All PDF copies of signed and completed PandaDoc documents can now be “protected.” This is an additional level of security that verifies PDF files signed in PandaDoc and scans for forgery and/or changes made to documents after they’ve been signed.
How does it work?
PandaDoc follows a protocol called PKI which requires using two keys – a private and a public key which are securely stored in a hardware security module (HSM).
When a PandaDoc document is signed, completed, and downloaded, an algorithm is triggered, creating a hash value based on the PDF content which encrypts it using the PandaDoc private key. The encrypted hash value is then embedded in the PDF, identifying the document as having been signed through PandaDoc.
Each time the PDF is opened in Adobe Acrobat Reader, the encrypted hash value will be deciphered using PandaDoc public key. If the hash value doesn’t match the one Adobe Acrobat Reader generates using the same mathematical algorithm, it means the document was modified after completion.
- PDFs downloaded through the PandaDoc mobile app are not protected at the moment
- Documents downloaded through API or Webhooks are not protected
- Open a Signed and Completed document in PandaDoc and click Download
- At this point, PandaDoc generates a “Panda Protected” PDF. You will see a confirmation notice once it’s finished
- When the PDF is opened in Adobe Acrobat, the green icon on the blue bar at the top indicates that this signed document PDF hasn’t been modified
- If the red icon appears, this indicates that the PDF has been modified