Multi-Layer PDF File Security Question

Report · Nov 30, 2023

The company I work for forwards some monthly service invoices via email as .pdf files, as some customers still demand invoices in this manner.

Recently, one such email was intercepted, from the recipients system, and the bank routing information changed to a fraudulent account. Luckily, the bad guys reached out to our customer in an 'attempt' to explain the routing number change and our customer called us.

I am currently part of the team assembled to implement additional security procedures for this process, and am exploring avenues for additional layers of security for the process.

What I would like to know is if Adobe has moved beyond the basic password for pdf file security, which can be bypassed with any screen shot software, and into other methods that would prevent pdf file tampering?

I'm also open to any suggestions from this group of experts!

Thank you, in advance, for your assistance and'or suggestions!

Report · Nov 30, 2023

You may consider applying a digital signature and teaching your customers to check for that signature.

What I would like to know is if Adobe has moved beyond the basic password for pdf file security, which can be bypassed with any screen shot software, and into other methods that would prevent pdf file tampering?

Adobe Acrobat (Reader) has been supporting digital signatures since the end of the last century.

View solution in original post

Report · Nov 30, 2023

That's really the only way to ensure the data in a PDF file hasn't been manipulated.

View solution in original post

Report · Dec 01, 2023

I keep wishing Adobe would develop a 'digital' watermark that would perform like a print one, and scramble or otherwise change the pdf image when captured or removed from the original file.

Well, digital signatures are something akin to that, aren't they?

If you manipulate the PDF, the corresponding entry on the Signature Panel shows that the signature is broken.

If you take screenshots or remove the signature, the signature is missing on the Signature Panel.

If you replace the signature by your own, the signature on the Signature Panel has the wrong signer.

The most important detail here is that the recipients of the PDF must be informed how to look for the signature and verify the signer.

Getting the company onboard for any level of customer training is a whole other issue! LOL

Whatever mechanism you eventually choose, your customers must be informed about it and learn to validate the document they receive. Thus, without some degree of training the additional security procedures you implement won't help a bit.

View solution in original post

Report · Nov 30, 2023

You may consider applying a digital signature and teaching your customers to check for that signature.

What I would like to know is if Adobe has moved beyond the basic password for pdf file security, which can be bypassed with any screen shot software, and into other methods that would prevent pdf file tampering?

Adobe Acrobat (Reader) has been supporting digital signatures since the end of the last century.

Report · Nov 30, 2023

That's really the only way to ensure the data in a PDF file hasn't been manipulated.

Report · Dec 01, 2023

Mikel, thank you! That is an avenue I am definitely looking into. Getting the company onboard for any level of customer training is a whole other issue! LOL

I keep wishing Adobe would develop a 'digital' watermark that would perform like a print one, and scramble or otherwise change the pdf image when captured or removed from the original file. Well, one can hope...

Thanks, again!

Report · Dec 01, 2023

I keep wishing Adobe would develop a 'digital' watermark that would perform like a print one, and scramble or otherwise change the pdf image when captured or removed from the original file.

Well, digital signatures are something akin to that, aren't they?

If you manipulate the PDF, the corresponding entry on the Signature Panel shows that the signature is broken.

If you take screenshots or remove the signature, the signature is missing on the Signature Panel.

If you replace the signature by your own, the signature on the Signature Panel has the wrong signer.

The most important detail here is that the recipients of the PDF must be informed how to look for the signature and verify the signer.

Getting the company onboard for any level of customer training is a whole other issue! LOL

Whatever mechanism you eventually choose, your customers must be informed about it and learn to validate the document they receive. Thus, without some degree of training the additional security procedures you implement won't help a bit.

Report · Dec 04, 2023

You are correct, sir! I honestly have not thought the digital signatures that way. That is EXCELLENT! Thank you, Mikel!

Now to seel the higher-ups on this additional security...

Report · Jun 16, 2025

This is not precisely the same. It would be more secure if adobe refused to edit/display a file with a broken signature with a message, "The original author's signature has been tampered with, contact your service provider." without allowing a link to any provider. That would require minimal training, and most of it could be in a readme on the author's site. That said, "Original Author is guaranteed to be the service provider" is a tough concept in the current situation where a PDF could be simply copied and inserted into an email as a newly authored (signed or unsigned) PDF with an non-sanctioned author, but passing all typical security checks except for a manual signature name check.

Now, adobe acrobat/Acrobat reader could be augmented to support a secure mode that enforced "Authorized Signature Mode" where the author of a PDF has to be matched against a list of certificates the user has authorized before. This would not prevent straight on fraud quite as absolutely, but would stop man in the middle attacks with less individual training. On the down side, expired/invalidated certificates would cause some confusion and somebody would still have to do the education for all secure users. On the plus side, this would allow you to be careful ONCE when you establish a relationship with a new secure contact, when you have your guard up and are watching for fraud, as opposed to the current state where you must train the user to be on guard for every interaction where everything is probably OK, but there might be an imposter. This follows the model ssh follows with connnection signatures, which should be more widely used in any case.

Report · Dec 01, 2023

The digital signature is such a watermark. Your customers need to be aware of that, however. If the customer does not verify the signature, they will not detect the manipulation.

All security is only so good as the people getting paid to verify those, if the security can't be faked by themselves.

ABAMBO | Hard- and Software Engineer | Photographer