There are many different companies that tell you that they can help you sell PDFs online securely. But is that really the case? Here we review common security methods used and their value.
PDF password protection is one of the commonest and cheapest methods of securing PDF files. PDF documents are encrypted with a password to prevent unauthorized access, and PDF restrictions can be applied to control some document use (e.g. preventing printing).
However, it is completely useless as a form of document protection because:
- Users can share the document password with others and post it online along with the document
- Passwords can be removed by password recovery applications
- Adobe permissions (these control how a document can be used – i.e. allow or deny printing) can be easily removed in seconds by free online password removal tools
And of course, there is the problem of creating, distributing and managing passwords to begin with.
Secure download systems rely on generating a unique download link for each user when they purchase your documents online. They often combine this with a password protected file, and the user is given the download link and password after purchase.
However once the user has downloaded the file and has the password to open it, they can then share these with others.
So although secure downloads and passwords may stop users arbitrarily downloading documents they have not paid for from your site, they do nothing to prevent someone who has paid for a document then giving it to others for nothing.
A good document DRM system uses multiple security technologies to prevent copying, sharing, printing and piracy of your documents. These include:
- Document encryption to prevent unauthorized access
- Public key technology rather than passwords
- SSL for secure key transfer to authorized devices
- Licensing controls to identify users and devices
- The ability to transfer licenses between devices – see ebook DRM & license transfer
- Proprietary security techniques to control operating system behaviour – i.e. to stop screen grabbing applications from operating effectively
- Dedicated secure viewer applications to control document access and use
See our DRM technology to better understand how these components make up an effective document security system.
Some document DRM systems rely on plug-ins to Adobe Acrobat but these bring with them their own problems, including compatibility issues, security issues (plugins can be circumvented by other plugins) and failure to continue working after Acrobat updates.