Professional Documents
Culture Documents
Institution Affiliation
By
_________
0.2 ABSTRACT..........................................................................................................................................4
2.0 INTRODUCTION...............................................................................................................................5
Figure1................................................................................................................................................8
3.1.1 DocuSign..................................................................................................................................10
3.1.2 SignNow...................................................................................................................................10
3.1.3 PandaDoc.................................................................................................................................11
4.0 METHODOLOGY............................................................................................................................14
Figure 2:............................................................................................................................................14
Figure 3.............................................................................................................................................15
Table 1...............................................................................................................................................15
5.0 RESULTS...........................................................................................................................................18
6.0 DISCUSSION.....................................................................................................................................19
Figure 4.............................................................................................................................................19
7.0 REFERENCES..................................................................................................................................20
8.0 APPENDIX.........................................................................................................................................26
4
0.2 ABSTRACT
indicate the identity of the source of information being transmitted. It identifies who is the
sender of the document and who is the signer of the document (Cassidy et.al, 2016). Generally,
a digital signature ensures that the transmitted data gets to the intended destination without
distortion; it also ensures that the signature belongs to the critical certificate holder (Bryon,
2014). The rapid growth of the internet has made most enterprises shift online; hence it
Each digital signature technology comes with its share of pros and cons. It is suitable for
different use-cases. Therefore, different situations will be analyzed to determine the best digital
signature technology to develop the best situations where an individual or an organization can
use digital signature technologies. In this paper, we will compare different digital signature
technologies focusing mainly on their vulnerabilities and features. Also, this paper will highlight
This research will use secondary data, including online sources such as journal articles, books,
and other academic materials, to determine the various digital signature technologies that
companies can adapt. Through secondary research, a comparison will be undertaken for all the
possible digital signature technologies such as Acrobat, PandaDoc, SignNow, and DocuSign.
The study will also present the best scenarios for using digital signatures; hence, companies may
intercepting and reading them. Signing the documents digitally is one of the most reliable and
secure methods of restricting unauthorized access records. The aim of the project is to compare
four digital signature technologies with each other by focusing mainly on its vulnerabilities and,
features. After getting the deeper research on it, different situations will analyze to determine the
best digital signature technology over other technologies where an individual or an organization
can use digital signature technologies. Also, this paper will highlight different circumstances
where these technologies are compatible. Thus, this project will detail the four digital signature
technologies that will equip users with the most informed decision when choosing the most
2.0 INTRODUCTION
The current technological advancements across the world have led to an increasing trend
of exchanging documents over the internet as many organizations and businesses have shifted to
online operations. In most cases, people exchange sensitive and confidential information over
the internet, which may require verification and authentication by the intended online recipients.
Hence, data such as legal contracts and financial transactions approval documents may need to
be verified to avoid falling victims to cybercrimes (Sadiku, Musa & Temley, 2016). It is
essential to encrypt the documents to prevent unauthorized people from intercepting and reading
them. Therefore, encryption behind signing the documents digitally is one of the most reliable
The increasing demand for digital signature technology has led to increased software
companies delivering commercial security software that helps users secure their e-commerce
documents. Generally, a digitally signed e-commerce document provides evidence of its status,
identity, and origin. Other than businesses, digital signature technology is also used by
governments to secure sensitive documents on the internet (Cassidy, Vinlove, Green, Hogan &
Fabbri, 2016). Digital signature technologies facilitate various document processes such as
filing taxes, closing contracts, and distributing employee applications. Additionally, Microsoft
developed the Authenticode technology using digital signature technology. The Authenticode
each signer, just like the handwritten signatures, although a digital signature is more secure
(Weast, 2011). The digital signature provides a solution to the impersonation and tampering
their integrity and authenticity. Digital signatures use an accepted standard known as Public Key
Infrastructure (PKI). The PKI algorithm is used to generate a public and private key. To create
an effective digital signature, the encryption of the signature-related data is done using the
private key, and decryption can only be done using the signer's public key (Sancar & Cavus,
2021). The digital signatures require a Public Key Infrastructure (PKI) to identify the respective
document signers to ensure safety (Santos, 2020). It is essential for all parties involved in digital
signature technology to trust that the document signers can secretly keep the private key. If a
third party accesses the signer's private key, there is a possibility of creating fraudulent digital
This project presents a detailed analysis of some currently available digital signature
technologies, particularly Adobe Sign, PandaDoc, SignNow, and DocuSign. Firstly, the problem
statement will be discussed to highlight the need of the project, which will be followed by a
literature review, research questions, and methodology, respectively. Also, the timeline of the
There are several problems which one should consider before choosing any digital signature
technology. Some of them are highlighted below:
It is difficult for both individuals and organizations to choose the most suitable digital
signature technology for their use-cases in the current rapid technological advanced era.
