Digital Signatures ​

Digital signatures, as opposed to legal signatures, are a cryptographic means for providing data integrity services.

Each document processed via AlphaTrust® e-Sign, has a digital signature computed for it. This permits a document to later be verified, in order to demonstrate that the document has not been altered since the original digital signature was computed.

Embedded Digital Signatures ​

For PDF-formatted documents, AlphaTrust® e-Sign will optionally embed a trusted, standards-compliant digital signature within the PDF document.

Note: Embedded PDF digital signatures are automatically used by AlphaTrust-operated SaaS versions of AlphaTrust® e-Sign.

There are two types of embedded PDF digital signatures defined by the PDF standard: a standard digital signature, and a DocMDP digital signature. DocMDP stands for Document Modification Detection and Prevention. In the context of embedded PDF digital signatures for data integrity purposes, AlphaTrust refers to a standard digital signature as a "seal" and a DocMDP signature as a "certification". The user interface presented by Adobe products differs depending on the type used. The data integrity checking value is the same.

Enabling Embedded Digital Signatures (System Level) ​

Customers running their own instances of AlphaTrust® e-Sign can enable their systems to use such embedded PDF digital signatures, if desired. This requires the use of third-party services and hardware. Please contact AlphaTrust for more information.

Embedded Digital Signatures (Transaction Level) ​

The DocumentInsertModel defines a property called ServiceType. The possible values for ServiceType are: Sign, SignAndCertify, and SignAndSeal. If you do not specify a value for this property you will get the default behavior configured by the system. For AlphaTrust-operated SaaS systems, the default value is SignAndSeal. Out of the box the default value is Sign.

If you wish to use a different value, then specify it. However, on systems, such as AlphaTrust SaaS systems, that are configured for a default of SignAndSeal, specifying Sign will not override and remove the embedding of a PDF digital signature.

These embedded PDF digital signatures, including timestamps, comply with global standards including EU eIDAS, ETSI PAdES and ESRA standards, and are compliant with the Adobe Authorized Trust List program.

Verifying Document Integrity ​

Standard Digital Signatures ​

AlphaTrust® e-Sign securely stores these digital signatures within the software. You can verify document integrity later using an API function, or the Control Panel.

Embedded Digital Signatures ​

PDF documents with embedded digital signatures can be verified using PDF viewers such as Adobe Acrobat or Adobe Reader. These tools allow you to check the document’s validity without accessing the original creation system.