Secure signing in TOTAL with eSign FAQ

This document answers the most frequently asked questions about signing securely with eSign within TOTAL.

Document 6031  ¦  Last updated:  08/23/2017 RR2


Question:

Why do you have to verify my identity before I can securely sign a document?

Answer:

One of the challenges to conducting business over the internet is ensuring that the person on the other end of the transaction is who they say they are.  TOTAL offers a unique way to verify the signer’s identity before they can sign a document.  Running through this verification process is the only way to back up, with credentials and security, exactly who signed the document.


Question:

What happens during the identity verification process?

Answer:

To verify a signer’s identity, their basic contact information (name, address, etc.) is sent via a secure, encrypted connection to Equifax.  Equifax then responds with a series of between three and eight multiple‑choice questions involving current or previous mortgages, car loans, addresses and phone numbers.  Since these questions are based on information most people don’t carry around with them in their wallet, it’s very difficult to compromise.  To enhance security, only three unsuccessful attempts are allowed before the system is locked out for 48 hours on the third bad attempt.


Question:

When verifying my identity, it's asking for my Social Security number.  Why is this required, and what are you doing with my personal info?

Answer:

This information will be used to search for your credit bureau file, using Equifax as the courier.  It does a "soft hit" on your credit, which means it does NOT affect your credit score in any way, and is only used to query for a series of questions.  This process is conducted via an encrypted connection.  In addition, your social security number will not be retained, and is only used during this verification process.

a la mode never sees any of this information, and our program is only being used as a "window" to display the questions Equifax sends based on your credit.  We don't record any of the questions or answers, and are essentially standing to the side while Equifax verifies you.  When Equifax tells TOTAL that it has verified you, our program picks back up on the process — without having ever seen your info — to let you finish setting up your signature.


Question:

I don't want to provide my SSN to eSign or TOTAL.  Is there another way to verify my identity?

Answer:

Yes.  You can manually verify your identity by submitting a signed and notarized affidavit to us which we can submit to Equifax to have them confirm your identity.  This process can take up to 7 days to complete.

If you wish to manually verify your identity, download the form linked below. It needs to be filled out, notarized and faxed back to us at 1‑866‑213‑7129.  The first page includes directions for both you and the notary who will be verifying your identity.

  eSign Offline Authentication Form


Question:

I don't recognize any of the questions I'm being asked about my credit report.  Why could this be?

Answer:

The most common reasons for failing on these questions:

  • You've moved houses a lot, causing your credit reporting to be spread out, which makes it hard for Equifax to provide you with good, clear questions.
  • Your information is very similar to someone else's credit information.
  • Your identity may not be found in Equifax's reporting system.

Question:

I tried three times to verify my identity, but it failed and locked me out.  What can I do?

Answer:

Too many wrong or "None of the above" answers will cause Equifax to have you try again with new questions, which you can only do 2 times within a 48 hour window.  If you reach your limit of 3 attempts during this time period, Equifax will lock you out from making any further queries to your credit bureau report.

If Equifax locks you out, it will do so for exactly 48 hours after the point the lockout occurred, and you will not be able to attempt to automatically verify your identity during this time.  a la mode has no control over speeding this up at all, as the identity verification is controlled entirely by Equifax to protect your privacy.  You can, however, manually verify your identity, but that process can take up to 7 business days to complete, so it is usually quicker to wait for the automatic method to be unlocked again.


Question:

Why does TOTAL prompt me for my a la mode login information every time I sign?  Can that info be remembered?

Answer:

It does this for security reasons, to ensure that it’s you at your machine.  It isn't saved because anyone could use your PC to sign reports in your name, even when you aren't present.  It will, however, store your login info for 15 minutes, or until the report is closed, whichever comes first.


Question:

Can I still securely sign a document if I don't have an internet connection?

Answer:

No.  TOTAL needs to verify your a la mode username and password before a document can be signed.


Question:

When I attempt to sign a document securely, it states that the address has changed.  What does this mean?

Answer:

This report has been signed before, and when it was originally signed, the report's address was "scrubbed" and sent to our servers (along with other salient data points of the report, which are used to verify that the report has not been modified after it was signed).  If the report is unsigned and then signed again, we compare the address in the report to the last scrubbed address.  If the address has changed, you will receive the following prompt.

"This report’s current address is not the same as the address used when it was originally signed.  Is this a completely different report, or is it the same report and you simply changed the address?"

It displays the old address and the new address in the message box, so that you have an idea of the history of this report.

If you select "Different Report", then the original signed copy of the report (under the old address) is left alone, and this signature is treated as a new report, with the signature history reset.  If you select "Same Report", then we record this as another signature event on the same report, and make a note of the new current address.

This is done to prevent cloning of old reports (which would carry over any history of signatures) and also to keep the various copies of the report that may exist from conflicting with each other.


Question:

When I attempt to sign a document securely, it states that there is a more recent version of the document.  What does this mean?

Answer:

Most likely, more than one version of that report has been signed by someone else in your office.  Prior to allowing someone to sign a report, we look up that report on our servers to see if there has been any signing activity on that report that may not be in the current version.

For example, Appraiser A signs a report and e‑mails it to Supervisor B for approval.  After Appraiser A e‑mails the file and before Supervisor B signs, Appraiser A un-signs the report, makes a change and then re-signs.  At this point, that means that the version that Supervisor B has in his mailbox is no longer the most current version of that report, and we're letting them know about it when he attempts to sign by presenting the following prompt:

A more recent signed version of this report exists.  Click ’OK‘ to invalidate the previous report and make this version the most current, or click ’Cancel‘ and obtain the most recent signed version displayed below.

Signer name: Appraiser A
Signed Date: 01/01/2010
TOTAL User: Appraiser A

This prevents conflicts where Supervisor B signs what is no longer the best version of that report, and alerts him that he should check back with Appraiser A to get the report that was modified after it was sent to him.  It's a good way to stop Supervisor B before he/she signs the wrong version, if Appraiser A hasn't yet notified them.


Question:

Why can't I verify a PDF created with "Print to PDF"?

Answer:

PDFs created this way do not necessarily reflect the contents of your report when it was signed, and are not sent to our verification servers.  We recommend that you only use "Print to PDF" to create invoices or other supplemental documents.

To send a verifiable PDF, use the PDF that's saved to your Workfile when your report is signed. 


Related Links