Data Security of E-signatures

The security of your data is our top priority

ISO 27001 certification for SignRequest's digital signatures

The safety and security of your data is SignRequest's top priority. The ISO 27001 certification is a global standard for information security. By having obtained this certificate, SignRequest shows its commitment to information security. You can review our certificate here.

Secure Sockets layer

All communications with SignRequest use Secure Sockets Layer (SSL) 256 bit encrypted endpoints to ensure the security of your electronic signatures and e-signed documents.

E-signature encryption

All documents and (embedded) e-signatures are 256 bit AES encrypted before stored on Amazon's Simple Storage Service (S3). More information on our server-side encryption (SSE-S3) is available here.


Our entire infrastructure is hosted on the European data center (Dublin) of the highly available and robust architecture of Amazon Web Services (AWS), which has ISO 27001 certification. Our databases are managed using Amazon Relational Database Service (RDS). We invite users that would like a European provider instead of Amazon to contact us to discuss the possibilities.

Digital signature security

SignRequest creates hash codes of the signed document and the signing log. Hash codes are unique for every document. With the hash codes the integrity of the e-signed document is ensured, because it is not possible to change the document without changing the hash code.

The documents can also be signed with an Entrust digital certificate, which is part of Adobe's approved trust list. This ensures the authentication and integrity of the electronically signed documents as well. More information is available here.

Access to account and documents

Users receive a link of the document that needs to be signed online in their email account. The link is unique and should not be shared with others. It is the responsibility of users to maintain sole control of their email account and the link. To access the account, a user's email address and password is needed. Optionally, it is possible to require two factor authentication with your Google, LinkedIn, Facebook or Salesforce account.