Signers are notified via email, and instructed to open the agreement by clicking the Review and sign button
The Adobe Acrobat Sign Digital Signature workflow is available to all levels of service
Overview of Digital Signatures in Adobe Acrobat Sign
Digital Signatures are a type of Electronic Signature that uses a certificate-based Digital ID obtained from a cloud-based trust service provider or the signer's local system.
A digital signature identifies the person signing a document like a conventional handwritten signature. Unlike a handwritten signature, a certificate-based signature is difficult to forge because it contains encrypted information unique to the signer. It can be easily verified and informs recipients whether the document was modified after the signer initially signed it.
Adobe Acrobat Sign supports digital signatures by simply placing the Digital Signature field on a form (either via Text Tags, drag and drop in the Acrobat Sign Authoring environment, or authoring in Adobe Acrobat with Acroforms).
Availability:
Digital signatures are available for Acrobat Standard, Acrobat Pro, and Acrobat Sign Solutions license plans.
Configuration scope:
Digital signatures can be enabled at the account and group levels.
Digital signatures can be applied in two ways through the Acrobat Sign service:
Digital Signature Time Stamps
When applying digital signatures, time stamps are a critical component of both the US and EU signature compliance standards.
The time stamp acts as a locking mechanism for both the signer’s identity and the document itself. Identity can be established in several ways (certificate, logon, ID card, etc.), but the time stamp has to be provided by a trusted and authorized time-stamping authority (TSA).
The time stamp guarantees the Long-Term Validity (LTV) of the signed agreement by locking the signature as well as the document, essentially providing a lock for the lock. This is critical for digital signature compliance because personal signing certificates can expire, while the time stamp LTV can be renewed over time without changing the validity of the signature. The LTV time stamp assures the certificate was valid when applied and extends the validity of the signed agreement beyond the time scope of the signer’s actual certificate.
The Time Stamp evidence is displayed in the digital signature appearance using the ISO 8601 notation.
Qualified Timestamp for e-IDAS compliance in the European Union
All accounts on the Acrobat Sign EU1 instance in Europe have e-IDAS-compliant Qualified Timestamps applied by default. (Know what instance you are on)
For Senders
From the sender's perspective, all that is required is for a Digital Signature field to be placed on the document that is being sent for signature.
Digital Signatures occupy a bigger footprint on the page due to the additional content in the signature. Keep this in mind when designing your document signature fields.
Configuration
To review and edit the feature controls:
- Log in as an administrator and navigate to your Account Settings menu.
- Select the Digital Signatures tab.
The configurable options are:
Show Signing Reason
Some compliance requirements demand that a reason for an applied digital signature be noted by the signer. eg: Title 21 CFR Part 11 and SAFE-BioPharma compliance.
If digital signatures are being used to fulfill a compliance demand, consult with your legal team to determine if you should also require a signature reason within the signature process.
To access the controls, click the Bio-Pharma Settings link
If you need advanced signature controls, refer to the BioPharma page >
RSA-PSS
RSA-PSS is a signature scheme that is based on the RSA cryptosystem and provides increased security assurance relative to the older RSA-PKCS#1 v.1.5 scheme.
The Acrobat Sign implementation of RSA-PSS does not require any configuration on the part of the Account Admin.
- When “Cloud Signature” is chosen, and the signer’s Digital ID supports both RSA-PSS and RSA-PKCS#1, the RSA-PSS signature scheme is used by default.
- When “Sign with Acrobat” is chosen, the use of RSS-PSS or RSA-PKCS#1 depends on the signer's settings in their Acrobat application
- Acrobat Sign fully supports CRL and OCSP responses that are signed with the RSA-PSS scheme.
- The use of the RSA-PSS scheme is required to comply with Germany-specific requirements for Qualified Electronic Signatures.
Digital Signature Format options
PKCS#7 is the default format governing the digital signature for most (non-EU) Acrobat Sign accounts.
- Accounts on the European (EU1) shard use PAdES format (ETSI EN 319142) by default to meet eIDAS compliance.
- Any account level admin can request to have this setting changed from one format to the other by sending a request to the Acrobat Sign Support team.
- This feature can be enabled and configured at the group or account level.
The digital signature workflow forces the agreement into a unique process. Because of the special handling required to get the signature affixed, there are several limitations to be aware of.
- Each signer can have only one digital signature field assigned to them when downloading the document and signing with Acrobat. Cloud-based signatures can support up to 10 digital signature fields per recipient. (Aadhaar and Singpass are not supported.)
- Web forms don't support digital signatures.
- Send in Bulk does not support Download and Sign With Acrobat signatures. Cloud-based digital signatures work as expected.
- Digital signatures are not supported in Microsoft Office Desktop apps, as they're designed to work inside a browser environment. Alternatively, you can use the Office Web apps from your browser.
- Digital Signatures disable Limited Document Visibility. All recipients will see all pages.
- Signers on Mobile devices can only apply a cloud-based digital signature.
- Cloud-based Digital ID using OAuth authorization mode are not supported in Fill & Sign feature.
- Fill & Sign feature does not support signing with Aadhaar service provider.
- Users sharing their content or accounts with advanced sharing enabled cannot use digital signatures.
- eVaulting cannot be used in conjunction with digital signatures.
- File attachments can only be applied by the first signer. Subsequent signers that attach new files invalidate all previous digital signatures.
- If the Audit Report is attached to a digitally signed agreement, a PDF portfolio will be created using the two documents.
- Transaction Number fields will convert a digital signature into an electronic signature.
- If the option to attach the Audit Report is enabled, a PDF Portfolio will be created (containing the agreement and a separate PDF for the Audit report, both encapsulated within the PDF Portfolio, aka PDF Envelope) as once a Digital Signature is applied, no changes can be made to the agreement.