last for more than a decade or two.
Highly likely that stock performance for a lot of these 20-100x sales stocks will be very poor over the next 10 years. But you may get a good stretch of high returns in the short/medium term.
Think about when Ford created the assembly line. Did that give them a forever Monopoly on cheap production of cars? There's this attitude that competition doesn't matter in technology, but we can clearly see in things like laptops, routers, hardware etc, that margins became very low after market got saturated.
It's only just the last few years that things like DocuSign were even possible to create.
This is especially true for software where once it's built, marginal cost to deliver value is extremely low. Theoretically, a well designed and cloud native/managed version of DocuSign could be run by just a handful of people in the long run. Do people really expect that nobody will accomplish this in the next 10-20 years?
Where there's margin, there's opportunity.
To cite a single example: corporate procurement systems. It's like trench warfare to get enrolled in many companies, but once completed your sales team can then recite the following incantation: "we're an approved vendor." The effect on sales can be magical. ;)
Disclaimer: I use Docusign and have done so for years. It's transformative in a way that's similar to password managers.
Edit: see https://www.docusign.com/products/apis
Sounds like OP doesn’t understand the complexity.
When I hear startups sell on the fact that their solution uses blockchain and is somehow inherently better for it, I turn and walk the other direction. Same for AI/ML, BigData, etc.
blockchain is really hot with VCs these days, so that’s who. why? the rewards for a document signing product are large — as evidenced by new traditional companies entering the space (HelloSign). basing a new competitor in this space off of blockchain offers differentiation. despite being less mature or feature rich, you get prime access to one area of the market that none of your competitors can easily serve. that is, you get your first, profitable, customers way faster and they become a core source of revenue to build out from there.
The point in dispute is that decentralized blockchain based solution makes any sense. Other than to attract VCs who don’t know any better to give you capital, blockchain offers no competitive advantage to an upstart or really a competitive threat to the incumbents.
Further I see no desirable “differentiation” for a customer to be interested. It doesn’t in fact even solve a customer problem. It’s just noise.
document signing is just another form of attestation (“i agree to the terms outlined in this document, effective on <date of signing>”. blockchains are really good at providing tools for attestation. the specific customer advantage? it’s extremely difficult for your counterparty to claim that he didn’t sign your term sheet if he changes his mind. you just point to some record on the blockchain and say “this has your digital signature on it. it says you agreed to those terms, and it was published at <date/time>”.
obviously, DocuSign solves this problem of attestation, by custodianing the documents and putting meaningful reputation on the line in order to remain trustworthy. OTOH, it’s not unheard of to see for-profit companies cash out their reputation (e.g. big brands which sell the brand/logo to cheap manufacturers once the company stops innovating). attestations on a large blockchain (like Bitcoin or Ethereum) augment that reputational cost with a financial cost: even if Docusign decided to cash out their reputation, it would cost billions of dollars to reverse the attestation: a significant barrier.
so it depends on how much you — or the parties you deal with (ex: courts) — trust Docusign. it’s not inconceivable to me that at least a handful of customers might say “i don’t completely trust that any document middleman will not lie about my counterparty’s attestation down the road. but i do trust that blockchain B is secure enough to prevent reversals, so this blockchain-based document signing service might be a better product for me.”
So how big is such a market of potential customers that don’t trust Docusign to not tamper with the attestation? I’d hypothesize the potential customer segment is very small.
Big companies that need Docusign have incentive enough to get it right and typically have rigorous standards to making decisions like this. If lack of trust were an issue with customers, Docusign will have solved that issue already. Trust is not likely an issue for customers.
For choosing a Docusign over a Hellosign, price at scale however is an issue. If blockchain solved the cost at scale issue then you’d be on to something but I don’t think it does. Other tech solutions like S3 or R2 probably have a more material impact on a real customer problem like cost at scale than blockchain could hope to. Though I’d guess the cost Docusign and others charge has little to do with underlying data storage or infrastructure costs.
This is sort of my point. This market probably exists, and it's almost certainly too small at the moment for Docusign/Hellosign/etc to consider going after. Which means any nimble startup that wants to can claim that market without much competition. That forms your core set of users, who are sticky to your service, and from whom you can fund development into adjacent markets (e.g. any attestations which are currently secured only by reputation. there's a fair amount of that in the auto industry, in housing/property, and in supply chain management, at the least).
I'm not saying that of all the business opportunities around, this is the best one. But it is a business opportunity, in an environment where most other investment opportunities are heavily oversubscribed.
> I always go back to, who’s going to invest in actually building the new blockchain solution and for what reason?
This was the original line I was responding to. Have we settled it? VCs would be one group to invest, and for the reason that there's an underserved market that no one else appears interested in serving and with the possibility to expand from there. Apparently, neighbor poster has actually already invested in this. So that seems pretty cut and dried to me.