This is because there are numerous digital signature technologies in the market, some of
which have pricing charts that conceal nasty surprises for the users with little technical
skills to help them know what to look for regarding pricing.
There are several attacks that are faced by some digital signature technologies, but these
attacks and threats are not highlighted publicly for the sake of the reputation of software
companies. These companies try to hide this information from the user. However, to
secure personal and organizational data, it is necessary to find out deeply before
choosing any digital signature technology.
With little technical knowledge, it is hard for users to choose one technology according
to their requirements. Thus, they choose any digital technology without considering the
factors such as security mechanism, the software behind their chosen digital signature
technology, and services that are outsourced by it.
After considering the above problems, this research paper outlines the various features, pros,
and cons of the four different digital signature technologies essential to users in different use-
cases.
8
authenticity of either the digital documents or messages by signing the documents electronically
(Zhang, 2010). Three main benefits are provided by digital signature technology, which are
authentication, data integrity, and nonrepudiation. Digital signatures involve several elements
such as public and private key pairs, hashing, and encryption. According to Santos (2020), digital
signatures use Public Key Infrastructure (PKI) to secure documents. The digital signature
According to Jaju & Chowhan (2015) argue that the digital signature relies on the key
pair concept; there must be a private key only known to the particular user so that when the user
signs some data, the data is uniquely identified. The authors also state that to create an effective
digital signature, signature-related data encryption is done using the private key. Decryption can
only be done using the signer's public key. According to Lutkevich, Brunskill & Loshin (2021),
if a third party accesses the signer's private key, there is a possibility of creating fraudulent
Figure1: digital signature algorithm diagram. Source: (Lutkevich, Brunskill & Loshin, 2021).
Figure 1 infrastructure: - Digital signature makes use of a guided specific procedure that is
called public key infrastructure, which demands the provider to make use of specified mathematical
syntax to generate unique numbers named keys (Lakshmanan & Madheswaran, 2012). There are two
types of keys, public and private keys. The main function of the public key infrastructure is the setting
of the requirement that is involved in the generation of the digital signature Alrawais et al. (2018).
Every digital signature comprises a pair of keys held by the signer and is not shared with anyone, and
the signer uses it while signing the documents electronically. The other key is referred to as the public
key, which is openly available (Vigna & Casey 2016). Electronic signature sometimes requires
validation to ascertain that the digital signature surely belongs to the attached signer. Those who are
bestowed with this process's responsibility use the public key to certify the digital sign's correctness as
applied.
Public key infrastructure also has a mandate of enforcing extra requirements laid down by the
governing authorities such as digital certificate, certificate authority, the end-user enrollment software,
10
and management of the tools used in the renewal and revoking of the signature certificate and keys. The
security of the digital signature remains a critical concern in the technology (Jaju & Chowhan, 2015).
That's why the certificate authority has to come in. Digital signatures greatly depend on the public and
private keys to implement the technology. There is an obligation to ensure that the keys are free from
any form of attacks such as forgery or malicious applications. Safety becomes paramount as when one
is sending the document for signing, safety and assurance take precedence by ensuring the keys are
Certificate authority has to come in as a trust-enhancing provider globally accepted and certified
to ensure that the digital signatures' necessary security guidelines are observed and issues the digital
certificates (Santos, 2020). The involved party in document signing has to agree to use a specific CA
before initiating the process. Consequently, the user can use their certificate authority of choice by
using the Digital signature tool to access its cloud-based services that manage any transaction. Users
can also use other certificate authorities, BioPharma, and open trust (Santos, 2020).
