SigniFlow lands on American shores

Featured

SigniFlow Globe croppedA new alliance between PBSA and a Brazilian-born IT enthusiast and security specialist has given rise to SigniFlow Americas.

The technology giants we have all come to know so well – to mention just a few, Google, Apple and Microsoft – would be nothing today if it were not for the formidable partnerships they were founded on. Larry Page and Sergey Brin, Steve Jobs and Steve Wozniak, Bill Gates and Paul Allen – all of these dynamic duos go to show that great things begin with great partnerships.

Which is why we are so excited to announce the recent alliance that has given rise to SigniFlow Americas, between PBSA and US-based Laila Robak, former Director of Partnerships at Digicert and Vice President of Latin America GlobalSign.

It is now official: South African-born digital signature and workflow solution, SigniFlow, has landed on American shores, to provide the Americas with an innovative, highly efficient and socially responsible product for business process automation.

A woman-owned small business based in New Hampshire in the United States, SigniFlow Americas is a member of the New Hampshire Tech Alliance – an affiliation committed to nurturing a vibrant technology ecosystem by building partnerships, enhancing knowledge, and shaping public policy.

The woman behind this exciting new digital signature solution is Laila Robak, a Brazil-born entrepreneur with a passion for information technology and the power it has to transform and improve lives.

“We are very excited about the launch of SigniFlow Americas, and with Laila at the helm, this business is destined for greatness. We are proud to welcome all our Americas customers and partners to the global SigniFlow family,” says Leon van der Merwe, Director of digital technologies – SigniFlow headquarters in Kyalami, Johannesburg.

Setting it apart from other solutions present in the market today, SigniFlow delivers enterprise-grade on-premise, private cloud and cloud solutions with a high level of integration, allowing companies to customise the solution to suit both their specific needs and their budgets. The leading-edge solution provides legally valid digital signatures (cryptographic e-signing) and accepts digital certificates from almost any e-identity provider, publicly trusted Certificate Authorities (CAs) and privately signed Public Key Infrastructures (PKIs).

Often bound by endless red tape, many processes in the Americas remain onerous and complex – particularly when it comes to contracts or documents that require approval and/or signatures. SigniFlow takes these processes, which can take anything from days to weeks to finalise, and transforms them into seamless digital processes that reach completion in just minutes.

Speaking of the power SigniFlow puts in business owners’ hands, Robak says, “SigniFlow is a solution that can revolutionise business processes. It has various APIs that give us flexibility to create and integrate with existing systems and platforms, allowing organisations to choose from a range of options, from cloud to local deployments and hosted environments, and to use a mix of digital and electronic signatures – all while guaranteeing the legal validity of documents.”

In addition to this, SigniFlow fulfils the social responsibility role that so many organisations today strive to fill, to the end of doing their bit for the environment – and society at large.

“The launch of SigniFlow Americas not only centres around innovation in the tech space to help companies become more effective, it also goes around environmental awareness. So it’s a win-win situation. We have the opportunity to make business people’s lives better and contribute to the ecosystem at the same time. Signiflow’s solution goes above and beyond,” says Robak.

Go paperless…go green

According to environmental facts and live statistics website The World Counts, 50% of business waste composed of paper.

And here are some related – and scary – facts:

  1. More than two pieces of paper are used per person on Earth every single hour. It is expected demand for paper will have doubled by 2030, from 2005.
  2. The average person in the USA, Japan, and Europe uses between 250 and 300 kilograms of paper every year. In India this figure is five kilograms, and in some countries it is less than one. If everyone on Earth used 200 kilograms of paper, there would be no trees left.
  3. It takes 10 litres of water to produce a single A4 sheet of paper. The pulp and paper industry is the single largest industrial consumer of water in Western countries.
  4. Producing one kilogram of paper requires two to three times its weight in trees. Paper can be recycled, yet 55% of the global paper supply comes from newly cut trees.
  5. Each ton of recycled paper can avoid the use of 17 trees; 1 440 litres of oil; 2.3 cubic meters of landfill space; 4 000 kilowatts of energy and 26 500 litres of water.

