I'd rather see some definitive information under the Pricing section. I'm tired of getting "invested" in web apps that are free, and then having them pivot dramatically or go under. This is less of an issue for small things, but anything that I'm going to incorporate into my business workflow needs to have at least some semblance of a business plan apparent.
Looks neat, I'll be happy to try it out when you're ready to take my money :)
Strangely, as a submission here (not by me), it got killed yesterday. I looked it over when it came up, and when I went to join my vote to the dozen or so it had gathered, it was dead ...
I haven't looked into HelloSign or its pricing model, but I'll say that, so far, HelloFax seems to have handled its sort of "freemium" features and promotions, and its pricing model fairly well. (Without my having access to any of their financials or management, but having used the product and observed its continued existence and some news about same, over the past year and a bit).
They seem to be good at getting you on board and then upselling you based upon your actual needs and use, rather than coercive arm twisting.
I'm more concerned about installing any plugin and giving it access to my Gmail account. Buchheit's participation is a coup, in that regard, for me and I suspect for some others aware of his role in Gmail's original development, at least.
And that same crowd seems to form part of the original core of their paying business. (Again, this is a fairly uninformed observation, on my part.)
Not that you necessarily said otherwise, but just wanted to mention that I could definitely see this being used by individuals as well. I have used a similar service (echosign) in the past to sign apartment leases, etc. This seems like it may be targeting that crowd as well with "smart phone integration" and other features.
How long does something need to be provider for for free before you trust that it'll stay that way? This is an attitude we're trying to overcome with our model.
How long does something need to be provider for for free before you trust that it'll stay that way?
My personal answer: never. Google has killed free apps that had had lots of users for years. If Google can't guarantee that a free app will stay free and available, nobody can.
I understand this argument, and I adhere to it somewhat, but I still use gmail. It's just so much more usable (to me) than any other webmail service I've used.
Yes, I am taking on a potentially bad burn of Google ever axes gmail or cuts some important features (it's happened to me with Hotmail before), but I'm willing to take that risk because of the gmail feature set.
At some point, Hotmail decided to delete sent/received email older than some arbitrary amount. An important personal conversation to me was deleted.
This tells me that your real product is not free. You are selling a product, technology for making custom diagramming applications, that happens to have an offshoot that you can make freely available without compromising your core business model, and making it freely available has a better cost-benefit for you than trying to sell it as a cheap app, or for that matter not releasing it at all (releasing it gives you positive PR if nothing else). (Btw, is there a similar business model and explanation for hellosign? I assume there is. If not, the link you gave is not really relevant to this discussion.)
None of the above is communicated when you say "it's free!" on your front page with no other explanation, or when you ask "how long does it need to be provided for free before you trust that it will stay that way?". The critical factor is not how long you've been providing it for free; it's that the free "product" is not really the product, it's just a side effect of your real product.
If you really want to change people's attitudes about the issues involved here, find a catchy word that differentiates your business model from "free".
"Btw, is there a similar business model and explanation for hellosign? I assume there is. If not, the link you gave is not really relevant to this discussion."
Threads in topics often vary in subject. My posting would not be suitable as a reply to the OP, following from the top of this thread, I would say my replies are perfectly reasonable relative to the parent post.
I may have misunderstood your original post; I thought you were one of the developers of hellosign, who also happened to have a previous product that was marketed similarly. Looking at hellosign's About page and comparing it with the page you linked to, that does not appear to be the case.
I still think an answer to my question about hellosign's business model would be of interest for this thread, but obviously if you're not involved with hellosign you can't give that answer. Sorry for the misunderstanding on my part.
For that case, giving an idea on how the money is gonna be made (advertisement or other) would give more trust. People wouldn't wonder "for how long" if it comes from Google or a big company as it is a trusted company and it has big chances to last.
It's not about the duration of "Free", it's about the emergence of a recognizable business model, and also about the general complexity of the product and how frequently I would use it and come to rely on it.