3.1.1 DocuSign
The DocuSign is a digital signature tool with a great market share in e-signature
technologies. It offers security features such as auditing, authentication, and encryption (Sharma
& Mittal, 2019). The technology used behind DocuSign is PKI protocol which helps to use the
mathematical algorithm. This technology follows Figure 1 infrastructure (mention above). Also,
the DocuSign signature tool provides users with third-party integrations such as Dropbox
integration. Users of this technology cannot subscribe one-time, but instead, they have to
subscribe again after the expiration of their subscription (Coughenour, 2017). It uses text
DocuSign uses the Cipher Algorithm to encrypt and secure the data. In other words,
digital signing makes use of mathematical algorithms which act as a cipher. The algorithm
creates data that matches the document signed referred to as hash, and the created data is
encrypted. The encrypted data forms what we now refer to as the digital signature, which
contains the date and time the document was signed. However, once the document's signing
3.1.2 SignNow
SignNow has solid security features to secure the data or information. Unlike in the other
digital signature technologies that include Advanced Threat Protection (ATP). However, the
SignNow software offers ATP at its business premium plan (Sadiku, Musa & Tembley, 2016). In
the SignNow software, electronic signing is possible without connecting to the internet.
SignNow stores its users' documents on SOC 2 certified servers to provide a high level of
security.
Also, SignNow provides its users a detailed document history that contains all the
affected changes alongside with the users who performed the changes (Ivanov et al., 2014). The
Audit Trail option in the SignNow software allows users to download their documents history
and view all the actions taken on the papers bearing respective timestamps and Internet Protocol
(IP) addresses. SignNow uses many authentication methods such as two-factor authentication,
3.1.3 PandaDoc
Digitally signing a document using the PandaDoc is relatively easy as it involves dragging and
dropping a signature box into the paper. Using the software as a Service (SaaS) platform, users can
electronically create and forward agreements and recommendations to their clients (Tianhuang &
12
Xiaoguang, 2010). The SaaS is designed to provide a complete packaged solution in which an end-user
can freely operate the service from anywhere. The paid PandaDoc's options include approval
workflows, content libraries, and advanced contact management tools (Buttner & Huss, 2014). This
technology uses OAuth2.0 protocol as an authorization framework protocol that allows its users to grant
third-party web site or application access to the user-protected resources without revealing their long-
Adobe Sign's digital signature is powered by Acrobat and is an electronic signature that makes
use of certificate-based digital IDs, which are derived from the trusted cloud-based service providers or
the signer's local system (Cannon, 2020). The system functions by identifying the person who is
signing the document. The digital signature consists of encrypted information, which is unique to every
signer.
This technology uses the 'figure 1 infrastructure', which is mention above in detail. Adobe sign
allows for digital signing by placing the digital signature fields on the forms or documents that might be
through various processes such as dragging and dropping in the adobe signing authorization interface,
text tags, or authorization in the adobe acrobat Acro forms (Use digital signatures, 2020). Adobe is an
established and leading software for handling pdf documents, and as such, it has excellent reliable
export features (Parkhimenka, 2019). Using Adobe software, users can add signature fields to Microsoft
word pages and Google documents, which can then be moved to Dropbox for storage (Bakker, 2021).
The authentication method used in this technology is email verification (default), password-based
Xiaoguang, 2010).
13
According to the previous researches have done on the selected four technologies, there
The Business Premium plan that costs 135 USD monthly per user in DocuSign software
is available in SignNow for only 15 USD monthly per user (Sadiku, Musa & Tembley,
2016).
The SignNow security focus is to provide users with a higher protection level at a lower
price than the other options like Adobe Sign (Cannon, 2020).
The personalized branding feature in the business premium plan of SignNow is available
SignNow software is the best choice for any organization that considers security and
price as its most significant concerns. In comparison to the other digital signing
PandaDoc software to individuals operating small businesses but with a large number of
signatures needed. The DocuSign signature technology is most suitable for large
The Business Premium subscription in Adobe Sign is cheaper than in DocuSign (Paul,
2017).
Therefore, according to the above comparisons, it can be estimated that most of the previous
researches is mainly done on the common areas which a normal user can compare by themselves.
