The amazing proliferation of PDF files—over 1 billion at latest estimate—combined with the ubiquity of the internet and online information makes it critical that document creators and document readers consider the authorship and integrity of documents we trust on a daily basis as sources of information, conduits for personal data (forms), and, truly, receptacles for corporate and organizational reputation.
Let’s consider the “pump and dump” stock scams that have occurred over the past few years. By creating false press releases, fraudsters were able to ‘pump’ up the price of a stock by creating fake, positive news items for the company, and then ‘dump’ before the scam was discovered and the company’s reputation damaged.
This type of fraud is but one possibility. When you fill out and submit information in a PDF form online, do you ever check for the authorship of the document? Who’s to say the form wasn’t modified to send your personally identifiable information (PII) to the government office AND to an identity thief at the same time? What about corporate annual reports? Government laws and regulations? Analyst reports? Licensing documentation?
Several years ago, Adobe recognized these threats, and worked with GeoTrust (acquired last year by Verisign) to create the Adobe Certified Document Services program alongside the release of Acrobat® and Reader® 6.0.
By joining this program, interested individuals and organizations were required to submit to a strong identity vetting process to make sure they were who they said they were, and then would be issued a credential (digital certificate) on a hardware token (USB or smart card device). When used with the Adobe software, an author could choose to ‘certify’ a document upon authoring. Once certified with a CDS credential, the document’s integrity, authorship, and even time and date of creation would be embedded with the document. And because the credential was provided under Adobe’s high assurance policies, the digital signature is automatically trusted in both Acrobat and Reader v6.0 and above, giving the recipient an immediate notification of the document’s integrity with a blue ribbon and bar at the top of the window.
Now, Adobe has partnered with three additional credential Providers for the CDS Program: Chosen Security, GlobalSign and Keynectis. (Providers’ announcements are here, here and here.) This program expansion will substantially enhance the standing and awareness of the CDS program, while at the same time offering a broader range of services to all aspects of the marketplace through innovative services and solutions. In addition, these companies, as well as current CDS member Verisign, have a global footprint, which means that the document integrity capabilities offered by these CDS Providers, and built into Adobe Acrobat and Reader, will benefit documents created throughout the world.
For more information, click here.