Another issue is that we all know that nothing is "free", and as the saying goes "if you're not paying for it, YOU are the product". I don't like the idea of business documents with my signature somehow ending up in an ad-based business model.
B2B sales models and tactics are (IME) very different than B2C. On the plus side, B2B is more likely to be receptive to a paid-for product, and the down side it can be somewhat more difficult to get the viral exposure you get from a B2C product since not as many people are likely to be interested in it, or able to decide for themselves if they can use your product.
A freemium model works good here. Have pricing set upfront and clearly defined. Let me test the product with no risk for some period of time and then convert to a paying customer (or not).
Until you use it for something important (like a business). Then it becomes a liability. In those cases free is often worse than nothing, since you are actively depending on it.
Had you not chose the free offering, you may have chosen something else or built it yourself.
Why, why, WHY does no one even question the idea of graphic signatures to begin with?
This thing where we scan a piece of paper or paste in a little image has always smacked of forgery to me anyway? All I need is one image of your signature, and I can sign for you anywhere I want. It's like when they hand out rubber stamps for secretaries to use.
It's like somewhere along the line, wherever you see hand-written signatures still employed as a means of confirmation/verification, no one explained to the witless bureaucrats that accept them, that there may as well be an image of a spider cartoon.
Wasn't the whole idea of hand-written signatures supposed to be a pattern where it's difficult to readily forge the distinctive handwriting style of a fluid fancy cursive-script signature? When you paste in an image, it's a cookie-cutter perfect match every time. Where's the authenticity?
Hand-written signatures have no place in digital documents as a secure means of authenticity. Why are they used at all?
In general, they should be replaced by digital/cryptographic mechanisms, but in most cases the underlying concepts are to hard for people to explain or understand.
When people use scanned signatures, it's like we're still stuck in the 1800's where if you were illiterate, placing your "X" on the dotted line was good enough for a binding contract.
Am I the only one who sees things this way? Am I alone here?
Signatures aren't a way to authenticate yourself securely. They're just a more definite version of a checkbox that says "I agree". They're not supposed to be secure, they are and always have been easy to forge. When was the last time someone checked the signature on your credit card?
The only protection signatures offer is by law - it is forbidden to sign as someone else.
These scanned/digital signatures are nothing new. People have been signing documents and faxing them (in effect copying them) since faxes exist. That's basically the same: nobody can tell if you just pasted a copy of a signature on the document before you faxed it, or if you really did sign it.
In Estonia, the digital ID card enables people to digitally sign documents. There's a law that says these digital signatures are as valid as a handwritten signature, and must be accepted as such. It has become very popular [0]. To me it is a very smart idea to train your citizens to use digital signatures which are both more reliable and easier to verify.
No, you are not alone.
I've worked for banks and financial firms (in Italy) and I've always seen image signatures only used for sort-of-personally-signed communications (i.e. a letter from the CEO stating that we're changing conditions) but not for "real" contract signing.
On other side, AFAIK, in our law simple plain text email (neither PEC nor s/mime signed email) and faxes are considered legal methods of communication and I cant really understand why (it is so easy to create fake email or faxes)
I used to receive renewal confirmation and acceptance of price increases for five figure licence agreements between big, traditional companies by plaintext email saying "I accept". It was treated as legally binding (though we did want bona fide signatures for the initial agreement)
Some universally accepted unique private key is probably the way forward here...
This is almost like granting power of attorney to anyone who hacks your Gmail account, making the threshold for controlling your whole existence your Gmail password (or even your Gmail session if you stay logged in and don't 100% physically secure your computer every time you walk away from it). The video shows no extra authentication step when the signing occurs, which is particularly egregious.
a) If it's legally binding like a real signature then I can't do it because it's far too risky
b) If it's not legally binding like a real signature then it's useless
The litmus test is what happens when a dispute arises in court over one of these signatures. If the defense "Somebody accessed my computer while it was logged in and fraudulently signed" is accepted then this thing is blown out of the water. No longer can the hand writing expert come in and testify whether it is in fact your writing. No longer will the fact that the signature is 100% identical to another document that you signed in the past be evidence that the signature was copied. All of the security features of "real" signatures are gone.
