Finding and interpreting the Evidence package
The evidence package is attached to each document signed through Scrive* and provides a detailed record of when and how the signing occurred. This evidence package can be used to prove the legal validity of a signed document. All documents signed using Scrive can be checked for integrity, i.e. that the document has not been altered.
Each evidence package includes:
Verification page: At the end of each signed PDF, you'll find a verification page that includes a summary of the signing process as well as the Scrive seal stamp. The verification page contains information about the author of the document and every signatory, including how they signed the document. In addition, there is an overview of events with dates and times according to the Scrive servers (possibly translated to the author’s time zone).
Embedded HTML attachment: Additionally, an embedded HTML attachment containing the full evidence log is added to each sealed document. This attachment contains comprehensive details about the signing process.
Scroll down to learn more ⤵
A file that is claimed to have been signed in Scrive is only trustworthy if it is an original. Any change to the document contents will mean that the document is no longer an original. This includes adding notes, highlighting or compressing the PDF.
Scrive will store an original of each document until the author (person or system that created the document) deletes it.
All unaltered instances of a document signed in Scrive is an original.
To verify the integrity of a document, upload it to https://scrive.com/verify and make sure that you get the confirmation message that the file has a valid signature.
View the Evidence package in a PDF viewer
An easy way of viewing the embedded HTML evidence package is to open the original document in e.g. Adobe Acrobat Reader. Click on the attachments icon to show the list of attachments which together make up the evidence package. All the attachments are in a HTML format. Double-click on a file to open it in your default browser.
The attachments consists of:
Evidence Quality Framework – about the framework Scrive uses for evidence quality.
Service Description – a detailed description of how Scrive works.
Evidence Log – all events associated with this document, in detail.
Evidence of Time – samples from the Scrive server clocks and statistical analysis of the clock error (to make it possible to determine how exactly the Scrive clocks are).
Evidence of Intent – screenshots from the devices (computer/phone/tablet) the signing individuals used to sign. (This works most of the time but not always, as web browsers can be unpredictable.)
Digital Signature Documentation – a detailed description of how Scrive’s blockchain based digital signing works; the basis for securing the integrity of documents signed in Scrive.
Quality of Scrive E-signed Document – an explanation on how Scrive fulfils evidence quality requirements.
The “last updated” date is when Scrive last changed something in the template for the attachment. The attachment itself was generated when the last signing party signed.
Information in the Evidence log
Questions about who signed a document, when it was signed, and how it was signed can all be answered using both the Evidence log and the Evidence of Intent.
Evidence log (Appendix 3)
This file contains all events that Scrive has been able to record about the document, up until the last person signed it. Thereafter, the file is locked. Or rather: if the file is changed after this point in time, it is not what the signatories signed and it is therefore no longer an original. It is not possible to verify the integrity of the document if it has been changed. See more above in the section on “Document integrity”.
In the Evidence log, you'll find key information, including the signatory’s name, email address and/or phone number, along with the timestamp and IP address of the device used to view the document.
The timestamp is in the leftmost column. Scrive always uses time in the UTC time zone. The CES column is the last time we analysed the clock error (which in turn results in the +/- X ms in the leftmost column). The IP address is in the third column.
It should be noted that an IP address is not a very good way of identifying an individual. A very common case is that many individuals, sometimes whole cities, share a single IP address. However, the user behind the IP address might be located somewhere completely different as they may be using a VPN.
Evidence of Intent
The Evidence of Intent file normally contains images of what the signatories saw on their screen. As this is a client-side script, it is sometimes impossible to capture a screenshot and due to browser settings or browser bugs,. When it works, it is however what the signatory saw. The intent of capturing and storing these screenshots is to prove that the agreement that was signed was shown and that the button used to sign did not say anything other than “sign” (in one or another language).