10 Years of PDF/A-3 Based Electronic Invoicing

Almost 10 years ago, ZUGFeRD 1.0, the first invoice data format based on the public standards UN/CEFACT CII and PDF/A-3, was published. The stated intention was to digitize invoice exchange and make the transition from paper to data for SMEs and single users as smooth as possible without losing efficiency. The idea of using PDF/A-3 … Read more

Smart Legal Contracts and PDF

Smarter contracts and blockchain technologies are already transforming business processes across commercial, legal and financial sectors and yet “We still approach contracts in much the same way as we have done for centuries. Decades old software such as PDF and Microsoft Word is used to create and store agreements in a digital format, but they … Read more

On the security of PDF Signatures

Assumed to be secure for 15 years, our talk reveals what could go wrong while a PDF document is being verified. We elaborated novel attacks leading to critical vulnerabilities in all PDF viewers, most notably in Adobe, Foxit, and LibreOffice. As a result, an attacker can manipulate the content of digitally signed PDFs arbitrarily while … Read more

Interoperable document-based signatures

This presentation is primarily aimed at developers who are designing and implementing digital document workflows requiring trusted signature models. Electronic signatures are an essential part of digital transformation, and many vendors offer e-sign features. Vendor-specific implementations don’t usually allow interoperability, and trust is associated with the specific implementation where signature validation takes place. In 2021, … Read more

Making digital signatures in PDF more usable

Digital signatures have been an integral part of the PDF specification since version PDF 1.3. No other document format has such a deep integration of signatures. Well over 90 percent of all signed documents are PDF. This presentation shows the development of the digital signature component in the PDF standard from PDF 1.3 to ISO … Read more

How to make e-Signing interoperable

This presentations sorts out digital signatures and e-Signing and describes the current status of e-Signing, with its non-interoperable, cloud based workflows. Can PDF turn e-Signing into an interoperable workflow? Can PDF carry proprietary data of the signing process and the audit-trail information? Can PDF help tracking the signing process, even outside of cloud e-Signing solutions, … Read more

Cryptography in PDF: future perspectives

The relationship between cryptography and PDF is one with a long history. PDF’s cryptography-related features have been through a number of significant revisions over the years, and PDF signatures have firmly established themselves as a replacement for paper signatures in many workflows all over the world. That being said, the cryptography landscape constantly evolves as … Read more

Validating digital signatures in PDF

Digital signatures and PDF are an increasingly popular combination for digitizing paper-based business processes. While the focus of most signature products and solutions is on the creation of the signature itself, the correct validation of signatures contained in PDF is somewhat pushed into the background. Signature validation is a greater challenge for software development than … Read more

SAP and Digital Signature

The aerospace industry has strict requirements for the submission of digital documents. For example, the qualified electronic signature is mandatory for construction documents of aircraft components. The digital signature should make the sender clearly identifiable and ensure that the document has not been changed since its signature. We show a way how PDF documents generated … Read more

How to validate digitally signed PDFs correctly?

A short overview about the process of signing a PDF document with single or serial signatures is given. The special features of PDF to support signature workflows like certificate signatures and allowing for dedicated modifications after signing is presented. This is the origing  of some of the complexity of the task to validate a signed … Read more