Identity fraud is an everyday threat. This week, business giant Adobe launches its new signature verification program, which promises to bring a new level of security to PDF documents. The Adobe Approved Trust List (AATL) uses a series of identity checkpoints to ensure that digital signatures are trustworthy.
The AATL is a white list of trusted “root” digital certificates housed on Adobe’s servers. The list is directly linked to the embedded certificate found in all Adobe products. Inclusion on the AATL is available only to Certificate Authorities (CAs) and certificate-issuing businesses and governments that satisfy a rigorous list of technical requirements.
Open a document containing digital signatures in Adobe Acrobat or Reader (9 or later) and by default, all the signatures on the document are traced for relationships to AATL-approved certificates. Then, the program goes a step further, checking for digital certificate validity and document integrity. Products that use the AATL will automatically reach out to update the list every 90 days—but not before verifying that the list came from Adobe
AATL members already include security companies GlobalSign and VeriSign, and the governments of the United States and the Netherlands.