Most document fraud is simple: someone edits a PDF after it leaves your system. Trusted Signatures prevents that by sealing each file with a cryptographic signature and an optional TSA timestamp. If the file changes—even by one pixel—the seal breaks and verification fails.

How it works

Your system generates a PDF and sends it to our CLI, API, or Zap. We send a digest (never your PDF) to our server.
We sign in hardware (HSM) and return a detached CMS/PKCS#7.
You attach the seal to the PDF; it verifies in Acrobat and our web validator.
Recipients can check authenticity without installing anything.

What you can do

Seal outgoing invoices so AP teams know they’re safe to pay.
Require sealed bids and verify they weren’t opened or changed.
Timestamp compliance reports so audit teams see when they were finalized.
Embed verification in your product to stop “fake PDFs” at the edge.

What it isn’t

Not a DocuSign competitor. No multi-party signature routing or approvals—just strong sealing and verification.

Key features

Adobe-trusted seals (AATL/EUTL chain)
RFC 3161 TSA timestamping (optional)
API + CLI; accepts SHA-256 digest, returns detached CMS (PKCS#7)
Policy checks (DocMDP/permissions) and chain-of-custody metadata
Web validator for recipients; works offline in Adobe Acrobat
HSM-backed keys (AWS) with per-customer options
Works with PDF 1.x and 2.0; supports PAdES-style detached signatures

Who it’s for
Accounts Payable, Compliance/Risk, Government procurement, and SaaS teams that need document authenticity without building an e-signature product.

Use cases

AP invoice sealing and inbound verification
Sealed bids and tenders (verify open time with timestamps)
Sealed compliance reports / attestations
Vendor documents (licenses, certificates, statements of work)