Verification and tamper-evidence beyond the PDF
20 May 2026 · 7 min read · Nextarp B.V.
A signature proves the PDF was not altered. But real trust asks more: who signed, when, at what assurance level, and is the underlying data record intact - not just the rendered page? Genuine verification answers all of these, and lets a third party confirm them without trusting you.
Independent verification
Verification should not require faith in the issuer. A public verification portal or API lets a recipient drop in a document and see the signer identity, timestamp, signature level and integrity result - computed from the document itself and public trust lists, not from a database only you control.
Tamper-evident data
The PDF is one representation; the structured record behind it is another. A hash-chained, append-only audit log makes every change to that record detectable: each entry includes the hash of the previous one, so removing or editing history breaks the chain visibly.
Evidence packages
For disputes and audits, a signed evidence package bundles the signature details, validation result, timestamp and audit trail into a single certificate of authenticity that stands on its own years later.
Optional anchoring
Where the highest assurance is required, periodic hashes can be anchored to an external ledger, giving an independent witness to the state of your records at a point in time.
Together these turn "trust us" into "verify it yourself" - the standard sensitive documents deserve.
Related articles
- PAdES-LTV: keeping signatures valid for decades · Trust
- Designing multi-party signing workflows · Trust
- Qualified timestamping and why it matters · Trust
