SubscribeIt’s called Workflow Management. So why doesn’t it let the work flow?
As anyone working within an organisation knows, as soon as you have more than one person responsible for a process, you open up countless opportunities for error. Just getting individuals within the process to accept responsibility for their specific input is a laborious and time-consuming business.
No wonder actions are sometimes overlooked, done carelessly or - worse still - falsely authorised. So sales may be lost, deadlines missed, errors compounded and even clinical misjudgements committed.
All these dangers can now be entirely eliminated at the stroke of a pen. Or more literally, a stylus. By introducing KeCrypt Signature into the Workflow Process, individuals can check and authorise their specific responsibilities as a seamless, and irrefutable, action within the process.
Why Workflow doesn't mean the work flows
Workflow applications depend on the right person authorising the action or transaction. So how do these systems identify the right person?
Often the access rules to the computer network are used. In most cases this means relying on passwords and PINs - but these simply don't work for workflow solutions.
Take a Sales Program in which the sales person requires a supervisor's approval to give anything more than a limited discount.
The system only recognises the supervisor by their login. So to give an extra discount, the sales person logs out, the supervisor logs in, finds the record, sanctions the extra discount and logs out.
Now the sales person has to log in again, locate the sales transaction, incorporate the discount and complete the sale. This is not only time-consuming, but also open to errors because to relies upon human intervention to pick up the same record.
Here's another example, one that actually faces staff in the NHS. A nurse is logged on to the network dealing with a patient's record, but needs to have a form authorised by a doctor or pharmacist. The current NHS applications require an ID Smart Card to be read in order to authorise the form, and the application closes when the Smart Card is removed.
So a doctor will have to log on, authenticate themselves to the network and application, find the record, type in their password to authorise it - and then the original nurse will have to log on again in order to re-access the record. Such implementations of workflow give process improvement a bad name with users because they don't improve their work.
Paper v Digital
In some ways, life's easier with a paper-based process. Take an account payment that requires the signatures of two Directors to authorise it. That's a simple action on their part, once they've been found and provided there's no later dispute as to the genuineness of the signatures! And even then, there's still the problem of getting the paper document onto an electronic record system.
Building authorisation in to the Workflow
The ideal application has to be one in which a legitimate user, having signed in, can obtain authorisation by others for actions within the process without once interrupting the workflow. The problem then is how does the system recognise these individuals without having them log in to the network?
Well, clearly all the usual problems apply. Passwords and PINs can be obtained by simple 'shoulder surfing'. Easy enough to do in a busy working environment.
In any case, a MORI Poll found that 4 out of 5 computer users gave away their passwords when asked! Considering how easy it is for
Smart Cards and Tokens to be lost or stolen, they're obviously not the complete answer.
That leaves the use of biometrics. Now here, iris scans and voice recognition provide a great deal of security, but poor lighting, noisy working environments - even a bad cold or a heavy night out - make false positives inevitable. Fingerprints are another option, but they can be falsified by simply lifting a latent print, or sometimes by simply breathing on the scanner and re-activating a previous print!
Additionally, these biometrics may not be appropriate in all environments and are generally considered intrusive by many users.
Signing up to the signature
There's no doubt that a simple signature is the most familiar and authoritative way of signifying agreement and approval within the workflow process. It confirms intent and is integral to the legal process. Of course it's also regarded as being vulnerable to forgery.
If disaster results, how does someone prove that they weren't the person that authorised an action? Or, alternatively, how does an organisation prove that the authorising signature was in fact genuine?
KeCrypt Signature - the ultimate in authorisation
The solution is to incorporate KeCrypt's unique biometric signature verification system into the application. Unlike other signature recognition systems, KeCrypt Signature does not store a template or image for comparison. So nothing exists that can be copied, forged or falsely activated.
Instead, it identifies the unique characteristics of the way the signature is signed. Its acceleration, speed, pressure and time, and not the way it looks. This makes it virtually impossible to copy - or to refute!
All that's required is that everyone on the network who needs to authorise an action in the workflow process, initially establishes their signature with the KeCrypt module incorporated into the application. When their signature is required, they can either sign directly with a stylus onto a Form presented on a PC Tablet, or use a separate signature reader attached to the PC. They don't have to alter their network log-on process and the workflow application is uninterrupted.
At last everyone will be using a workflow management process that really does enable the work to flow.
Signed in absence
KeCrypt Signature is still superior even if the authorising individual is not physically present. Prompted by a phone call, they can access the network, locate the relevant part of the application and sign it off.
Unlike passwords, PINS or even Smart Cards, which could be fraudulent if not actually witnessed, an authorising KeCrypt Signature cannot be faked or disputed.
The ramifications of this are worth considering for a moment. It was clear from KeCrypt's Trial by the NHS that adding KeCrypt Signature into workflow authorisation would provide contemporaneous knowledge of who did what. This makes recall of an audit trail a reality rather than the impossibility it currently is.
Such an approach is vital to expose the murderous activities like that of Harold Shipman or Beverly Alit at a very early stage. Or even prevent them altogether. The electronic records of their activities would have been instantly retrievable and their actions undeniable. Instead, their paper records were buried within the sheer volume of paper data generated daily by the NHS with no means of recall.
KeCrypt on Trial
To prove the effectiveness of KeCrypt Signature, a trial was carried out in the pharmacy departments of a number of London hospitals. Within a pharmacy and prescribing environment a signature is used to authorise a wide range of activities.
Apart from demonstrating its effectiveness in workflow management, the trial confirmed that the KeCrypt biometric signature has a high level of accuracy and, most importantly, all attempts at forgery were rejected.
Equally important was the overwhelming degree of user acceptance. In a survey after the Trial, 94% of participants thought that signature biometrics were the easiest to use.