I am totally baffled that copy/pasting an image can be considered legally binding in 2013. Digital signatures with x.509 certificates have existed for ages now and these are rightfully legally binding anywhere in Europe.
Please have a look at European laws about digital signature!
I thought this was awesome until I read your comment, now I am thinking it again. You are correct in saying this eases forgery.
We should definitely rethink the whole thing. In a sense a signature is nothing other than authentication. I would be comfortable authenticating through my mobile phone and have that be the signature.
I've been using the sign feature in Preview on Mac for a while now and love it. I no longer use a printer. Nice to see someone remove the download, save, and attach step.
Every time I use Preview, I can't help but feel like the entire idea of a signature is archaic and strange. In effect, I'm forging my own signature with Preview, and nobody cares. While I'm at it, I wish I could not only "sign" the document, but sign it in e-blood and maybe add a skeuomorphic graphic that seals the email in paraffin wax with a old english stamp of my initials.
Or maybe someone can figure out how to get us beyond signatures.
What's really strange is, AFAIK, typing your name in an electronic document is just as legally binding as inserting an image of your handwritten signature, yet many companies won't accept this, and insist instead on an image of my handwritten signature.
> What's really strange is, AFAIK, typing your name in an electronic document is just as legally binding as inserting an image of your handwritten signature, [...]
Interesting factoid. In many states, the important thing about signatures is the intent of the signatory. Did they intend for said mark, whatever it may be, to be their signature?? If yes, then it is just that.
So, for example, you could just write or type a letter "x" and you would be fine.
If you're interested in what modern day philosophers think of signatures (spoiler: they also think they are strange) check out Limited, Inc. by Jacques Derrida.
Just to point out that when you send a PDF document signed with Preview, I can open that document, extract your signature, and paste it in any other PDF that I want to. For me, this makes it too dangerous to use.
A small respectful note: As a consumer, if I didn't know about Paul's financial connection to HelloSign, I'd have liked to seen it disclosed in connection with his prominent endorsement.
I hope this comment isn't taken as an attack on HelloSign or Paul; Paul is known as particularly ethical (thanks in part to his suggesting Google's motto), and I'm sure he really believes what he says in the quote, and this does indeed look nifty. All the more reason to have a little footnote somewhere: So no one can blow this up by claiming anything is being hidden.
I didn't know. And now I do, and that quote seems incredibly scummy. You guys should really fix that. Or remove it entirely and go with another quote if you don't think you can make it work with that knowledge.
Thanks for the comment. Paul Buchheit is an investor, so he got an early view of the plugin. We were especially interested in his feedback, since he created Gmail.
As a company, we have made a conscious decision not to disclose our funding. But, for the purposes of transparency, we'd like to make clear that he's an investor.
> As a company, we have made a conscious decision not to disclose our funding. But, for the purposes of transparency, we'd like to make clear that he's an investor.
I think the situation requires it. If you want to keep your investors secret you can remove the quote, otherwise you can just add that Paul Buchheit is an investor. You don't even have to change the markup. There is plenty of room to change it to "Paul Buchheit, founder of Gmail and investor in HelloSign".
I actually didn't realize (or mean to imply) Paul was a direct investor. I just knew you guys were YC and knew Paul was a general partner in YC, so there was a real but indirect and not huge financial connection. Obviously the case for disclosure is stronger knowing that Paul is more directly invested (and it's good you're disclosing it).
On the flipside, having Paul as an investor might actually be something worth bragging about -- you could be pretty bold with your disclosure if you phrase it right.
Signing with digital certs is an awesome idea but the technical infrastructure to make it work is pretty heavyweight -- it's more work for the first agreement than printing something out, signing it, scanning it back in. It's great once you have huge volumes of documents shared among the same people, but a very large up-front cost. For a lot of uses, someone is signing a single document to get signed up on your service, which is exactly when you don't want to add friction.
