FAQ on KeFirma® electronic signature.

1Signature verification with Adobe Acrobat
PDF documents signed with KeFirma® can be opened and visualized with Adobe Acrobat or Reader, or any other PDF document reader.
To ensure that documents signed via OTP or with graphometric signature are not modified, KeFirma® seals documents with a certificate that Acrobat recognizes as “signature”. This is because the technology used by KeFirma® to close documents is the same used in PAdES e-signatures.
Nevertheless, the certificate used in Simple Electronic Signature or Advanced Electronic Signature contexts should not be considered as the document signature because the actual signature is composed by the graphometric data included in the document (for a graphometric signature), or by the OTP code and the related transaction log (for OTP signature).
The certificate that Adobe recognizes as "signature” is used by KeFirma® only as a necessary technical tool to ensure that, once the document has been signed by the user, the document itself cannot be modified. In the event that something needs to be edited, it is always possible to identify the revision and see the version of the document as it was originally signed.
2What kind of checks does Acrobat carry out?
Acrobat, when verifying a PAdES signature (taking for granted that this is a qualified signature), carries out different checks on the certificate like: date of validity, withdrawal option (if necessary) and the validity of the body that released it (this is necessary to guarantee the identity of the signatory in case of qualified signature), the absence of changes to the document.
If all these verification steps are successful, Acrobat assigns a green tick to the document:
Acrobat green mark

Acrobat signature verification - valid signature
In case of Qualified Signature (e.g. Digital Remote Signature), the tick must be green.

To check the validity of the Certification Authority that released the certificate, Adobe Acrobat or Reader refer to root certificates distributed and installed in the user’s PC when they were installed or, alternatively, on the certificates attached to Windows and present in its Certificate Store among its Trusted Root Certification Authorities.

If the software does not find the root certificate, the user is prompted via a yellow tick indicating that it is necessary to install on the PC the missing root certificate in order to complete the verification.
Acrobat signature verification - missing root certificate
3The yellow tick means that the signature status is invalid?
The yellow tick simply means that Adobe Acrobat or Reader were not able to verify the authority that released the certificate. This is perfectly normal within a Simple or Advanced e-signature context.
To ensure the validity of the signature on a document signed with any KeFirma® technology, OTP or graphometric, it is sufficient that in the verification panel for the signature indicates "The document was not altered after signing": Acrobat firma gialla: manca verifica del certificato
4When is a signature considered not valid?
If a signature status is checked as invalid, thus making the document unreliable, Adobe Acrobat and Reader show a red tick next to the signature and, when possible, show the reason why the signature was not considered valid.
Marchio rosso Acrobat: firma non valida
5Is it possible to set Acrobat so that it provides a green tick to KeFirma® documents?
To allow a PDF reader software to adequately verify the certificate source, it is sufficient to download the KeFirma CA Root Certificate (available in the Download section of the KeFirma® website), and then install it among the Trusted Root Certification Authorities in the Certificate Store on Windows, or in the Adobe software in use.

Do you want to sign digital documents?

Try KeFirma® now and find out how to improve the efficiency and security of your electronic signatures. Our advanced solution of electronic signature is easy and reliable.

You will be contacted by our team for further information.