In my opinion, some rando startup deciding to do it (no offense to @knurled99); or a hypothetical rando VC deciding to back it still doesn’t make it a real threat to the sector.
It’s real if it changes the game and takes meaningful market share - not just a proof of concept or boutique outfit catering to the blockchain echo chamber.
This type of blockchain hype is the original point of my comment, implementations of blockchain for X absolutely exist and there’s plenty of examples. That was never in question. My point was to turn and run because the motive for using blockchain is hype or bullshit like many AI/ML, big data, no code/low code outfits tend to be. Sell you on new tech everyone seems infatuated with but don’t understand.
To the original point of debate…
> Someone is going to roll a decentralized ID system on blockchain and tank this whole sector...
There are a whole lot of things that could disrupt the document signing industry but blockchain on its own isn’t the thing. Again, who and for what reason matter a lot more than whether they use blockchain or traditional cryptographic hashing and S3.
Private keys can be compromised, just like a hypothetical DocuSign user’s e-mail account. A blockchain attestation just proves the terms were agreed to by someone with access to a particular private key, not who that person is or whether they had the legal right to do so.
One is privacy - you don’t actually have to share the document being signed with our application; we never store it and never have access to it. This is because what is actually signed and stored in the blockchain is a hash based on your document. So if there’s anything sensitive in a doc that you’re signing, there’s no risk of a hacker getting into our app and leaking that to the world.
Another advantage is that it gives you a publicly accessible way of proving that a digital file existed in a given state on a given day and time - anyone with the document can later go back and validate that the copy they have is the one that existed on that date and time. The value add of the blockchain is that this information is publicly available on a distributed network that uses encryption and requires agreement among the nodes in the network, so it is functionally impossible to go back and tamper with it later.
Couple other advantages, but they aren’t necessarily differentiated by virtue of the app being on blockchain - one is speed and ease of use, because there’s no uploading or recreating digital signatures. You just identify a document to sign, ensure both parties have possession of and wish to sign the same thing, and click to sign. The other is the ability to quickly and easily use our simple REST API to add this kind of e-signature and document verification capability into your own app. This is especially useful for anyone who’d like to memorialize some information in the blockchain but doesn’t want to deal with figuring out how to do that directly.
Edited to add the name of the app - Indestamp.com
I don’t think blockchain adds anything novel to the functionality you describe. The ability to get a cryptographic hash of a document has existed for a very long time. As have signature files that can be published publicly. As has archive.org. I don’t believe the blockchain adds anything here other than maybe longevity and I’m dubious of even that.
FYI - when I click ‘Get started’ nothing happens.
All valid points about hashes being nothing new, etc. We used blockchain because it was a means to accomplish what we feel is a better way of digitally signing documents. We think there’s value in signing docs on the blockchain and that there’s a need for an easy way to do so, largely among people who are doing other things within blockchain.
We are not claiming there’s no other way to skin that cat. I understand why you might run the other way if someone’s claiming their app is great because blockchain. But I also don’t think it’s true that any app that uses blockchain technology adds no value because you could’ve used another technology or simply because blockchain.
The main issue is actually not doing it properly, but figuring out a business model that makes that worth doing. It's a key issue with standardizing and decentralizing a lot of things and getting them done. Technically feasibility isn't the issue. But why would you invest in it? It takes effort and where's the profit if you let go of all the control points and let others freely copy the software or implement their own. There's no upside to dedicating your life to that. You see the same issues with federated chat systems; or identity systems; or payment systems. The incumbents have no incentive to fix these things as they make money from the status quo and for outsiders to first fix it and than make no money makes no sense. Occasionally somebody tries of course with varying degrees of success. But it seems hard to convince businesses to switch to relatively unknown OSS stuff.
And of course OSS and industry standards don't just magically happen. Somebody has to pay people to work on OSS. Or at least has to care enough to dedicate non trivial amounts of time and effort to get things going. Mostly this isn't even a technology problem. You actually need lawyers and other skills to do this properly. The tech is mostly pretty trivial. Lots of off the shelf OSS stuff you can repurpose for this. I'm sure that's what Docusign did probably. I bet most of their expenses are sales, legal, and marketing rather than tech.
I have to admit, over the past two years I've run into two pieces of professional software that made me think, dang, this thing actually works and is a material improvement on the old state of affairs. One was Fusion 360 and one was DocuSign. (I say this as a casual user of both relevant categories of software.)
I don't know if this makes it worth $50B, but they have a happy customer in me.
tl dr; Typed signatures are legal in a digital form if the form states this is a signature block. There is no need for a third party such as docusign.
Further verification standards have been adopted, but not required, to identify typed signatures. The most common is the leading "//". So my legal signature would look like this:
//William Hagan