When you drag and drop a document onto the front page of this website, your browser computes a digest - which is a long number that is unique to that document. That digest is then sent to our servers where we check if we have a signature from anyone for that exact document. If we do we display who signed that document - and also then allow you to download a certificate that is proof that the website who we claim signed it actually did.
Yes.
Because we are a new service you probably do not have any documents that are signed. However we have setup a demonstration site called "DummyBank". This represents a service you might use that signs documents.
On our wiki we have a walkthough that shows you how our sevice works. Demo Site Wiki.
Take the example of you wanting to get a new mobile phone contract or buy a house. The company/solicitor will often want some form of proof of address. So you end up having to post them an original utility bill. With our service if the utility company had signed the electronic copy of the bill this would not be needed. Instead you would email the electronic bill to the company/solicitor.
They could then go to https://umpint.com and drag/drop the document. We would the show them that the document was original and signed by the owners of a specific website address e.g. "https://electricity-company.com". In addition they can download a certificate of proof. This allows them to at a later date prove in court (even if umpint.com is no longer available) that the document was original. In addition to this we provide a timestamp document that they can use to prove that they did this check at or before a specific point in time. This may be useful in the case of the solicitor who has to prove the undertook the proof of address checks BEFORE they helped you buy the house.
In order to be able to sign documents you just need to have a secure website address e.g. we have https://umpint.com. Then you need to use one of our API's (see: API Documentation) to on your computer compute the message digest, sign with the same key you use to secure your https website and send us the signature. We are designed to accept millions of signatures a day. So even if you are a business that issues many documents that need signing (e.g. a bank or utility company) we can meet your needs.
For more details on signing see Signing.
If you are an organisation that produces a lot of paper based invoices/bills/statements you will know that the production of them and postage is significantly more than emailing a "pdf" or similar electronic document. So the more customers you can convince to instead only have a electronic version the better as you reduce your costs.
Often a major reason that customers want to keep receiving paper based documents is that they know that on occasion they need them to prove their address or other similar reasons. If however you can say that the electronic document is signed, and that if the email it to anyone the recipient can confirm it is authenticity, and also download a certificate of authenticity that is valid in court they would be more likely to agree to only receiving electronic documents
At umpint.com we only know the message digest. This is a long hexadecimal number e.g.: d30d6bff91dcb8a6de9f198c3811f283e0397c8869e366814de58218819fd12a. It is the same length for every document and it is impossible to know any of the content of the document from this. We also store the signature which is a similar long number and the website that signed the document.
When you check the authenticity of a document we compute the message digest inside your browser. So no confidential information every leaves your computer.
Since we do not have any confidential information it means that even if our servers were compromised none of your data would be made public.