What we do
We make digitally signing documents extremely easy and convenient. Our mission is to increase the safety of contracts made through email.
Making deals over email is dangerous. If you do, all protection you have is an email in your inbox and an email in your "Sent" folder. Unfortunately, none of them are irrefutable - the other side may claim they never got an email from you, may forge a fake email from you or may even claim that you forged the email from them. Email technology makes it often impossible to prove the other party wrong. In order to address these problems you should use digital signatures. We make it extremely easy.
If you want to sign a document together with other people you need a PDF (you can easily generate one, as mentioned in the previous point). Once you have it you need to send an email with that PDF attached to all parties from whom you expect a signature and put firstname.lastname@example.org in CC. You need to inform the recipients what they should do next, e.g. by embedding such a text in you email: "Hi, I would like you to sign the attached PDF(s). In order to do it, simply forward this email to email@example.com. " Once all recipients forward the email to us, both you and the recipients will receive the document signed by all of you.
We operate under EU law and qualify as a Trust Service Provider according to the eIDAS regulation.
You can send us a PDF or we can generate one for you - simply put the content in
the e-mail and we'll send you the PDF.
We don't store your documents or emails. We have carefully designed our service to discard your email as soon as it is processed (usually a low number of seconds).
- Is the signature legally
Generally - yes, but this depends on your specific country regulations. The digital signature generated by mailwitness guarantees immutability, verifiability, cannot be reused between documents and is placed only after confirming one's identity via ensuring that they control the given email address.
- How safe are the
In short - as safe as your email with added guarantee of immutability and irrefutability. Mailwitness does not verify that the email address owner is who they claim to be (just like most of our competitors) - we verify that whoever had control over your email addresses made an explicit decision to sign the document. After the signature is generated, any change to the document will invalidate the signature.
- How do you protect against email
We only sign a document in the name of the holder of the email address after having verified that the e-mail they sent us has a valid DKIM signature or after they have proven to us that they can also receive emails on the given address.
- What is backdating
Whenever we sign a document in your name, we also initiate a process to put a small amount of opaque data into a Bitcoin transaction. When that transaction is made (usually after some hours), you receive an additional file from us. That file contains cryptographic information, which allows anyone to prove that your signature was placed before the mentioned Bitcoin transaction. Due to the nature of Bitcoin, nobody has the power to erase that from Bitcoin's history. You can read more about it at https://opentimestamps.org/.
- Why does Adobe Reader show
your signature as unverified?
Generating signatures which would pass Adobe's verification is expensive. At this point we cannot afford paying for it and giving it away for free. We may create a paid version in the future which will pass Adobe's test. This does not make the signature less useful, though. In order to verify it, you can use other external services, e.g. https://verifysignature.eu/ or Polish goverment verifier.
- How do I know that the person
behind an email address is really who they claim?
You need to establish it by yourself. There is no central email address book, so the appropriate way depends on the circumstances. You may verify it by phone, you may know it from previous interactions, you may just assume that the domain holder verified it (e.g. if it's a company email). In the future, we will likely add ways to address this, e.g. by adding support for using national electronic identity cards.