As a result, we will deliver the comparison of selected technologies, particularly on the factors
which need more technical skill to compare it. Thus, our comparison will mainly focus on the
14
technologies which actually works behind the chosen digital signature technologies, such as
authentication methods, security mechanism, integrate, hash algorithm, audit trail, and
outsourcing services. This will give deeper technical knowledge to an organization regards the
4.0 METHODOLOGY
This document will state a proper format of methodology, which will be followed by the
selection of four different digital technologies, a comparison of selected technologies, and then
describes how these technologies will be effective for business and personal use as mentioned in
figure 2. For achieving the project's outcome, secondary data will be used, for instance, online
Four different
digital
signature
technologies
Methodology Comparison
criteria
Effectiveness
for business
and personal
use
Firstly, we have chosen four different digital signature technologies (Adobe Acrobat,
PandaDoc, SignNow, and DocuSign) on the basis of the popularity of all these technologies.
Also, these technologies have an almost similar feature which makes difficult to normal user to
The chosen four digital signature technologies will be compared according to the following
criteria. All the technologies will compare as per the categories and sub-categories mentioned in
table 1.
Flexibility Scalability
Integrate ✔ ✔ ✔ ✔
16
Technical skills
Security mechanism
Differences in context of ✔ ✔ ✔ ✔
security and privacy
Hash algorithm ✔ ✔ ✔ ✔
Audit trail
Cost ✔ ✔ ✔ ✔
In the above table, the sign '✔' indicates that we will compare these technologies as per
categories and sub-categories and deliver it in the final report. Digital signatures technologies
Firstly, for perfect comparison to determine the best signature solution, the research will
focus on flexibility, whereby assessing how digital signature is accommodative of personal and
business growth needs compared to another. The flexibility shows an ability to be easily
modified by any technology according to the organization's growth. Here, it will compare which
technology is more scalable and integrated. In most cases, organizations deploy digital signature
technologies to only one department. Still, after some time, the digital signature software is
extended to cover other departments in the organization (Reed-Woodard, 2018). As such, the
most suitable digital signature solution for an organization will be the one that supports multiple
deployment options.
17
Additionally, an excellent digital signature solution will be the one that provides optimal
user experience across various devices, including mobile phones. The most suitable digital
signature solution for your organization will need to have global scalability by switching
between languages. The comparison will determine which digital signature solution is simple to
use even for users with little or no technical skills. The simplicity of digital signature software
makes it accessible to everyone who sends or signs a document. Also, simple digital signature
signature technology will provide several authentication methods to validate known and
unknown users. Under the authentication method, it will be accessed that how they provide the
authenticity to the user. Also, the security mechanism will be analyzed for selected digital
signature technologies.
Thirdly, the technical issues will be compared to find out which digital signature
technology is more vulnerable than others and can and had attacked by hackers. The hash
algorithms will also compare to find out the strengths and weaknesses of the chosen
technologies. Based on the audit trail, the research will compare to determine which digital
signature solution will capture and provide data about what took place during the process of
signing documents. The audit trail is essential in recording information such as who signed the
Fourthly, a 'general' category is added to compare the services which are outsourced by
the selected technologies, which will ensure the dependence of these technologies on other
companies. The cost will also be compared as it is an essential factor for an organization when
After the comparison of selected technologies, several scenarios will be made according
to different use-case, which can be helpful for organizations to select the digital signature
technologies to help determine the best situations where one can apply the respective digital
technologies.
5.0 RESULTS
Considering that there are various digital signature technologies suitable for different use-
cases, we can expect that the users will avoid being financially exploited to get digital signature
technologies. It is essential to focus more on simplicity and convenience and maximize digital
The final deliverable will highlight that users should consider using alternative digital
signature solutions rather than which they are already using or going to use. The final report will
provide the critical features of specific digital signature software in different use-cases, then the
user may not satisfy with how their existing software handles their particular business or
personal demands.
6.0 DISCUSSION
To resolve the highlighted issues in the problem statements and after deeply studying
several research papers about digital signature technologies, we come up with these below
questions:
19
What are the similarities and differences between the four chosen digital signature
technologies?
What are the best situations where these digital signature technologies can be used in
organizations?
