Paper less, the right way.

Nov 14, 2021 Stopping-bad-practices Best-practices
Share on:

Go paperless!

You have probably had every business you interact with ask you to go paperless. The reasons are sound. Reduce waste from the printing and mailing. It can also declutter the house as you don’t have to file a small stack of paper each month. The problem is that it isn’t going paperless so much as it is shifting the burden of work from them to you.

Old way

In the old tree killing days, we would all get monthly statements from the companies that we did business with. They would format all of the information into one or more sheets of paper, put it in an envelope and mail it to us. We would open the letter read through the information and deal with it appropriately.

As lawyers got more involved there were more and more sheets of legal words that rarely changed and really generated a lot of waste. Some of our bills were 3 pages of information and 4 pages of never changing legal doc. Looking at it, that was a lot of waste in paper. When batches of them are mailed it would also waste large amounts of fuel to deliver the extra weight.

The “paperless” way

Then companies got comfortable having us get the same information online. The total energy used to get and see a document online is probably less than the energy to print the same document. From an environmental perspective it is a major win win. It also helps the company reduce costs and you the customer reduce clutter (unless you print out your paperless documents like some people do).

The problem is that none of them are paperless versions of what we used to have. Not even close. Now the customer has to remember to go look and download the document if they want to keep a copy (you should). We, the customers are now responsible for all the work.

What went wrong?

A true version of paperless would be if the company emailed me the electronic version of the document. It would show up in my inbox the same way it would show up in my mailbox out front of the house. I could file it with a few clicks of the mouse, much like how I would file it in the cabinet. I would have a copy and a timely reminder of the transaction.

Doesn’t that sound pleasant? No more having to remember to go to each website, login, find the statement and download it. Writing that out doesn’t sound as hard as it actually is. I know it isn’t that hard, but I don’t want to do it for 10 companies every month. I’m the customer damn it, the companies should be doing the paperless equivalent of what they do with paper.

Where this all went wrong is the lawyers got involved. They decreed that email wasn’t secure. Documents can’t be sent to the user as an unintended 3rd party might receive them. At the same time cyber steps in and says that an attacker could send malicious code to the user and make it look like the company. Fear, Uncertainty and Doubt (FUD) got in the way of a smooth transition from paper to electronic transactions.

Let’s break each of these down some more.

Email security

To this day many industries still fax over emailing as they view email as insecure. The engineer in me knows that this is an absurd view of security. Faxes can be intercepted by anyone that can listen into the phone line. That could be you local carrier, their local carrier, the exchanges between them or someone that has tapped the line anywhere in between. The secure fax options that do exist are actually apps on mobile devices and computers that emulate a fax.

Mail isn’t a lot better. Most envelopes can be opened with techniques that are centuries old. The letters also sit in your mailbox, which for most people isn’t locked. Sure security envelopes can be used, but they rarely are outside of pins and passwords. Assuming paper mail is secure is flawed.

Email by comparison requires an authenticated login between the sender and the server, and the client and the server. Those connections should be encrypted with strong encryption for any legitimate server software out today. The sending server will encrypt the connection between itself and the receiving server. The only 2 possible observers are the servers you already trust with your email, which is probably how you also recover you password to any of the bank websites.

To top it off, email can be secured in ways that neither a fax or paper can. It can be encrypted. PGP has been around for 30 years. X.509 has been in wide use inside government and companies for 20 years. The biggest hurdle has been in which to support, but there have been options for years. Each of these also verifies the sender before the user opens the message, so the cyber threat is nullified.

Unfortunately, email encryption isn’t an easy button for most people. Most of the implementations have flaws that make them harder to work with than they should be. If I’m ok with using a harder system, why can’t my bank be?

There are some halfway solutions that we can look at. The statement could be emailed in an encrypted Zip file or a password protected PDF. While the original versions of security for each was laughable, the modern versions have bullet proof versions that use AES. Either one would be more secure than any paper option available.

Alternate delivery options

I wouldn’t mind if the bank just asked for a shared directory they could drop the statements in. I set it up once and grant them permission. They would just drop the file in there when they are ready. Google, Office 365 or Dropbox could message us when there are new files in the folder and we can go handle them with a few mouse clicks. This is also more like the traditional paper bill in that it is a reminder and doesn’t require that I go and log into each place one by one.

Hybrids exist also. A single sheet of paper can encode 100s of pages of text on one side. That is more than enough to send to me everything on a single sheet that is folded shut in the regular mail. I could then use my phone to scan it into my digital holdings with just a few clicks. The content could be encrypted and be more secure than mail or fax ever was while reducing the environmental impact. Going this route means we failed to use a sensible electronic option, but it is oddly better than the 2 options we have today.

Going paper!

I must be driving companies nuts. I go paperless and then after a while I go back to paper. Trust me, I don’t want to go back to paper. Deliver the electronic version to me like you do the paper ones and I will jump on it. I’ll even pay a small premium for it as it makes my life better.

You may be asking why I go back to paper. There were cases where the company deleted every statement after 6 or 12 months. If I missed one I can’t get it back. With paper I know it’s in my house.

Also, when you close your account with many companies you loose access to the electronic versions. Pay off a loan and the minute its paid off you may not have access anymore. You can never get that final statement that says you paid things off, because it was placed in your account that was just closed. Think I’m making this up? It happened to us and we had to call the bank and hound them for a copy. Something that would never have happened with the paper version.

So listen up companies. If you want to have more people go paperless, make it a paperless equivalent of the paper version. If you want it secure, offer a secure option like PGP or encrypted Zip files. Want to knock it out of the park? Offer multiple options. You don’t treat your products as one size fits all, why do you think the same thing works with bills and statements?