SigniFlow not only brings to the Americas the opportunity to expand horizons by automating internal and external business processes, it also assists companies in going green by helping them cut down on resources, costs and by-products of paper-intensive processes – including ink, printers and mailing procedures – ultimately increasing overall environmental awareness, decreasing carbon footprint and bettering companies’ return on investment.

The power it has to transform business and the world it runs in, says Robak, is what makes SigniFlow the most powerful business process automation tool on the market. Coupled with a formidable partnership, the sky is the limit.

“A strong business partnership can be summarised in two words: trust and collaboration. Trust speaks for itself and that is what I have with the amazing team at PBSA. Collaboration means aligning ideals, understanding and supporting each other’s growth and walking towards the same goal – in this case, improving people’s lives through technology and contributing to the environment,” concludes Robak.

To find out more about how we can assist you in your digitisation journey, click HERE

pbVerify bolsters risk management portfolio

Featured

pbVerify qv4b pic

SA’s number one data bureau has added a new TransUnion product to help companies eliminate risk when it comes to choosing who they do business with.

As South Africa’s number one data bureau, pbVerify is constantly striving to put the power of knowledge and sound decision making in the hands of local businesses.

To this end, we have bolstered our TransUnion Business Report with Quick Vet 4 Business (QV4B) – an instant online commercial credit vetting tool that will allow businesses to quickly and comprehensively make informed decisions with regard to the customers they onboard.

The new business score gives businesses an accurate overview in one quick view as to what the status of a potential business or customer is, without them having to go through the lengthy process of investigation and manual vetting. Via just one automated online process, businesses can now identify who the profitable and low-risk customers are, and move swiftly forward.

The latest addition forms part of pbVerify’s expansive range of credit risk management products, which come with a top-notch support system. Businesses can access all Credit Bureau products via one secure, efficient online platform.

“This new score is going to make the decision-making process a lot easier and quicker for our customers, and give them total peace of mind that they have made the right credit decision,” says System admin-support manager Sean Bennett.

Seeding success

Understanding and implementing risk management is absolutely crucial when it comes to the success of your business. In today’s volatile financial milieu, no company can afford to enter business deals with businesses that have questionable financial footing.

Unfortunately, too many honest businesses fall prey to dishonest or irresponsible parties that don’t fulfil their end of the business deal, whether it’s failure to repay a loan, defaulting on payments or being dishonest about credit histories, and this ends up hurting profits, productivity and reputation.

pbVerify takes the risk factor out of your business decisions with its risk management tools. And it couldn’t be easier to sign up. After registering for free, you will have instant access to detailed financial information, credit histories, public trace record information and more. There’s no monthly fee – you only pay per search.

pbVerify offers reports on individuals, companies, closed corporations, consumers and properties in South Africa.

For more information or to get in touch with one of our dedicated pbVerify support agents, go to www.pbverify.co.za.

 

pbVerify renews data protection promise

Featured

Blog picSA’s number one data bureau has renewed its status as an official credit bureau, reinforcing customers’ trust in our services.

We are living in the Information Age, and there is an intense air of nervousness and reluctance when it comes to the sharing of personal information. And rightly so – given the proliferation of data breaches and brazen data misuse by marketing companies across the globe.

As SA’s leading data bureau, pbVerify fully understands these concerns and continually takes decisive measures to address them, ensuring our customers’ data remains private and secure at all times.

To this end, pbVerify recently cemented its status as an official credit bureau in terms of Section 43 of the National Credit Amendment Act, 19 of 2014, serving as a stamp of surety and our promise to you, our customer, that your data is safe with us.

In a nutshell, a credit bureau is as company that holds information on credit-active individuals, and uses that data to advise businesses and consumers as to their credit risks associated with a given application or transaction, using complex algorithms.

pbVerify’s status as an official credit bureau, in line with the National Credit Act, validates the fact that we are a professional business, bound by and compliant with all local and international data policy and privacy policy regulation. It also verifies that we have a failsafe disaster recovery system, so both ourselves as a service provider, and our customers, can have total peace of mind when it comes to the protection of the valuable data we deal with.

You can rest assured, your data – including identity data – is secure with us and will stay with us. We will never trade customer information with another company, nor share it for marketing purposes.

pbVerify offers a range of Credit Risk Management and Credit Check products for businesses and consumers.

For more information on pbVerify’s suite of B2B and B2C products click HERE.

