There are many different companies that tell you that they can help you sell PDFs online securely so that they cannot be shared, along with other electronic documents such as ebooks. But is that really the case? Here we review common security methods used and their value.
PDF password protection is one of the commonest and cheapest methods of securing PDF files. PDF documents are encrypted with a password to prevent unauthorized access, and PDF restrictions can be applied to control some document use (e.g. preventing printing).
However, it is completely useless as a form of document protection because:
- Users can share the document password with others and post it online along with the document
- You have to give the user the password for them to view the document so they can remove it instantly
- Passwords can be removed by password recovery applications
- Adobe permissions (these control how a document can be used – i.e. allow or deny printing) can be easily removed in seconds by free online password removal tools
And of course, there is the problem of creating, distributing and managing passwords to begin with.
Secure download systems rely on generating a unique download link for each user when they purchase your documents online. They often combine this with a password protected file, and the user is given the download link and password after purchase.
However once the user has downloaded the file and has the password to open it, they can then share these with others.
So although secure downloads and passwords may stop users arbitrarily downloading documents they have not paid for from your site, they do nothing to prevent someone who has paid for a document then giving it to others for nothing.
Dynamic Watermarks with user information
Some systems watermark PDF files with user information – this is added to the PDF document when it is purchased.
However, what you are not told is that these watermarks can be easily removed in a PDF editor. All the user has to do is to open the PDF file, select the watermark, and press the delete key.
A good PDF DRM or ebook DRM system uses multiple security technologies to prevent copying, sharing, printing and piracy of your documents. These include:
- Document encryption to prevent unauthorized access and lock use to machines
- Public key technology rather than passwords
- SSL for secure key transfer to authorized devices
- Licensing controls to identify users and devices
- Dynamic watermarks that are permanent and cannot be removed
- The ability to transfer licenses between devices – see ebook DRM & license transfer
- Proprietary security techniques to control operating system behaviour – i.e. to stop screen grabbing applications from operating effectively
- Full security and control over offline documents
- Dedicated secure viewer applications to control document access and use
See our DRM technology to better understand how these components make up an effective document security system.
Some document DRM systems rely on plug-ins to Adobe Acrobat but these bring with them their own problems, including compatibility issues, security issues (plugins can be circumvented by other plugins) and failure to continue working after Acrobat updates.