DigiCert has updated its Document Trust Manager product to help reduce AI-linked document fraud.
The update adds centralised key management, broader oversight of signing activity and new integration options for existing document signing tools.
The revised product is intended to bring document signing controls into a single system, rather than leaving teams to manage separate processes across regions, departments and regulatory settings. DigiCert says this should help organisations verify who signed a document, show whether a file has been altered and maintain audit trails for internal oversight and external compliance checks.
The company positioned the update against a backdrop of rising digital document use and a parallel increase in fraud and identity misuse. It cited the growth of e-signature adoption since 2019 and pointed to cases involving fake invoices and manipulated documents.
One reported incident involved BlackRock, which was reportedly misled into a USD $400 million loan because of a fake invoice. The case has drawn attention to the financial exposure companies face when document checks fail.
New features
The updated service includes a unified workflow and centralised visibility over signing activity. Managers and auditors can monitor who signed documents, when signatures were added and whether there may have been unauthorised signing activity.
Another addition is a central repository for document signing certificates and private keys. DigiCert says this is intended to reduce dependence on physical USB tokens, which can be lost or misused. Multi-factor authentication is required for log-in and document signing.
The product now also includes pre-integrated support for DocuSign, Adobe Sign, Adobe Acrobat and desktop signing tools. This is intended to let organisations keep current signing processes in place while changing the security and control layer behind them.
An online counter-signing function has also been added through DigiCert Secure Sign. DigiCert says this allows users to counter-sign at multiple points in the signing process without using an external signing flow.
Compliance focus
The changes are also aimed at organisations in regulated sectors, particularly in EMEA, where electronic signing and digital identity rules continue to evolve. DigiCert says its system supports PKI-backed signatures under eIDAS2, ZertES and AATL.
The product also includes web-based and mobile tools for remote authentication, with identity checks that can include biometric and ID-based proofing. These features are intended to support document signing in remote and hybrid working environments where in-person verification is not always possible.
In practice, compliance is closely tied to governance. Centralised signing records can make it easier for companies to show how documents were approved, who took part in the signing chain and whether signing credentials were protected in line with policy.
DigiCert is positioning the product around cryptographic proof rather than visual review. As AI-generated content becomes more convincing, the company argues, businesses need ways to establish document origin and integrity that do not depend on staff spotting suspicious formatting or language.
"AI is making document fraud faster, cheaper, and harder to detect," said Deepika Chauhan, Chief Product Officer, DigiCert.
"Organisations can't rely on visual trust anymore. They need cryptographic proof of who signed a document and that it hasn't been altered. That's what Document Trust Manager delivers at scale," Chauhan said.
Industry analysts have also highlighted the compliance dimension of document controls as companies face pressure to show stronger governance around digital transactions.
"Enterprises are under pressure to demonstrate both compliance and authenticity," said Ozgun Pelit, Senior Analyst, Frost & Sullivan.
"Centralised management of PKI-backed document signing provides stronger assurance than legacy, siloed approaches," Pelit said.