To view pbVerify’s NCR Credit Bureau certificate click here: NCRCB343 Certificate – Valid 2018-2019

What is a Credit Bureau?

To manage credit risk and for the sake of general financial health, it is vital that you have a grasp on your credit history. As a consumer, it is important that you understand your credit score and report, as well as the bodies that compile that information, i.e. credit bureaus.

The National Credit Regulator (NCR) describes a credit bureau as “A company that gathers information and updates each consumer’s credit history. A credit bureau creates a record of a consumer’s credit information indicating how the consumer manages his/her credit.

“The credit bureau supplies these records to credit providers, such as banks, retailers and other credit providing companies. The information indicates each consumer’s payment record. It is also used to detect fraud, corruption or theft.”

What rights do I have?

When it comes to the accessing of credit history by a credit provider, you have the right:

  1. To be informed that the credit provider intends to report negative information on you to a credit bureau before the credit provider actually reports you.
  2. To receive a copy of your credit record from a credit bureau when you request it.
  3. To challenge information kept by the credit bureau if you are unhappy with the information.
  4. For your information to be kept confidential, and for your information to be used only for purposes allowed by the National Credit Act.

Click HERE to learn more about credit bureaus and the National Credit Act.

 

REFERENCES 

  1. National Credit Regulator – National Credit Act pamphlet
  2. Fin24 – Five massive data breaches affecting South Africans
  3. Business Live – All your personal information is up for sale to debt counsellors for 55c

Introducing our new self-service support hub for API customers

Featured

API integrationpbVerify has created an API development portal with tools that could help save days in developing time.

In our ongoing quest to optimise business operations, fine-tune digital processes and, ultimately, make our customers’ lives easier, pbVerify has added a developer’s portal for our API customers.

An easy-to-use set of tools for developers, the API Development Portal offers a library of API integration documents and general information, as well as means to test each of the API services we offer.

The new API developer’s portal allows all pbVerify API clients with valid account credentials, to access our user-friendly Swagger interface for all RESTful  Web services.

The main function of the interface is to allow API customers to test the RESTful/JSON services they have access to, giving developers access to online documentation and an instant understanding of how to integrate, and to see the JSON responses and payloads they will get from each  Web service. Using pbVerify’s new Development Portal, customers can now:

  1. Test RESTfull/JSON services live with built-in testing tool per API call.
  2. Import all RESTful/JSON services into postman with pbVerify’s Swagger file.
  3. View all extended Web services documentation.
  4. View Terms and Conditions.
  5. Directly contact Development support.

The face of pbVerify’s  Service-oriented Architecture (SOA) program, the API Development Portal aims to provide a top-class developer experience for our Web services.

NOTE: API tools are currently only available for REST/JSON services. Certain pbVerify products, such as Consumer Credit Check and Bank Code Verification are still in our SOAP service. Documentation for these will need to be obtained from pbVerify’s support service.

Geospatial tech solves FICA, KYC challenges

Featured

geospatial image.PNGpbVerify’s ground-breaking KYC API transforms laborious manual processes into fast, effective and secure verification.

In our ongoing quest to build a digital future based on holistic online solutions to help our clients maximise operational efficiency, pbVerify has developed a Digital KYC API like no other.

Designed for institutions accountable to the Financial Intelligence Centre Act (FICA) – specifically its know your customer (KYC) requirements – our Digital KYC API (application programming interface) takes the pain out of the on-boarding process for both accountable institutions, and their customers.

pbVerify’s API transforms an onerous, time-consuming and expensive manual process into a convenient, fast-moving and inexpensive online one.

KYC hurdles

KYC, a risk-based assessment of customers (individuals and businesses), is an integral part of FICA which makes it incumbent on accountable institutions to carry out extensive due diligence on all financial services applicants.

This typically involves a list of documents, including minimum requirements such as proof of residence and proof of identification for individuals; and evidence of shareholding, director information and company history for businesses  (either originals, or sighted by an institution employee).

Steeped in red tape and paper documents, the manual KYC process has long been the bane of institutions and potential customers alike. Not only is it costly and time-consuming, it can be incredibly frustrating, given South Africans’ unique circumstances.

