Tamper seal

When a document is finalized, QSign applies a tamper seal — a cryptographic (CMS) signature over the finished PDF. If even a single byte changes afterward, signature verification fails, so any later modification is detectable.

The seal is computed over the finalized bytes and recorded alongside the document hash, the seal timestamp, and the signature method — the basis of the evidence trail.
For maximum third-party trust (a green “valid” in Adobe Reader without manual trust), an organization can configure a signing certificate from a recognized CA.
A self-signed seal still provides full tamper-evidence, but some readers show a yellow “not trusted” banner until the signer’s CA chain is trusted — this does not affect the legal validity of the signature.