The success of any company depends primarily on the team leading the project. In Signaturit’s case, our CTO, veteran programmer and system administrator Javier Martínez is nothing short of passionate about technology and an expert to boot. For over 10 years, he has worked for several companies in the role, honing his abilities to manage teams and implement technical strategies in perfect alignment with the business’ objectives.
In 2013 he joined Signaturit along with Juan Zamora (CEO) and Salvador Severich (CMO), both of whom he met at Incubio, a leading business accelerator in Barcelona. We have had a chance to speak to Javier and ask him about his work as co-founder and CTO of Signaturit, as well as how the company’s software allows thousands of entities in over 40 countries to enjoy the safest, most intuitive electronic signature solution on the market today. Read this post to find out more.
This post is also available in Spanish.
INTRO: Interview with Javier Martinez, co-founder and CTO of Signaturit
1. What does the CTO of a tech company actually do?
Javier Martínez: A CTO is one of the most important figures in any business, and even more so in a software-based company like Signaturit.
A CTO’s day-to-day responsibilities range from planning the product roadmap to “evangelizing” the platform - that is, making a point of announcing the platform’s new features that could go unnoticed even by our own team. Every two weeks we have an internal Sales Product Update to announce all new developments and give the sales team the information they need to keep both our current customers and future ones in the loop.
However, if I had to pinpoint a CTO’s primary goal, it would be to develop and improve a tech strategy that best serves the company’s business needs.
2. What are the daily changes you face as CTO?
J.M.: Knowing how to evenly distribute my time between my various responsibilities and daily tasks, both technical and managerial, given that I also have a number of duties as Signaturit co-founder.
In any business, time is the most valuable asset and you have to know how to prioritize tasks that are crucial for the proper functioning and scalability of the company.
Javier’s interest in the world of software began when he and his 3 older brothers (all computer fanatics) discovered the Amiga 500; at 6 years old he spent his afternoons playing sports games by Topo Soft and at 10 he learned to code using Visual Basic. With this under his belt, choosing a future profession in tech came naturally.
3. In your opinion, what are the main differences between a CTO (Chief Technology Officer) and a CIO (Chief Information Officer)?
J.M.: Both positions have a lot in common, to the extent that in small businesses it is rare to see both since their functions often overlap.
However, in my experience, a CIO’s role is more focused on managing and resolving operational issues as well as improving internal processes.
On the other hand, a CTO is more outward-looking, dealing with strategy and improving products for customers. It’s a role with a lot more external accountability.
4. Let's talk about agile methodologies for software development. What particular method does Signaturit follow?
J.M.: In the IT department our workflow is based on an agile software development methodology called Scrum. The goal of any agile methodology is to develop the software product in very short cycles or “sprints” and at Signaturit, each sprint lasts 2 weeks. At the start of each sprint we determine a number of product development tasks that must be completed by the end of the fortnight.
At the end of a sprint, customers test the new developments and give us feedback so that in subsequent cycles we can make effective improvements. If a feature is not 100% developed it is crucial for us to get user feedback as quickly as possible to ensure further tweaks directly address customer needs. Every sprint sees us fine tuning each new feature, thereby significantly increasing the value of our platform.
Several Signaturit developers in front of the scrum board before a sprint meeting.
Team communication is crucial for the Scrum’s success. Short meetings lasting no more than 10 minutes are held daily with the entire team, giving everyone a chance to voice any problems that prevent them from carrying out their tasks for that particular sprint, as well as enabling everyone to share the tasks they’re working on.
In addition to these daily meetings, the team also meets on a Monday at the beginning of each fortnightly sprint to discuss the tasks that will be prioritized in the sprint. And the last day of each cycle, we also met to discuss how the sprint has gone and see what can be improved next time.
About Signaturit's product
5. How do you decide upon a product’s new features, and how do you choose one or the other for a particular sprint?
J.M.: As a software company, we define our work over a 12-month period based on our business strategy and any identifiable market needs: this is what we call a product roadmap. Obviously, as time passes and progress is made, the roadmap is adjusted based on customer feedback once a new feature is introduced.
As I mentioned, prioritizing tasks is very important because timing is everything. Our priorities are any tasks that increase our product’s value, either through visible improvements (such as new features) or invisible improvements (increased platform speed, increased security, improved user experience, etc).
6. To improve the efficiency of internal work procedures and/or the number of signatures requested per month, many companies decide to integrate Signaturit into their systems via API. Could you briefly explain the steps needed to integrate Signaturit?
J.M.: These days an increasing number of companies are opting for APIs to enhance and strengthen their systems, so from the outset we were clear that our system would be designed to be used outside our own user interface, or in other words, integrated into third party systems.
To make this process easier we launched a parallel environment to the one we were using for production called Sandbox. Both environments are located in the cloud, but Sandbox can be easily accessed by external developers, who have to register for a free API KEY to subsequently integrate electronic signatures into their own systems.
A support team has been set up to deal with any questions and queries that might arise during the integration process, and once completed, external developers can access our production environment by simply registering for a new API production account and updating their API KEY.