Moonstone, a Stellenbosch-based independent support network for financial service providers, cites residential transience and “an inefficient postal service” as aggravating factors in the KYC process.

API answer

Instead of spending unnecessary time and money trying to acquire the list of documents and physical verification required by FICA’s KYC rules, financial institutions can now – by running pbVerify’s Digital KYC API – get identification and residential verification directly from the HANIS (Home Affairs National Identification System) and SACRRA (South African Credit & Risk Reporting Association) databases, respectively, instantly and online.

Coupled with advanced algorithms, which were built to eliminate all the challenges South African address databases face, this makes pbVerify’s latest solution the most powerful one on the market.

In a nutshell, the KYC API works like this:

  1. Applicant requests an account with a registered credit provider.
  2. Applicant completes the credit provider’s online form, linked to the pbVerify KYC API.
  3. Applicant’s identification information (names and ID number) are instantly verified against the HANIS database.
  4. Applicant’s address (residential information) is verified against the SACRRA database, based on two parameters set by the credit provider, i.e. over what period – 3, 6, 12, 24 or 36 months; and how many address matches required, obtained from other credit providers.
  5. If the Digital KYC API returns the applicant’s address data as matching the database, as per credit provider’s criteria, the system automatically approves the KYC process.
  6. The system sends a response to the compliance department, indicating whether or not the consumer is FICA compliant.

API differentiator

What sets pbVerify’s KYC API apart from other digital KYC verification products on the market, is the advanced method is uses to not only effectively, but to irrefutably verify applicants’ information.

Our API uses geospatial technology, as well as multi-paradigm geodistance algorithms, to determine and compare address data between data received from applicants, and data on file from at least one hundred registered credit providers across South Africa.

Essentially, our technology loops through credit provider data to find similar address matches, within the said specified time parameter (3 to 36 months), within a few metres of the pinned geolocation of the applicant’s input.

One of the biggest challenges in South Africa when it comes to address verification by credit providers, is the fact that many citizens live in townships and townhouse setups, where the address does not conform to the standard street address format.

To overcome this challenge, pbVerify’s algorithm pinpoints the applicant’s address via geospatial location, strips all anomalies and/or conflicting information from the address, and finds other credit providers that have similar address details. Only if these are also within a few metres of the applicant’s original input, will the API accept the address and report the credit provider sources where it was found.

In other words, only if enough data exists to satisfy your unique KYC requirement-settings, will the API return positive results, together with the source of the data matches, e.g. Vodacom, Edgars, FNB Home Loans, etc.

Apart from the immediately evident advantages of replacing manual with digital – primarily time and cost savings – pbVerify’s Digital KYC API underpins POPI (Protection of Personal Information) Act compliance, it adds another dimension in terms of security, and it removes the probability of human error.

 

[REFERENCES]

  1. gov.za – Financial Intelligence Centre Act, 2001 (Act No. 38 OF 2001)
  2. Financial Intelligence Centre – The FIC Act
  3. Financial Intelligence Centre – Frequently asked questions
  4. Moonstone – KYC– Knowing your client or killing your client?
  5. FNB – KYC/FICA information portal
  6. Investec – KYC Requirements

 

SignFlow broadens horizons, rebrands as SigniFlow

Featured

SignFlow rebrandWe have spread our wings and taken to international shores…introducing our new, fresh look.

As a South African technology team with a spirit of innovation at the heart of our being, change and growth are two things we at SignFlow prize very highly.

Which is why we are so excited to announce that SignFlow has spread its wings, recently journeying beyond the African continent, into Europe, the United Kingdom and the Americas.

As an embodiment of this globalisation, we have decided to consolidate our local and international branding, which goes hand in hand with a fresh new look – including an awesome new website and epic new logo…

Introducing SigniFlow

The international offering of SignFlow (.co.za) is called SigniFlow (.com), which – as of May 2018 – is officially the successor to SignFlow.

While all old and existing marketing and training material and other content will still be branded as SignFlow – along with the old logo and look – it all remains 100% relevant.

SignFlow has been around for a few years, having made indelible footprints in cyber space, so the transition to SigniFlow is going to take some time. Our focus right now is on all of our branding going forward, so all new material and content will be branded SigniFlow.

What does this mean for you?

