1. Is this relevant to me?
This feature will change the format of PDFs generated during the signing process, and as such, everyone will be impacted. However, there is nothing to worry about as this upcoming update is an improvement over the current format.
2. What is it?
PAdES (PDF Advanced Electronic Signatures) is a set of restrictions and extensions to the PDF format, making it suitable for advanced electronic signatures. They are defined by ETSI (European Telecommunications Standards Institute) and allow documents to be EU compliant and shareable across EU borders.
3. What benefits does it bring?
Using the PAdES standard ensures that electronic signatures will remain valid for longer periods of time, even if in the meantime, the used cryptographic algorithms were broken or compromised. As a result of this, all the digitally signed documents can now be archived for many years. At any given time, it is possible to prove that the signature was valid (at the time of a document being signed) through a concept referred to as Long-Term Archivable (LTA). Verified's signature methods are all LT enabled, which means they verify the validity of a signature at the time of signing using the PAdES standard.
4. The PAdES file structure
You can think of PAdES as a bundle of all the information related to the signing process, stored as individual attachments inside the PDF document itself, consisting of:
- The original document
Intended for validation, to compare the original PDF to the signed one
- The signature information (one file per signature)
The format and content of these files vary based on the signing method, and they include the proof of signature received from:
- the eID providers (when signing with eID based methods such as BankID)
- the Verified platform (for eSign methods which include email, SMS and touch sign)
- Transaction log
A detailed log of all the events generated during the course of the signing process
An example of a signed document and its attachments, viewed inside Adobe Acrobat
5. The new activity log
With this major update, we took the opportunity to re-imagine the activity log as a more streamlined and focused overview of the signing process.
The old activity log
The new activity log
Let's break it down a bit:
- Modern design
Although our platform prides itself on its intuitive and modern interface, the activity log felt like it was stuck in the past. This update gives it a well needed layer of polish
- Activity log
Focused entirely on the recipients:
- Who they are
In order to provide more accurate information: If an eID method was used for either signing or authenticating, we will display the recipient name returned by the eID provider instead of the original name set by the Sender
- What they did
Be it signing or approving, the information is clear and concise
- How they accessed it
This is categorized as either Low (when no authentication method is used), Medium (in the case of SMS authentication) or High (when an eID method was required to access the document)
- Who they are
6. Release history
The PAdES feature has been in gradual rollout since December 2021, and was enabled gradually for an increasing number of companies as we went along. Today, March 31st 2022, we have reached the point where we can enable it globally for all the companies that are using the Verified platform.
How can I validate it?
To make sure that the signed PDF respects the PAdES standard, you can follow this guide.
Will the new PDFs have a larger file size?
Yes. Since the signed PDF also includes the original document, it will have a larger file size compared to the previous version of the PDFs generated in the Verified platform.
What other changes does this bring?
In addition to the aforementioned changes, the new format will also change the name of the signed document by adding a ".pades" suffix. For example, if the user uploads a file called contract-HR15.pdf, the signed document will be called contract-HR15.pades.pdf
What does this mean for API users?
Nothing will change in terms of the API.
Can I use an already signed PDF in a new transaction?
No, an already signed PDF will not work in a new signing process via Verified