The other benefit of the "fake handwritten signature" systems is they are a drop-in replacement for scanned forms in lots of workflows, and have legal standing (thank you fax machine).
I'm already a heavy user of hellofax/hellosign but this falls into the "Fucking Awesome" category of new things for me. This is just WAY better than having to download and drag and drop into hellofax then email from there which I honestly already thought was pretty easy.
My only wish now is that you guys would come out with an API where I could incorporate hellosign into some of my applications that require two parties to enter into an agreement.
EDIT: Oh and congrats on the google acquisition because I'm sure its coming
If I had to take a guess, a UX expert is not part of the core team and someone was probably contracted for the design.
The idea/product/execution are 90% AWESOME, but then the little UX neglects things like what's mentioned above + dull text (looks inactive) when you're writing in an active form field on sign-up, and a default dropdown of industry that you can't scroll down the bottom too in that same (3 field) sign-up form.
Take Igor's comments into account, and then hire a decent UX expert/consultant for 1-2 weeks (40-80 hours) and you've got a VERY viable product.
I read the intro paragraph. I would like to see what does it look like. I don't want to watch a video. I don't want to install it either. Just wanna get a glimpse of the UI.
None of the links looks like it could lead to some kind of preview.
YES! I always found it tedious to download from email and reupload. Awesome work guys. Keep it coming.
One feature we're missing is the ability to have ordering to the multi-party signatures. For example, we'd like to have our sales guys fill out the contract, send it to me for a signature, and then send it out to the other party for a signature.
HelloFax is one of my favorite products -- takes something I hate but still need rarely (fax) and makes it painless. I also love Earth Class Mail for doing the same thing to receiving postal mail.
I have used the other signers so far (as a customer of comcast, etc.), and was looking at setting up service with them for my company (to let people sign various contracts), but it was super complex (still worth it vs. nothing). Seriously looking at HelloSign.
This is exciting and headed in the right direction. I am definitely going to use this and provide a feedback. One of the things I am pressing on in 2013 is going paperless as much as possible.
I really liked their product video. Does anybody know how can we create such product videos? hire agency or something? can it be done in cheap and effective way?
This is really cool - it was one of my most common use cases for using HelloFax.
With that said, I still use Preview now to do all of my signatures - I find it really easy to just fill out forms and sign with Preview. If I'm not on my machine, though, and need to fill something out, this is great.
This project reminded me how handwritten signatures are stupid and yet we still use them in 2013. Looks great but probably if you sign something, that document is important and if this project is backing up docs at its own storage, then I must fully trust their privacy policy.
Amazed how many people are loving this. Its cool for sure but its a feature to me, not a company. If it does want to become a company, that's possible, but digital signing software has been around for a while.
Hits a great pain point, but i hope there is a bigger vision.
If it gains traction, I don't think it would surprise anyone if HelloSign were acquired by Google and incorporated directly into Gmail -- perhaps as part of the paid version.
Is Paul Buchheit a "founder" of Gmail? Founder seems to imply starting a company, and Gmail was created inside of Google. Seems like "creator of Gmail" would be more correct.
This is brilliant! Now why didn't I think of that :)
Small comment: It's probably just me but when you said "sign documents in GMail" I thought you meant you were doing some sort of email encryption/editing the email signature. Then I thought "ok this is just another random plugin for GMail". I had to watch the video and then i went "OOHHH!!".
Is there an official, recognized standard that this is based on? My understanding is that anything you deem as you signature, i.e., any type of symbol, is, by effect, your signature.
I appreciate HelloSign's efforts, but it seems this is simply a market generating effort akin to things like home security systems. Even the process of motorization is a hold-over from a dying age. All the metadata of documents already create a signature that can be used for authentication. I am quite sure that HelloSign probably even uses some of those signatures for their validation process.
It just kind of seems skeuomorphist. Do they support other images than squiggly lines of a varying unique manner to represent ourselves? I would like to design a logo or other image to use instead of a stone age process. Take East Asian signature seals....far cooler than squiggly lines in my opinion.