Well, to cite Coca-Cola, “Brand new look. Same great taste.”

SigniFlow, like SignFlow, is still the same world-class, local solution it has always been – just with a facelift. Think of it as a better looking version of the same great product.

SigniFlow is still Proudly South African. Nothing in terms of ownership of SignFlow has changed. SigniFlow – the new, fresh-faced SignFlow – is a 100% South African-owned product.

SigniFlow is also proudly protective of what matters most our customers: sensitive data. In terms of the storage of and access to your valuable files and data, fear not – this, too, remains unchanged. Your files are exactly where they were before, and still just as safe and secure as they have always been, in our South African data centres.

Finally, putting the cherry on top of this exciting transformation, the South African SigniFlow system is currently being revamped, and will be updated with the release of SigniFlow v4.0 during the third quarter of 2018.

Exciting times ahead, indeed. Onward and upward!

Please don’t hesitate to contact us with questions or for more information on 010 300 4899 or support@signflow.co.za.

Data protection D-day is here – SA companies take heed

Featured

gdrpGDPR is here, and for organisations that deal with any personal information relating to EU member states, non-compliance will be ruinous.

The countdown has ended. D-day for enforcement of the European Union’s (EU) General Data Protection Regulation (GDPR) is here.

As of today, 25 May 2018, penalties will begin rolling in for organisations that have not yet taken the necessary steps to ensure they are compliant with this restructured – and considerably more stringent – set of data protection regulations.

The GDPR is a regulation borne out of the European Parliament, Council of the European Union and European Commission’s joint intent to strengthen and unify data protection for EU citizens.

But just because the GDPR is an EU regulation, South African organisations are by no means off the hook. On the contrary, experts warn, local companies need to take the GDPR – positioned as one of the most significant changes in data privacy regulation in 20 years – very seriously.

The inescapable fact is, any South African company that handles personal data connected to the EU has to comply with the GDPR, and failure to do so will be met with the same major consequences EU organisations face for non-compliance.

Far-reaching forces

Over recent decades, not only has personal data has become an increasingly important corporate asset that needs to be handled with extreme care, it has also become geographically agnostic. This means that, today more than ever, with the exponential growth of data propagated across borders, organisations globally need to take a staunch and unified approach to guarding it.

South African organisations, big or small, are no different – and the GDPR is not the only government-led product of this hugely digital age, nor will it be the last, it is merely the latest one to be enforced.

Leilani Smit, compliance professional at Smit Compliance (Pty) Ltd, notes that the GDPR applies to any local organisation that holds or processes data on EU citizens, regardless of the location of its head office. “This includes companies that have employees in the EU, sell or market products or services in the EU, or partner with EU organisations.”

Leon van der Merwe, head of digital at customer communication firm PBSA and director of local digital signature and workflow solution SignFlow, adds that any South African entity controlling or processing data relating to EU citizens is affected by the GDPR. “Controlling refers to any organisation that states why and how data is processed, while a processor is any party doing the actual processing of the data, whether based in the EU, or not.”

World Wide Worx MD, Arthur Goldstuck, says the effects of the GDPR will be far-reaching due to the fact that the EU is SA’s biggest trade partner. “[On top of this], any company that does business with a company that has to comply with GDPR, will also have to comply, to ensure the client is in compliance.”

GDPR vs POPI

Fortunately for SA, details around the country’s own local version of data protection policy – the Protection of Personal Information (POPI) Act – have been highly publicised since 2013, and many companies will already be familiar – some even largely compliant – with what is expected of them in terms of data protection.

Summing up SA’s POPI Act, Michalson’s says: “Essentially, the purpose of [POPI] is to protect people from harm by protecting their personal information. To stop their money being stolen, to stop their identity being stolen, and generally to protect their privacy, which is a fundamental human right.”

Although – unlike the GDPR – it is still not known when POPI will come into effect, what is known is that companies will have a one-year transitional phase in which to comply once POPI’s implementation date is made public.

Smit says, should a local company already be compliant with international legislation such as GDPR, the implementation of policies to comply with POPI “should be a breeze and not require anything other than normal company practices and procedures”.

Van der Merwe says POPI and GDPR are similar in that both are intended to strengthen the protection of individuals’ personal information and privacy, and it is precisely this element – intention – that is key here, says Goldstuck.

