Security
Your document never leaves your device unencrypted.
DigiSig is zero-knowledge by design. Encryption happens in your browser, and we never receive the key — so we can't read your documents, even if we wanted to.
How your document is protected
- 1
You pick a PDF
Before anything is uploaded, your browser generates a random key and encrypts the document with AES-256-GCM — a strong, authenticated cipher. The encryption happens entirely on your device.
- 2
The key stays with you
The decryption key is placed in the link's URL fragment (the part after #). Browsers never send the fragment to a server, so the key never reaches us. We literally cannot decrypt your document.
- 3
We only ever hold scrambled bytes
When an encrypted copy is stored to deliver a signing request, our servers receive ciphertext only — never the readable document, and never the key.
- 4
The other person decrypts in their browser
They open the link; their browser uses the key from the fragment to decrypt and show the document locally. Again, nothing readable passes through us.
- 5
Each signature is cryptographically linked
Signing produces an ECDSA (P-256) signature over a SHA-256 fingerprint of the document. Any later change to the document breaks verification — so tampering is detectable.
- 6
The audit trail stores hashes, not content
The tamper-evident record keeps fingerprints, timestamps, and pseudonymous identifiers — not your document's contents. Data is processed in the EU.
What we claim — and what we don't
DigiSig produces electronic signatures under eIDAS (Regulation (EU) No 910/2014), valid and admissible as evidence. By default these are simple electronic signatures (SES) backed by strong, tamper-evident, cryptographically linked evidence.
We do not claim to provide qualified electronic signatures (QES), and our signatures are not automatically equivalent to a handwritten signature. Some documents require a qualified signature or notarisation by law. We tell you that plainly rather than overstating what a simple e-signature can do.