Frequently Asked Questions

1- Who can verify the signature?

The signature can be verified by almost any computer user. Adobe Reader software allows users to verify signatures created with K.Sign^® while online or offline. It can be downloaded free of charge here:

2- How do I view a digital signature?

• Depending on your version of Adobe Reader^® or Acrobat (7, 8, 9, etc.), the information regarding signature validity can vary but is usually displayed as a message with an icon and an explanation in the language of your Adobe product.
• By default, when you open a signed PDF document, the signature status is displayed on a colored banner at the top of the document along with one of the following icons indicating the validity status of the electronic signature.

3- What configuration is required to use a K.Sign^® USB token?

You can use the K.Sign^® token with Adobe Acrobat products and any one of the following OS:

• Microsoft Windows 2000, 2003, XP or Microsoft Vista
• Apple Mac OSX Leopard

For use with Linux, please contact us: Bouton email to

4- Are there any technical constraints?

To use the K.Sign^® solution, you need to install a cryptographic smart card such as the Gemalto TPC IM CC (EAL4+), on one of the following OS:

• Microsoft Windows 2000, 2003, XP or Vista
• Apple Mac OSX Leopard or Snow Leopard

5- What software is required to use K.Sign^®?

Adobe^® Acrobat^® Professional or extended (starting version 7) are able to enable the extended usage rights in Adobe reader (see below)

• To use a K.Sign^® token, you need signature software such as:
• Adobe Acrobat (Standard, Professional or Extended), Version 7 or later (available for Microsoft Windows and Apple Mac OS)
• Adobe Reader, Version 7 or later, to sign PDF files created with Reader Extension rights (available for Windows and Apple Mac OS X)
• Microsoft Office 2010 or Microsoft Outlook
• Lex-Persona
• Sage

All of these software products have been tested by our technical teams to ensure compatibility with our timestamping and validation (OCSP) functions.

6- How do I create a document that enables extended Reader usage?

The Acrobat Professional and Extended software products (Version 7 or later) can enable usage rights in Adobe Reader (Reader extension) with a simple click in the Advanced Options menu.

7- Do I need to install a driver to use the K.Sign^® USB token?

The Gemalto TPC IM CC (Common Criteria EAL 4 +) cryptographic card requires the installation of a driver that is provided with the K.Sign^® token. The driver can be installed singly or using a centralized procedure within your company.
Different versions of the driver exist for the different Microsoft Windows environments and MAC OS X.

8- What is the validity of K.Sign^®?

The K.Sign^® token has a three-year lifespan and comes with a warranty and the ability to reassign the token to a new owner within the first two years of the initial issue.

9- What happens if my K.Sign^® token is blocked?

After your order is placed and identity verified, you will receive a token that you can initialize simply by selecting a PIN code and a personal unblocking key (PUK).

10- What if I lose my K.Sign^® token?

If you lose your USB token, you can revoke it using our revocation portal. You will be asked to enter the revocation code you defined at the time the token was issued. If you are unable to revoke the token yourself, you can contact your provider to perform the revocation for you.

11- What guarantees are provided for my digital signature?

The general terms and conditions of sale describe the guarantees and services associated with the issue and use of K.Sign^® tokens.

12- Is K.Sign^® the best digital signature for PDF documents?

Only six suppliers worldwide were selected by Adobe in 2007 to participate in the CDS (Certified Document Service) program and issue signature certificates that would be recognized automatically by all Adobe PDF reader products. By automatically integrating timestamp information and all certificate verification data at the time of signature, K.Sign^® ensures that the signed PDF documents remain valid for future use and reference over the long term and retain the same legal effect as paper documents (in France). The ability to view the signed PDF with no need for installation or complex instructions makes it the best solution for the paperless transmission of documents inside or outside the organization. The ROI is transparently measurable.

13- What are the technical characteristics of the USB token?

Card operating system

• Based on Java Card Virtual Machine, compatible with JC 2.1.1/2.2.1
• Card management software and API, compliant with GP 2.0.1/2.1.1/3
• Baud rates of up to 115 Kbps or 230 Kbps, depending on the card
• USB interface V1 and V2

Cryptographic characteristics
Cryptographic algorithms: 3DES (ECB, CBC) RSA up to 2048 bits & SHA-1 & SHA-256

• 2048-bit RSA key length
• On-board key pair generatione
• User PIN and Admin PIN (PUK) management
• Supports PKCS#11 API and CSP API (Windows)

Compatible with the following OS:

• Microsoft Windows 2000, 2003, XP and Microsoft Vista
• APPLE Mac OS X Leopard & Snow Leopard

Cryptographic validation of hardware

• CC EAL4+ certified and compliant with digital signature legislation

14- Can the token owner be changed prior to term?

You can request the reassignment of a three-year K.Sign^® token (one time only), within the first two years following the initial issue order.

15- Why does the K.Sign^® token use Keynectis validation and timestamping services?

Just like paper documents, in order for a digitally signed PDF document to be legally binding, it must include secure timestamp information and the assurance of identity verification (notarization) by the certificate issuer at the time of the signature. These two services are performed by a trusted third party, KEYNECTIS, whose servers are automatically called by the signature software selected by KEYNECTIS.

16- Do I need to be online to validate a K.Sign^® signature?

No. A PDF document signed with K.Sign^® does not require that the software or person wishing to validate the signature be online. The CDS signature creates a self-contained document offering long-term validation thanks to the OCSP and timestamping functions used.

17- Do I need to be online to create a K.Sign^® signature?

Yes. At the time of signing, the user must be connected to the Internet so that the KEYNECTIS timestamping and validation servers can be called automatically.

18- What is the difference between an approval signature and a certification signature?

Adobe defined two types of digital signatures that can be applied to a PDF document: certification signatures and approval signatures. Certification signatures, also called author signatures, enable the author of a PDF document to sign the document and authorize the subsequent modification of certain fields in the document (form). This process is frequently used for documents whose lifecycle requires several successive signatures (contracts, manufacturing and audit documents). Certification signatures are only available with Acrobat (Standard, Professional and Extended) and LiveCycle software solutions. When a certified document is opened, the integrity of the document and all the signatures it contains is automatically verified, in order to notify the user of any changes in the document's level of trust. A certification signature can be visible or invisible in the PDF document, enabling PDFs to be signed without making changes, such as adding a form field, to the document.
Certification signatures are the ideal solution when creating documents with multiple signatures where modifiable fields are checked at every signature level.

Example: A government agency creates a form with signature fields. The agency certifies the document (using K.Sign^® for Organization), enabling users to modify only the form's fields and to sign the document. Users can fill out the form and sign it with K.Sign^®, but if they delete pages or add comments, the document loses its certified status. Certification signatures are also known as MDP signatures (Modification Detection and Prevention).
Approval signatures can be applied using Adobe Acrobat, Adobe Reader or Adobe LiveCycle. If applied using Adobe Reader, they require a signature form field in a document enabling extended usage. Approval signatures do not generate verification information when the document is opened.

Example: A user fills out a company form and then signs it using K.Sign^® to approve the data provided.

• Find out more