Verification & trust
DocsNG makes documents provably authentic — not just the rendered PDF, but the underlying data too. Recipients verify a document's signer, timestamp and integrity without having to trust the issuer.
Verification portal & API
Anyone can drop a signed PDF into the public verification portal (or call POST /api/Document/ValidatePdf) and see a clear result: signer identity, signing time, whether a trusted timestamp is present, the signature level (e.g. PAdES-B-B or B-LTA) and overall validity — including long-term-validation status.
Verification QR stamping
Generated documents can carry a QR code / short link that resolves to the verification portal. A recipient scans it to confirm the document is genuine. The QR encodes only an opaque document identifier — never personal data — and stamping is a per-template/tenant option.
Evidence packages
Export a signed certificate of authenticity for any document: a structured evidence record (generation event, a hash of the data used, signer identity, signature level, timestamp/TSA details, LTV status and the relevant audit-chain segment) rendered as a human-readable PDF and machine-readable JSON. The package is itself signed, so it is self-verifying, and it links back to the verification portal for independent re-checking.
Tamper-evident data
Beyond the PDF, the underlying record carries integrity protection: a keyed HMAC over a canonical serialization is stored and verified on read, and the audit log is append-only and hash-chained (each entry hashes the previous). Integrity keys are held outside the data database, so a database-level change is detectable. A verification routine recomputes the chain and per-record HMACs and reports any tampering.
Optional ledger anchoring
For proof-of-existence, document (or batch Merkle-root) hashes can be anchored to a configurable public ledger on a schedule. Only the hash is anchored — never content or personal data. The anchor proof is stored with the document and in the evidence package, and the portal can independently recompute and verify it. Anchoring is optional and per-tenant.
Pre-delivery checks
Before a document is delivered or stored, DocsNG can screen the output for likely mistakes and unexpected exposure: leftover unresolved merge markers, empty required fields, values failing validators, and an optional PII scan. Policy is configurable — warn only, or block and route to review — and findings are recorded in the audit trail.
Need help? Contact us or try the live demo.