This looks lovely! In the context of my job, though, collaboration features would make HelloSign absolutely killer. I often deal with documents that 2+ people need to sign. Currently use RightSignature for this, which is an elegant solution - but I'd welcome the opportunity to cut out a couple steps :)
I am working on a competitor to RightSigniture called signremotely.com. There is nothing on the website yet. Still looking for people who have to work with a lot of signatures like you. What kind of steps are getting in the way, would love to hear your ideas bryon@SignRemotely.com
Graphical 'signatures' cannot be legally binding as they are trivial to forge.
I also don't understand this retrograde step. I will repeat it. It is trivial to COPY and FORGE a graphical signature!
And from a cloud provider??
What about S/MIME and PGP? These are cryptographically strong, essentially unforgable signatures that capture time and can ONLY be signed by the party that holds the private key. That is what i would want from a 'signing' provider.
I used to love the FireGPG plugin for firefox to "do this on gmail from firefox", however the javascript model in firefox meant that this plugin needed to be discontinued. (It could lead to private key disclosure).
Also S/MIME and PGP are open, free, standards that totally make 'graphical' signatures ancient exploitable technology.
I worked for a company with the most complete, secure and law-reliable e-sign solution. And this kind of startups offer, well, nothing more than a straight "signature" solution. They don't offer any more than that. That signature has more o less 'Level 0' of evidence information in case you want to go a dispute.
The signature method is more or less like the current signatures you will use in USA, because you don't have an eID like us, europeans, wich allows us to sign documents with higher levels of law conformity, security and evidence.
Put it like this: anyone can make this, anyone. Unless you go with stronger methods, profiting eIDs, and certificates, you're just doing an useless signature solution.
> you're just doing an useless signature solution.
I'd have to disagree; The authors are clearly filling a need by simplifying a process that a large amount of people (many of whom are here in this thread, it seems) do on a regular basis. Is the process itself horribly flawed? Of course. But people still have to do it this way, so we may as well automate it.
I'm ok with that: filling the gap by simplifying _one_ type of progress. But it is not, clearly, the solution to the problem: do a esignature easy, automated (if such) and secure.
I think where this could save more time is if you thought about ways salespeople could close sales easier, since they require signatures so frequently.
If this product is just for me (i.e. the person who installs this extension) then it's only going to save me time. How often does the average Google Apps user need to sign something? And how often does a salesperson require a signature from somebody using Google Apps?
Just was thinking about where the real pain/problem exists here. And by that, I mean that it's important to consider where does the problem occur the most and have the most impact.
I initially thought this was a way to sign documents by recording a video of you doing a distinctive hand gesture. I immediately did the "finger guns with a wink" move at my computer screen to simulate what this would be like. I was sorely disappointed. Seriously though if anyone is looking for startup ideas, gesture recognition has reached the point where this may well be possible. Alas, maybe one day.
Feedback:
1) Uploaded signature via smartphone option, which is great! But cropping was very difficult. Can you make that window bigger? It was like.. 100x100
2) The bounding box for the select tool may have been imprecise -- my scan for my initials had lots of whitespace above it.
3) At one point I tried to do a rotate, and it failed, bringing me back to the screen to re-email my signature. But the Next button was gone
However, installation did not work for me. I presume that you are under a heavy load, put I'll throw this info here in any case if it's any help for you guys. On the first try, installing proceeded to GMail verification and threw an error after that (Error page on HelloSign.com). On the second try, it got stuck after GMail verification and I finally got No Data Received (Error 324 ...)
Trying this out. If it works as advertised, I'll be very happy.
By the way, maybe someone from hellofax can help me: I'm unclear on your international support. Can I get a local number for Israel for people to fax me to? I would love to switch to HelloFax instead of my current online-fax provider, but I'm not sure if this would work.
Small annoyance: the site only seems to work with a screen width > 1200px.
