Sarah runs a mid-sized property management firm in Manchester. Last month, she sent a tenancy agreement through her e-signature platform to what she thought was the incoming tenant. The document came back signed within hours. Keys were handed over. First month's rent arrived.
Three weeks later, the real tenant called — confused about why someone else was living in the flat she had paid a deposit for. The signature on the agreement? It belonged to a fraudster who had intercepted the email chain and impersonated the tenant from day one.
Sarah's platform captured the signature just fine. It even logged the IP address. But it never actually verified who was on the other side of the screen.
This story is not rare anymore. It is getting frighteningly common.
The Problem Nobody Talked About Until It Was Too Late
For years, e-signature adoption focused on convenience. Upload a PDF, drop a signature field, hit send. The promise was beautiful: close deals faster, eliminate printing, stop chasing paper. And it worked — the global digital signature market exploded, and businesses of every size moved their signing workflows online.
But convenience came with a blind spot the size of a truck: most e-signature platforms do not verify who is actually signing.
They verify the email address. They capture the timestamp and IP. They might even ask for a one-time code sent to that same email. But none of that answers the question that matters most: is the person clicking Sign the same person named on the document?
The numbers are not subtle. Digital document forgery rose 244% year-over-year according to Entrust's 2025 Identity Fraud Report. Digital forgeries now represent over 57% of all document fraud — they have overtaken physical counterfeits. Deepfake-powered identity attacks are involved in one out of every five biometric fraud attempts, and deepfaked selfie incidents climbed 58% in 2025 alone.
These are not theoretical threats. They are the reality every business sending contracts, agreements, and legally binding documents faces today.
What Identity Verification Actually Means in an eSignature Context
Let's be clear about what we are talking about here. Identity verification in e-signatures means the platform confirms the signer is genuinely who they claim to be before the signature is applied — not after a dispute lands on your desk.
This is not the same as a basic email link. A signing link sent to an email address proves nothing about the person who clicked it. At minimum, proper ID verification should include:
- Government-issued ID validation — passport, driving licence, or national ID checked for authenticity
- Facial biometric matching — a live selfie compared against the photo on the ID document
- Liveness detection — confirming the selfie is a real person, not a photo of a photo or a deepfake injection
- Name-to-document matching — verifying the name on the ID matches the signer name on the agreement
When all four checks pass, you are not guessing who signed. You know.
How DocSignerHub's ID Verification Works
DocSignerHub built its ID verification layer to answer one question: can you prove, in court if necessary, that the person who signed your document is the person named on it?
Here is how it works in practice.
Step 1: You Enable Verification on the Envelope
When preparing a document for signature, you toggle identity verification on for the signers who need it — typically for high-value contracts, tenancy agreements, loan documents, or any scenario where a fraudulent signature would cost you more than inconvenience.
Step 2: The Signer Gets a Secure Verification Link
Instead of landing directly on the signature page, the recipient is first directed to a secure identity verification flow. They upload a photo of their government-issued ID and take a live selfie.
Step 3: Automated Checks Run in Seconds
DocSignerHub runs the ID through authenticity checks — looking for tampering, inconsistencies, expired documents, and mismatched data. The live selfie is compared against the ID photo using facial matching. Liveness detection confirms the person is physically present, not a recorded video or a deepfake injection.
Step 4: Verified Signers Proceed; Flagged Attempts Stop
If verification passes, the signer moves straight to the document to sign. If it fails — or if the name does not match the signer field — the envelope locks and the sender is notified immediately. No signature is applied. No legal ambiguity. No crossed fingers.
Step 5: The Verification Becomes Part of the Audit Trail
Every verification attempt — pass or fail — is logged in DocSignerHub's HMAC hash-chained audit trail. This means if a signed contract is ever challenged, you are not just presenting a timestamp and IP address. You are presenting biometric evidence tied to a verified government ID.
When Should You Use ID Verification?
You do not need ID verification for every document. An internal team memo or a non-disclosure agreement between trusted partners? Probably overkill. But here are scenarios where skipping it is a genuine business risk:
- Tenancy and property agreements — the Sarah scenario above is real and repeats across the property sector
- Loan and financing contracts — lenders need to know the borrower exists and is who they claim to be
- High-value freelance and consulting agreements — when the contract value is significant, verifying the client protects both sides
- Remote employee onboarding — verifying a new hire's identity before they access internal systems
- Cross-border transactions — when you will never meet the signer in person, ID verification is the only practical trust anchor
- Regulated industries — legal, financial services, insurance, and healthcare often require it for compliance
What Happens Without ID Verification
Without verification, a signed document tells you three things: someone received the email, someone clicked the link, and someone typed or drew a signature. That is it.
If the document is challenged, you are left arguing that an email address and an IP address constitute proof of identity. Courts are increasingly sceptical of this — especially as AI-generated identities and deepfake tools become accessible to anyone with a laptop. The burden of proof shifts to you. And proving a negative — that the person who signed was not an imposter — is an extremely expensive position to be in.
The Bottom Line
ID verification is not a luxury feature for paranoid legal teams. It is becoming baseline infrastructure for any business that sends documents with financial, legal, or personal consequences.
The fraud numbers are climbing. The tools to forge documents and impersonate signers are getting cheaper and better. If your e-signature platform treats identity as an afterthought, you are not protecting your agreements — you are just digitising handshakes with strangers.
DocSignerHub's ID verification ensures that when a document comes back signed, you do not have to wonder who actually signed it. You already know.
Start sending verifiably signed documents today — create your free DocSignerHub account.
Start for free today
Close deals 3× faster with DocSignerHub
Join 10,000+ businesses who automate their document workflows. No credit card required.
✓ 14-day free trial · ✓ No card required · ✓ Cancel anytime
You might also like
Signed Contract in Dispute? Here Is How Audit Trails Protect You
When a signed contract is challenged, your audit trail is the only thing standing between you and a costly dispute. Learn how DocSignerHub automatically captures irrefutable proof for every signature.
Your Brand, Not Ours: Why White-Label Signing Wins You Clients
Stop sending clients to someone else's branded portal. DocSignerHub white-label e-signatures put your logo, colours, and domain on every document — no platform branding, no silent referrals.
You're Signing Contracts You Haven't Read — Here's How AI Fixes That
Stop signing contracts you haven't read. DocSignerHub's AI Clause Summariser flags risky clauses in plain English — payment traps, auto-renewals, non-competes — before you sign.