7.0 REFERENCES
Alimehaj, V., Halili, A., Dervishi, R., Neziri, V., & Rexha, B. (2021). Analysing and comparing
the digital seal according to eIDAS regulation with and without blockchain
Alrawais, A., Alhothaily, A., Cheng, X., Hu, C., & Yu, J. (2018). SecureGuard: A certificate
https://ieeexplore.ieee.org/document/8290970
Bakker, R. (2021). Virtual DSS: Best Practices For Conducting Remote Oral Histories. Retrieved
from https://digitalcommons.fiu.edu/cgi/viewcontent.cgi?article=1011&context=dss-
resources
<https://support.pandadoc.com/hc/en-us/articles/360007914593-Account-roles>
https://media.readthedocs.org/pdf/django-docusign/0.10/django-docusign.pdf
Buldas, A., Laanoja, R., & Truu, A. (2017). Keyless signature infrastructure and PKI: hash-tree
Büttner, C., & Huss, S. A. (2014). Anonymous credentials and attribute-based authorization
Retrieved from
https://orbilu.uni.lu/bitstream/10993/16401/1/proceedings_fg_ivc_2014.pdf#page=11
Cannon, W. (2020). DocuSign vs Adobe Sign: How to Choose the Best Option | Signaturely.
Cassidy, L. K., Vinlove, A., Green, C., Hogan, M., & Fabbri, C. (2016). DocuSign Envelope ID:
https://core.ac.uk/download/pdf/162579344.pdf
21
Chen Tianhuang, & Xu Xiaoguang. (2010). Digital signature in the application of e-Commerce
Chen, J. Q., & Benusa, A. (2017). HIPAA security compliance challenges: The case for small
Coughenour, A. D. (2017). Integrating DocuSign into the Permissions Workflow. Retrieved from
https://pdxscholar.library.pdx.edu/cgi/viewcontent.cgi?article=1031&context=nwirug
De Capitani di Vimercati, S., & Martinelli, F. (2017). ICT Systems Security and Privacy
Protection.
Ivanov, A. I., Lozhnikov, P. S., & Samotuga, A. Y. (2014). A Hybrid document formation
https://orbilu.uni.lu/bitstream/10993/16401/1/proceedings_fg_ivc_2014.pdf#page=11
Jaju, S. A., & Chowhan, S. S. (2015). A Modified RSA algorithm to enhance security for digital
https://ieeexplore.ieee.org/document/7344493
Kolodenker, E., Koch, W., Stringhini, G., & Egele, M. (2017, April). Daybreak: Defense against
Lakshmanan, T., & Madheswaran, M. (2012). A novel secure hash algorithm for public-key
digital signature schemes. Int. Arab J. Inf. Technol., 9(3), 262-267. Retrieved from
22
https://www.idc-online.com/technical_references/pdfs/data_communications/A
%20Novel%20Secure.pdf
from https://www.trustradius.com/buyer-/4-docusign-alternatives
Lindell, Y. (2017, August). Fast secure two-party ECDSA signing. In Annual International
Lindgren, L., 2016. How Digital Signatures Work – Under the Hood. [online] Adobe Blog.
Lutkevich, B., Brunskill, V., & Loshin, P. (2021). What is a Digital Signature? Retrieved
from https://searchsecurity.techtarget.com/definition/digital-signature
https://doi.org/10.1093/oso/9780198788003.003.0007
Foundation.
Mirzamohammadi, S., Liu, Y., Huang, T. A., Sani, A. A., Agarwal, S., & Kim, S. E. (2020,
June). Tabellion: secure legal contracts on mobile devices. In Proceedings of the 18th
Retrieved from
https://www.ics.uci.edu/~ardalan/papers/Mirzamohammadi_MobiSys20.pdf
23
Munch-Hansen, A., Orlandi, C., & Yakoubov, S. (2020). Stronger Notions and a More Efficient
83867-695-720191004/full/html
Paul, E. (2017). What is Digital Signature- How it works, Benefits, Objectives, Concept.
signatures#:~:text=Digital
Reed-Woodard, M. (2018). Smartphone Apps. Network Journal, 25(3), 33-33. Retrieved from
https://search.proquest.com/openview/8450aa56ca091cd84e24cb23338c31a0/1?pq-
origsite=gscholar&cbl=43721
Sadiku, M. N., Musa, S. M., & Tembley, M. (2016). Digital signatures. Journal of
http://www.jmest.org/wp-content/uploads/JMESTN42351763.pdf
Sancar, N., & Cavus, N. (2021). Determining the awareness of users towards E-signature: A
scale development study. In AIP Conference Proceedings (Vol. 2325, No. 1, p. 020038).
AIP Publishing LLC. Retrieved from https://aip.scitation.org/doi/pdf/10.1063/5.0040408
Santos, O. (2020). CCNP and CCIE security core SCOR 350-701 official cert guide (1st ed.).