Maybe there are no Mac users in the company (I'd be surprised), but on OSX the standard is not to browse in full-screen mode, but with a window little wider than 980px, the most common site width. This has been happening a lot lately and seriously bugs me.
Great, congrats. The startup instructions are a bit weird. I think you should just get asked your signature if you don't have one and then ask you to install the extension. (I saw no link to ask to install the extension on the website. I'll recheck later on or search on the chrome extension website)
Sound awesome but unfortunately it seems to not work if you don't use the US-English version of Gmail + even after I changed that I received the following message after hitting the "sign" link: "error: HelloSign couldn't parse your attachment."
Any plans on adding cryptographically signed PDF support? While this is nicely convenient I'd rather cryptographically sign stuff in Acrobat than just stick an image of my signature on it.
I just used this web app and was blown away. Amazing job and no, I am not an investor, adviser, employee of this company. Just a guy who loves smart and beautifully engineered products.
Looks awesome. but signing Excel files is broken. It generates PDF file but extension is still Xls, so Excel won't open it after signing. hopefully you are aware of this bug :) good luck
The product looks great, and I wish you guys luck. But: the header image looks partially loaded. It's quite jarring. And the site kinda feels like Subtlepatterns.com Roulette.
I use PDFPen instead to sign PDFs by dragging and dropping a signature into the .pdf and saving it. For sending contracts out I use RightSignature which saves a ton of time.
It fails with message "HelloSign couldn't parse your attachment." when I try to sign a document which has non-latin characters in its file name (like German umlauts üäö).
Since signing is now just an image, not sure how much value signing really should have.
Anybody can sign for you once they got one documented signed from you.
Really cool. But why do I get an email to "verify my email address" when you use Gmail's authentication APIs to link to my Gmail account in the first place?
Just received a second email an hour later, this time for hellofax. What part of "installing a plugin" makes it OK to email me?
I can't believe anyone supports a company that spams so aggressively.
Are all the near-identical sounding overly positive comments in this thread all astroturf? Surely a bunch of programmers and networking people can't be that excited about being able to sign documents online. In fact, this reeks of astroturfing.
Some worldwide community already invented a stable and maintained, production-compatible, free and open source cryptographic digital signature, with public-key infrastructure & certificate authority ? GPG/PGP & Web of trust concepts are so 2000-and-late! Let's SSAS all that open stuff & fuck the market with another new (temporary) "free" app.
I agree! Long ago it was possible to determine whenever a signature was genuine, but these sort of "digital signatures" don't provide any level of security, verification or anything alike. Even signing using an e-id and card-reader would be a better way to sign a document really.
Basically it pastes an image of your signature into a PDF (or other document). So from the point of view of forgeries it is obviously absolutely not secure, because anybody who receives a signed document from you can then themselves use your signature to sign a document in such a way.
However, according to the homepage, it is legally binding, which is what you usually want for business transactions. Compare this to the similiar situation with faxing: Faxed signatures are legally binding but pretty trivial to forge.
What is the Audit Trail?
To provide you with a transaction history, we track and timestamp various information from the moment the document is submitted for signature to when it is completely signed and secured, such as IP information and UserAgent information. We display some of this information as part of the Audit Trail that we affix to each executed Signature Request.
I guess that adds some additional legal protection in case there is some dispute in court (e.g, the court may believe you that you always sign via HelloSign and that HelloSign is sufficiently trustworthy to trust that absence of a audit trail means that it was not you who signed the document). It is probably still easy to forge things, after all, you yourself may also be signing documents without HelloSign sometimes, but I don't think that is much of a problem. It has never been all that hard to forge signatures, so in the end it comes down whether you can actually make a court believe that you signed the document or not.
I'd rather see some definitive information under the Pricing section. I'm tired of getting "invested" in web apps that are free, and then having them pivot dramatically or go under. This is less of an issue for small things, but anything that I'm going to incorporate into my business workflow needs to have at least some semblance of a business plan apparent.
Looks neat, I'll be happy to try it out when you're ready to take my money :)