The high price of non-compliance

Another area in which both sets of rules are similar, is in the hefty fines that come with non-compliance.

In a nutshell: breach rules laid out in the POPI Act, and face a R10 million fine and/or a jail sentence; fail to comply with the GDPR’s regulations, and be prepared to be slapped with a fine of up to €20 million (about R290 million) – or 4% of annual sales (whichever is greater).

Smit comments: “In South African terms, POPI already poses strict penalties for non-compliance, however as far as our Rand stretches, the GDPR’s penalties will definitely cause sleepless nights.”

Although possibly the biggest concern for companies, Smit notes that financial implications are not the only implications they should be worried about. “Not only can non-compliance result in fines and penalties set by the legislation itself, but [the] reputational damage of not processing information correctly, can often be more damaging that the initial penalty itself.”

It is this high price of non-compliance IT and legal experts hope will drive South African companies to do the right thing – not only for themselves, but ultimately for their customers – and fervently strive to meet GDPR compliance criteria.

Consumer-centric control

Van der Merwe says it is all about the consumer. “Both GDPR and POPI were ultimately created to protect the consumer’s privacy. We are all someone’s consumer, and even small businesses owners need to think carefully and logically about areas in their business where personal information is processed or stored, and what vulnerabilities may exist in their processes.

“For instance, we all receive CVs that contain heaps of personal and even sensitive information. Often, after a host of interviews, only the person’s CV that is employed, is securely transferred to a digital or physical vault in HR. What happens to the rest of the CVs that did not make it? It is the responsibility of any business to have policies and procedures to timeously and responsibly destroy such information. Simply identifying these vulnerabilities and implementing logical measures to manage them, is a good start for any size business.

“GDPR is a good thing that could be very bad news for companies, if they fail to provide evidentiary and auditable processes and adequate IT security to protect personal data.”

Goldstuck adds that it is not only important, but essential, that South African companies have a global view on data protection. “Something as simple as having a website hosted on an international platform can make a company liable to sanction under GDPR.”

Teaming up with tech

When it comes to local companies complying with the seemingly daunting and complicated GDPR in a relatively pain-free way, experts agree technology will be key. Software systems that offer automation, content management, enterprise resource planning and accounting, among others, will become a lifeline for many companies in their quest to comply.

Van der Merwe says existing paper-based processes and antiquated electronic systems that were created prior to factors such as the GDPR and POPI, pose major risks of contravening their laws and directives. “It is all about how businesses – and governments themselves – are going to align their physical and data processing practices with the new requirements and legislation. New regulations that enforce concepts such as the right to be forgotten pose major challenges if not considered in the process from the outset.”

Goldstuck says, while the data protection laws necessitate considerable changes in the ways businesses operate and interact with customers, good compliance systems will provide most of the safeguards they need.

“Businesses will have to get permission for almost every interaction with customers, they will have to become more discerning in what information they require from customers, and they will have to institute strict compliance systems to ensure they do not fall foul of these laws. As a result, compliance officers, CIOs and CTOs will have more direct roles to play in customer strategy.”

Don’t delay

Although not yet enforceable, the commencement date for POPI has been looming large on the horizon for some time now, with many expecting it by the end of 2018.

Despite this, say experts, many organisations are far from being ready. Goldstuck says: “Most large businesses have geared themselves up to comply with POPI, although many have not put this gearing up into effect. However, there is also an impression that many companies are simply not bothering until they are forced.”

Forrester’s 2018 predictions indicate that a whopping 80% of firms will not comply with GDPR regulations by May this year.

This has to change – and fast – says Smit. “Businesses can no longer just take a backseat and hope this will pass by or fly over.  Active steps will have to be taken in an organisation, for instance staff training, risk assessments and creating an ethical culture within an organisation, specifically with regards to processing personal information.”

 

 

[REFERENCES]

  1. EUR-Lex – Access to European Law
  2. org – Web learning resources for the EU General Data Protection Regulation
  3. Government Gazette (justice.gov.za) – Act No. 4 of 2013: Protection of Personal Information Act, 2013
  4. Michalson’s – POPI Act Summary in Plain Language
  5. Forrester – Predictions 2018: A Year of Reckoning