Acrobat digital signatures – what use are they?
Locklizard DRM & Digital Signature usage
Often companies purchase digital certificates from a Certificate Authority (CA) as part of their overall approach to making the information (PDF documents) they publish more secure.
However, when purchasing a certificate it is important to understand what functionality is being provided, since it may not fit with other parts of your solution going forwards.
A digital signature is only ever used to allow a recipient to verify the authenticity of the information they have received. This authenticity may be of two types:
- information that has been received has not been altered in any way
- the person digitally signing the information can be positively identified.
It does not prevent copying the file, extracting information from the file or editing and re-presenting the information in an unsigned form.
Further, the verification process for digital signatures may not always check the status of the current status of the signature owner (when the user is offline, for instance) and so the accuracy of the check may not be as complete as expected.
The Locklizard PDF security system does not need to make use of digital signatures because they are a complex and expensive overhead that does not achieve as much as our own controls.
All information processed by Locklizard systems is encrypted, so any attempt to alter any protected documents will fail because they will not decrypt correctly. This is also used to prevent those who have not been licensed from being able to use (read, print) the protected information. So it is not possible for a third party to either alter your information or pass the original on to other people.
Locklizard verify the existence, legal address and status of all organizations that purchase from us, and control the allocation of the publisher accounts so that they are always correctly associated with the legal entities that have actually purchased them. This gives end customers a greater sense of confidence that the publishers they are dealing with are genuine, rather than using the digital signature scheme which is not understood at all by the majority of computer users. In our experience pirates are not willing to expose their fiscal identities or attempt to pass themselves off as a similar identity as a third party where they have to pay a large cash sum. They would rather create a false web site or attempt to divert customers to purchase a fake product than part with actual money.
So the level of actual security we offer both you and your customers is better than that being offered by digital signature providers, as well as being more accurate and more useful in the longer term.