Cisco Press. Retrieve from https://www.bigseekers.com/ebook/ccnp-and-ccie-security-
core-scor-350-701-official-cert-guide-pdf
24
Sharma, A. K., & Mittal, S. K. (2019). A Comprehensive Study on Digital-Signatures with Hash-
Functions. Retrieved from
https://www.researchgate.net/profile/Arvind_Sharma58/publication/332752862_A_Comp
rehensive_Study_on_Digital-Signatures_with_Hash-
Functions/links/5cd95027458515712ea6d72a/A-Comprehensive-Study-on-Digital-
Signatures-with-Hash-Functions.pdf
Sharma, A. K., & Mittal, S. K. (2019). A Comprehensive Study on Digital-Signatures with Hash-
Functions. Retrieved from
https://www.researchgate.net/profile/Arvind_Sharma58/publication/332752862_A_Comp
rehensive_Study_on_Digital-Signatures_with_Hash-
Functions/links/5cd95027458515712ea6d72a/A-Comprehensive-Study-on-Digital-
Signatures-with-Hash-Functions.pdf
Vigna, P., & Casey, M. J. (2016). The age of cryptocurrency: how bitcoin and the blockchain are
challenging the global economic order. Retrieved from
https://www.huffpost.com/entry/the-age-of-cryptocurrency_b_9543278
Weast, T. (2011). American Sign Language tone and intonation: A phonetic analysis of eyebrow
properties. Formational units in sign languages, 203, 225. Retrieved from
https://pdfs.semanticscholar.org/18f7/92df523e5a006c132b65b9ea0e576518f457.pdf
8.0 APPENDIX
online
storage
Syncing.
Alliance.
-Email -Access Authe -Two-factor
verification code nticati authenticatio
(default), Authenti on n, Email
Password- cation, authenticatio
based SMS
throug n, SMS
authenticatio Authenti h the Authenticatio
Authe n, Phone cation, genera n, and
ntication Authenticatio ID tion of knowledge-
methods n Premium Verificati autom based
and on (IDV) atic questions
knowledge certific
Based
ates,
Authenticatio
Securi
n (Chen et al.,
which
ty
2010) provid
es the
electro
nic
signatu
re
trails
such as
dates,
locatio
n, and
time
when
the
signin
g
occurs
29
- -AES -
Maintenance 256-bit Panda -SSL 256-bit
of secure encrypti
Secur Doc encryption
checksum of on for
ity mechanism
the applicati
uses a
used
document to on-level bank-
ensure their custome grade
confidentialit r data. AES
y and 256
integrity. encryp
-Using Public tion
Key
which
Infrastructure
(PKI)
uses a
(Martin,2017) secure
key
manag
ement
applica
tion.
authorized such as
employees HIPAA,
are allowed ISO
to have 27001,
access to the and PCI
server(De DSS
Capitani di level 1
Vimercati, (Chen,
2017). 2017)
-Hash - -SignNow
-Adobe sign digital
How algorith PandaD makes use of
to hash signatures are m is oc DSA, RSA,
algorithm is applied makes AND ECDSA
embedded with to the use of a algorithms
different in
each software encryption codes documen public (Lindell, 2017)
t data key
which are a bunch of during algorith
zeros encrypted with the m
signing. where
the sender's private The the
key. resulting algorith
output m is
of the triggere
-The algorithm used is algorith d once
m (hash the
a one-way function in
value) is panda
which the output the docume
represen nt is
value is assigned to
tation of signed
the signature the input and a
documen hash
algorithm with the
t data. value
private key to create The hash gets
value is created
digital signature
encrypte dependi
results (Lindgren, d ng on
2016). through the
the docume
signer's nt's
private content
key, and is
which encrypt
produces ed using
the the
documen PandaD
t's digital oc
31
signature private
. Any and
change embedd
on the ed on
form the PDF.
invalidat
es the
digital
signature
.
-Integration - - -Integration
API with the Salesforc Integrati with sandbox
payment e on API APIs with
modules such applicati with the email
as Recurly. on apex banks notification
Outso tool kit such as and
urce services APIs to Eastern payments,
used by all facilitate Bank, HubSpot.
four payment Hubspot
Gener of , google
al services.