PDF Best Practices – Security & Authenticity

J. James Wager, Consultant & Education Strategist

February 23, 2016

PDF documents in and of themselves are not secure.  There are many software programs in the marketplace that can easily create a PDF document.  In fact, some fraudulent documents may look better than the original!

Academic transcripts formatted as PDF documents require added value to ensure: 1) the document was in fact issued by the sending school; and 2) since it was issued the transcript has not been altered.

A technology feature that is sometimes incorporated into the PDF transcript entails a proprietary solution centered on the use of Adobe© PDF software.  This technique is commonly referred to as the “blue ribbon” approach since a blue ribbon icon appears on such certified PDF documents. This technique is a digital signing solution based on public key infrastructure that enables the sending school to add a signing key to the transcript and allows the receiver to certify the signing key.  The critical issue is that both sender and receiver must be using Adobe© PDF software.  This technology works as it was designed, but unfortunately the security feature completely fails if the received PDF transcript is opened/read by one of many non-Adobe© PDF reader programs.

The best practice for securing the authenticity of a PDF transcript is to deliver and receive the PDF transcript through a trusted network.  Within a trusted network the end points (senders and receivers) are vetted to ensure they are who they claim to be.  Further, there is simply no opportunity to alter a transcript that is delivered to the recipient through the trusted network.

If a receiver of a PDF transcript is not a member of a trusted network, the best practice is to incorporate PDF security that is not proprietary, which resides within the document itself, and may be externally validated.  This security approach uses the original content of the PDF transcript to calculate a highly unique document “DNA” value.  Any alteration of the PDF transcript changes the document’s original DNA value and the validation test fails.

Credentials Solutions provides a trusted network that is free of charge to all receivers.  All PDF transcripts delivered outside of the trusted network adhere to the “DNA” Best Practice and the transcript’s test for authenticity remains intact regardless of the receiver’s use of PDF software.

In the next article, we will examine the Best Practices for PDF transcripts – Content.

All news