DigiCert updates document signing tool to curb AI fraud

DigiCert has updated its Document Trust Manager software for digital document signing and verification, targeting organisations facing rising document fraud linked to AI-generated content.

The latest version combines signing key management and signing workflows in one platform, replacing separate systems spread across regions, departments and regulatory regimes. DigiCert says this approach is designed to give organisations closer oversight of signing activity and reduce the risks created by fragmented processes.

The release comes as businesses handle more digital documents and e-signature use expands. According to DigiCert, enterprise adoption of e-signatures has risen by 400% since 2019, while fraud, phishing and identity misuse have also grown. Manipulated invoices and altered documents have highlighted weaknesses in existing controls.

The update adds a unified workflow with centralised visibility into signing activity. Managers and auditors can see who signed documents and when, while also spotting potentially unauthorised signing.

It also introduces a central repository for certificates and private keys, intended to replace physical USB tokens used to store signing credentials and reduce the risk of loss or misuse. Multi-factor authentication is required for users to log in and sign documents.

The software now integrates with DocuSign, Adobe Sign, Adobe Acrobat and desktop signing tools. It also adds online counter-signing through DigiCert Secure Sign, allowing users to complete counter-signing in multiple orders without relying on an external signing flow.

Fraud pressure

The release reflects a broader shift in how organisations assess trust in documents. Generative AI tools have made it easier to create convincing fake content, raising concerns about document origin, signer identity and whether files have been altered after signing.

In regulated markets, including parts of Europe, rules around electronic signing and digital identity are also becoming more demanding. DigiCert says its system supports PKI-backed signatures under standards and frameworks including eIDAS2, ZertES and AATL.

The product is also intended to support remote authentication through web-based and mobile tools, while giving organisations a single way to oversee signing activity across their operations. Identity verification options include biometric and ID-based proofing.

Deepika Chauhan, DigiCert's chief product officer, linked the update directly to changes in the fraud landscape.

"AI is making document fraud faster, cheaper, and harder to detect," Chauhan said.

"Organisations can't rely on visual trust anymore. They need cryptographic proof of who signed a document and that it hasn't been altered. That's what Document Trust Manager delivers at scale."

Compliance demand

The market for digital signing tools has grown as more business processes move online, but compliance remains uneven across jurisdictions. For larger organisations operating in multiple countries, meeting local and regional requirements often means maintaining several signing systems and sets of controls.

DigiCert is positioning the updated product as a way to bring those functions together. It says a centralised model can help businesses maintain audit trails and tighter control over signing certificates and keys while fitting into existing workflows.

Industry analysts are also focusing on the compliance burden facing companies that must prove both the legitimacy of documents and the identity of signers.

"Enterprises are under pressure to demonstrate both compliance and authenticity," said Ozgun Pelit, senior analyst at Frost & Sullivan.

"Centralised management of PKI-backed document signing provides stronger assurance than legacy, siloed approaches."