Document Integrity

AND DIGITAL SIGNATURES

What is document integrity?

For both paper and digital documents, integrity protection is a key requirement. You can retain a paper original, but anyone could easily manipulate an electronic document and claim it’s the original. This makes the integrity aspect even more important when you use electronic signatures.

Document integrity means that in the event of a dispute, you can prove that:

To ensure integrity, as soon as a document is electronically signed, Scrive seals it with a digital signature in partnership with our supplier Guardtime. Guardtime uses a method called Keyless Signature Infrastructure (KSI), which uses blockchain technology. Once a document has been sealed with KSI, you can verify its integrity immediately, a year later, or decades later.

Digital Signature vs. Electronic Signature

Before moving forward, let’s clear up a common source of confusion:

What a digital signature is not:

Keyless Security

Scrive has chosen KSI rather than PKI (Public Key Infrastructure), which is the most common method.

PKI works on the model of a trusted party that issues certificates and keys to parties who want to protect the integrity of their documents. The issued keys and certificates are used to seal documents. These keys and certificates can be traced back to the trusted party, and trustworthiness is assigned to that party. This is a well-known and relatively straightforward way of sealing documents.

A notable disadvantage of PKI is that the seal becomes more vulnerable to forgery over time, as the possibility increases that someone could mathematically break the seal. As an analogy, a thief trying to break into someone’s bank account using their ATM card would have an increasing chance of success if the ATM didn’t limit them to three attempts to guess the 4-digit PIN.

KSI is not based on certificates and keys, hence keyless, and doesn’t rely on third parties. And unlike PKI, KSI seals become stronger over time because KSI is based on blockchain technology. With KSI, a unique fingerprint of each document is generated and then published in a way that allows you to verify with absolute certainty that your document: