Though exchanging documents digitally is the norm in organizations across the globe, doing so in a secure way that protects the integrity of the files and the information within continues to present challenges for companies of all types.
To better enable our customers to meet these challenges, we’ve built a number of new and improved digital signature features into Nitro Pro 12. These updates will make it easier for users to securely sign documents, protect the information within, and automatically verify where signed documents have come from.
Why Use Digital Signatures?
Digital signatures are a subset of electronic signatures and provide users a fast, powerful, and secure way to sign documents. They are ideal for highly regulated industries and document workflows as they prove the authenticity and integrity of a document by verifying signer identity, the date and time a document was signed, and whether a document was modified or tampered with after signing. In essence, a digital signature locks down a document, so any changes made after the signature is applied would invalidate the signature and alert users to those changes.
To digitally sign a document, users must have Digital Certificates. Digital Certificates are like electronic passports that allow a person or organization to exchange digital information securely using PKI (Public Key Infrastructure). Digital Certificates can be obtained from Certificate Authorities (CA) that are trusted agencies, kind of like passport offices.
Large organizations or government entities may have their own CAs or can use trusted 3rd party certificate providers who purchase their certs from trusted vendors.
Digital Signature Security at Nitro
In Nitro Pro 12, we have optimized the process of validating digital signatures (via Chain of Trust), resulting in faster workflows. Nitro Pro 12 also introduces more advanced digital signature algorithms, allowing for more complex digital signature permissions, such as the ability to set locks on different form fields meant for different signers using our Certify feature.
Chain of Trust
One of the new digital signature features in Nitro Pro 12 is Chain of Trust. Organizations can use the Chain of Trust feature to automate the process of verifying whether a digital signature came from a trusted contact. The availability of Chain of Trust removes the need for users to manually verify and approve each signed document as they come through, saving time, shrinking room for error, and increasing productivity overall.
Nitro’s Certify feature
Nitro Pro 12 also offers a greatly improved Certify feature, which not only proves the authenticity and integrity of a document (similar to digital signatures), but also enables document owners to assign separate sets of permissions to different users on the same document. Such permissions include: commenting, filling form fields, printing, page extraction, copying content, and signing. The document owner can also choose whether to allow specific users to perform these actions after the document has been certified; otherwise, the document would be locked down and all changes restricted.
Some of the benefits of Nitro’s enterprise-grade digital signature tools:
The certificates tied to digital signatures cannot be copied or shared easily, so they are more secure than traditional pen and ink signatures.
Chain of Trust removes the need to manually approve signed documents, enabling better productivity, efficiency, and accuracy.
Users can apply different security settings for different recipients of the same document. For example, the document owner may grant editing and printing privileges to one user, while another user is limited to viewing privileges only.
Eliminate the need to print and sign—even for the most sensitive, security-conscious workflows—saving big on print-related costs.
Common use cases
A Financial Advisor is preparing documents for a client to sign, but the files require her colleague’s signature as well. The advisor applies her digital signature to the document to signal its completion, then uses Nitro’s Certify feature to assign her colleague permission to digitally sign the document—restricting all other functionality. She then adds another permission to enable her client to both sign and print the document. The two parties sign and submit the document back to the financial advisor, who then sends a final signed and certified version back to the client. This final certified version has no additional permissions assigned, so the document is locked to prevent any future changes.
An Engineering Consultant is submitting a final design to the project manager for his client, a global manufacturing firm. The engineer applies his digital signature to the design file, signaling it has been finalized, and submits the document. Since the engineer is one of the manufacturing firm’s trusted contacts, Chain of Trust automatically verifies the signature when the project manager opens the design file, and the manufacturing firm can confidently proceed with the next steps knowing the design has been signed off on by the appropriate party. If the consultant had not been a trusted contact of the firm, or if someone other than the consultant had tried to sign and submit the document, the signature would have been rejected.
A Quality Analyst reviews documents, such as user manuals, a few times a week—and they generally work on a set timeline. Once a piece of documentation is finalized, it must be locked, with date and time verified. A QA professional can use Nitro Pro 12 to digitally sign these documents to prove they have been approved on time and by the correct parties. Such a process can significantly improve accountability and efficiency in any organization with a QA team.