Right now, Signaturit can be integrated into major software such as Salesforce, as well as more modest projects developed using Drupal and Wordpress. To facilitate the process we have published a complete guide to integration available here and created SDKs for the following programming languages: PHP, Ruby, Java, Python, Swift and NodeJS.
7. A common concern among companies integrating Signaturit via API is knowing how long the process will take before they can start using the tool actively. Can you put a timer on it?
J.M.: A company can start using Signaturit as soon as an integration in Sandbox joins our main production environment. The integration process of a solution like ours is not complicated, as our API is simple and designed for launch to occur as quickly as possible.
Of course, everything depends on the degree of integration required and the complexity of a company’s system. How high the integration process is placed on a company’s list of priorities is another mitigating factor. So far, statistics show that on average the integration time using our API is around 3 weeks.
Pau, one of Signaturit’s back-end developers.
Security and privacy
8. One of Signaturit’s standout features is that it offers top-level security to the great volumes of data flowing through its platform, and given that each day thousands of documents containing personal data are sent to be signed, it’s one of the features that most inspires consumer confidence. Can you tell us more about Signaturit’s security levels? Is it safe to use in cases of extreme confidentiality?
J.M.: The caliber of our technology is equal to that of key industry players such as Amazon Web Services, Google Cloud Engine and Microsoft Azure. From Amazon we have obtained the highest level of security certificates that guarantees the safety of service we provide to our customers.
Our cloud infrastructure is also provided by Amazon. For legal reasons it’s located in Europe and configured with Auto Scaling. This may seem a more expensive way of doing things, but it’s justified when you consider the level of reassurance you get from data centers that have the highest safety certifications in the entire sector. In addition, cloud solutions offer much more versatility and security: if a data center is destroyed, you can immediately redirect traffic to another center located hundreds or thousands of miles away without compromising your platform. In-house solutions can only go so far because they simply can’t compete with Amazon or Google’s data centers (DPCs).
9. The electronic signature you offer is advanced, in other words, it is uniquely bound to the signatory and allows unequivocal identification. However, some customers may require “extra” levels of security. What can Signaturit offer here?
J.M.: Our customers’ security and peace of mind is critical. While we fully trust the security measures offered by advanced electronic signatures (through capturing biometric data to uniquely identify the signer and having absolute legal legitimacy backed by the European legislation) we have added a series of features to reinforce the tool’s security levels when our customers request it.
To give just a few examples: when sending a document to sign, we can include an additional layer of security by having a random generated password sent to the signer via SMS, so that the signer is only able to sign the document once he/she has entered the password to access the platform.
Another option is requiring the signer to be identified by photo or voice. Both security measures can be ordered from Signaturit’s platform and can be integrated into the same signing process in a natural and intuitive way.
Finally, we have also included an option to capture information from an ID card, allowing the signer to proceed once the card’s validity is checked and approved.
All these options reinforce the probative value of our advanced electronic signature, which as I mentioned before, captures biometric data during the signing process, and whose definition and specifications are covered by EU Regulation 910/2014 (known as “eIDAS”).
10. When a signature is made using Signaturit, it generates an audit trail containing information relating to the signer, such as his/her geolocation, IP address, the device from which the signature was made, etc. This information is also verified through a Time Stamp Authority. Could you explain what time-stamping is and how it works?
J.M.: A time stamp is a virtual mechanism to verify that a set of data existed at a given time, and that none of the data has been altered since.
At Signaturit, to ensure that data in our audit trail has not been modified upon the completion of the signature, we use a timestamp provided by a certified authority, which is recognized by the government as well as by private companies such as Adobe, Apple, Mozilla or Microsoft. Thus we endorse the integrity of our audit trail, which includes the signatory’s email, the name of the document sent to sign and the time and location where the signing took place.
Signaturit’s interface is designed to allow signatures to be made easily and intuitively. During the signing process, biometric data is collected as part of the audit trail. Signaturit’s signatures have full legal validity, regardless of the device from which they are made.
11. Aside from your CTO duties, what other responsibilities do you have as Signaturit’s co-founder?
J.M.: Juan, Salvador and I meet every week to discuss any topic related to the strategic direction the company is taking, review all work in progress and identify possible improvements. As CTO and co-founder, I must be aware at all times of what is technically feasible within the company strategy and keep the other co-founders abreast of any potential developments.
Besides that, it’s my job to “evangelize” the use of the platform as I mentioned earlier. The speed at which improvements are taking place is really high, so I have to ensure all departments are aware of any changes, especially since some of them may be less visible to people outside the technical team working on them.
J.M.: Keep improving the whole system at the same rate we’re currently working at, while maintaining reliability and robustness. This is definitely the biggest challenge we face for the remainder of the year.
Luckily, Signaturit has a team of unparalleled professionals who give their all every single day and always bring added value to the table. Our success would simply not be possible without them.
:::: END ::::
Thank you very much Javier! :)
If you have any questions regarding any aspect of Signaturit or would like to have more information about any of the issues raised in this interview, do not hesitate to email us to firstname.lastname@example.org or call us to 93 551 14 80.
This post is also available in Spanish.