Digital signatures are practically impossible to forge since they authenticate the signers and are embedded in the final document via PKI technology.
In this article, you will learn about the three methods for verifying digital signatures and checking whether a document is valid or not.
How to check the validity of a digital signature
To create a valid digital signature, you need to use a valid digital certificate.
To facilitate the verification of the signature, the best digital signature providers store the proof of validation as part of the signature itself. Therefore, the final PDF holds evidence that the digital certificate was valid at the time of signing and that the digital signature is valid.
In case of a dispute, the signed document can prove the authenticity of the signature.
Below are three methods you can use to validate digitally signed documents.
1. Verifying digital signatures via a PDF reader
When you open the document with a PDF reader, you can see several elements attesting that it is untampered and authentic (if that’s the case).
The first thing you see is the seal of the document. In Adobe Reader, the seal appears as a blue bar at the top.
For documents signed via Penneo, the seal is issued by Intesi Group, an EU Qualified Trust Service Provider certified under eIDAS standards.
The seal guarantees the probative value of the document. If the document is not valid, the bar will show the following text: “Certification by Penneo A/S is invalid”.
You can click on the paperclip icon in the left tab if you want to view the digital signatures in xml format and the timestamps for each signature.
Here, you can also access the audit trail where all the steps of the signing process are recorded. The audit trail is in a human-readable format so that it can be used as evidence in court. It shows the time and IP associated with each activity, from opening and viewing the document to signing it.
If you click on the signature icon in the left tab or the Signature Panel button, you get additional details on the validity of the document and the signatures.
You can also click on Certificate Details to read information about the digital certificates included in the document.
Although all these cryptographic elements are embedded within the PDF, they can look different in other PDF readers.
2. Verifying digital signatures via Penneo’s Validator
You can also use the Penneo Validator to check the validity of digital signatures created via Penneo. Just access the validation platform and upload the signed document by clicking on Choose document to check.
You will then see the validation results. Review the results and compare them with your document.
You can also validate a signer’s identity by entering their social security number in the Check signer identity field and clicking Check. If the SSN you typed matches with the SSN of the signer, the box will turn green; if it doesn’t match, it will turn pink.
3. Verifying digital signatures via the EU’s Commission Validation Platform
Upload the PDF in the EU Validator and click Submit.
Below is an example of a Simple report, but you can click on the button Detailed Report to read more information about the document’s validity.
How long is a digital signature valid?
Digital signatures can’t expire. What can expire are the digital certificates used to create digital signatures. Therefore, to create a valid digital signature, you need to use a valid digital certificate.
The encryption process that stores the proof of validation inside the PDF is called Long Term Validation (LTV).
Thanks to LTV, documents signed digitally via Penneo Sign are valid long after signing. Hence, you can validate the documents at any time in the future.
Request a free trial today of Penneo today!