Zoho Sign offers military-grade security for all documents by using AES-256 encryption at rest and SSL encryption in transit. This means you never have to worry about your documents being forged, tampered with, or breached.
We use a public key infrastructure (PKI), which is a two-key system wherein documents are hashed and encrypted with a private key and decrypted with a public key.
How does PKI technology work?
- You upload the document, fill in all the details, and send it out for signature.
- A hash is generated for the document.
- The hash is encrypted using a private key and attached to the document.
- The document is then sent to the recipient along with the public key.
- The recipient receives the document and the public key.
- The document is decrypted using the public key.
- A hash is generated.
- Both hashes should match to ensure that your document has not been tampered with.
Certificate authority
Documents signed through Zoho Sign use region-based digital signature certificates that are issued by reliable and accredited certifying authorities. This ensures that your documents are not just secure but also legally valid and reliable.
US, AU, and Japan
GlobalSign GCC R6 AATL CA 2020
IN
Capricorn CA 2014
EU
QuoVadis EU Issuing Certificate Authority G4
Why Zoho Sign?
Zero-knowledge architecture
At Zoho, only the encrypted hash of your document is stored. Your document cannot be accessed or viewed by anyone, including Zoho employees.
Multi-factor authentication
Zoho Sign offers an additional layer of security with multi-factor authentication through SMS one-time passwords (OTPs), time-based one-time passwords(OTPs), YubiKeys, or Zoho OneAuth.
Blockchain timestamping
With blockchain-based timestamping, Zoho Sign establishes an additional layer of security to ensure your documents remain tamperproof.