How does it work?

This is a too big topic to cover. Read more in the link list at the home page.

Pros:

  • Free of charge (if you do not use root certificates).
  • Projects have been around for a long time.
  • Many contributors and users.

Cons:

  • It's mainly focused on sending and encrypting email, rather than everyday document management in the companies.
  • It's complicated to install and to use for the common user. Multiple signatures with series of approvers and an audit trail are usually not supported.
  • Creating and publishing certificates is difficult (Web of trust, CA) and requires users to understand many detailed concepts, as well as configure and install multiple tools.
  • It requires online connection to external servers, to ensure validity of the signature.
  • It's difficult to investigate and show the "digital hierarchical trust" during an audit. Customized signature with graphical representation is not supported.

How does it work?

Core functionality of the most online digital signing solutions is more/less as described below (to give you a general understanding):

1) You upload a document to an external server.

Notice: This is someone else server. Claimed to be secure by provider etc, and usually are. But we recommend you to read the license agreement thoroughly, before sending intellectual property to external servers.

2) Your document is converted into a PDF (if it is possible to convert it).

3) You will add your signature to the PDF. The Solutions usually have a user-friendly online graphical interface.

Notice: Your signature is still an image inside a PDF, and is not really digitally safe in this point.

4) The online server saves the following information (who signed what and when) in their internal database.

5) The final PDF (with pictures of your signature) is digitally signed, by the online service digital certificate (not your unique digital imprint/certificate). This is how the digital integrity is maintained.

Notice: You can buy such a certificate yourself and sign PDF:s, using adobe for ~480$. Some configuration etc is needed, but it is possible (digital hierarchical trust cannot be maintained if everyone uses the same certificate).

Pros:

  • Easy to use and user friendly interfaces.
  • No need to install software, servers, etc
  • Easy to get started.
  • Customized signature with graphical representation etc.
  • Multiple signatures on the same document are supported.

Cons:

  • Continuous cost around 200USD/user/license/year.
  • Depending on online external servers..
  • Difficult to investigate and show the "digital hierarchical trust" during an audit. (your PDF are digitally signed by one external party, but contains pictures of signatures)
  • Not possible to get regulatory compliance.
  • You need to upload your data to external servers.

 

Pros:

  • There are really good solutions/system available.
  • They are digitally safe and well proven.

Cons:

  • The business cases for such solutions usually consists of continuous cost around ~400 USD /user/license/year, depending on solution/offer.
  • The system requires that you upload your data to an server or database.
  • Difficult to investigate and show the "digital hierarchical trust" during an audit. (your PDF are digitally signed by one external party, but contains pictures of signatures)
  • Unfortunately, it is not uncommon that you cannot prove "digital hierarchical trust" for your documentation during an audit if you have cancelled your license agreement (one way street).