What exactly is an audit trail and what electronic evidence does it contain?

When carrying out any digital transaction, what guarantees have the involved parties regarding the legality and integrity of the information transmitted? This issue continues to cause a lack of confidence on the part of both companies and consumers, and ultimately slamming the brakes on the evolution of a digital economy and society.

To eliminate mistrust and enable online transactions occur securely, the figure of the trusted third party comes into play, whose mission is precisely to collect as much electronic evidence as possible during any electronic transaction — the sending of email addresses, SMS messages, IP addresses, etc. — to demonstrate to a third party that these electronic transactions actually occurred.

Signaturit acts as a trusted third party, and to collect all electronic evidences generated during the signing process, we issue an audit trail. In this post we explain in detail what exactly the audit trail is and what information it contains.

What is an audit trail?

An audit trail is a document in which all electronic evidences (data) generated during the signing process is stored. This evidences serve as evidence to ensure information integrity at all times, avoiding any kind of manipulation. Therefore, the audit trail serves as valid legal evidence in any court of law.

What is it meant by information integrity?

• The term “integrity” means guarding against improper information modification or destruction, including ensuring information nonrepudiation and authenticity.
  – Cyber Intelligence Sharing and Protection Act. H.R. 624. 2013.
• A property whereby data has not been altered in an unauthorized manner since it was created, transmitted or stored.
  – [NIST-SP800-57:2007]

Source: Definitions contained in the Glossary of Terms CCN-STIC-401 developed by the Spanish National Cryptologic Center (Centro Criptológico Nacional).

What electronic evidences are contained in Signaturit’s audit trail?

Our audit trail collects different electronic evidences during the signing process, and classifies them as follows:

> In “Document Shipping Information” there is the following data:

• Name and email address of the sender.
• Name and email address of the signer.
• Document name(s).
• Document CRC: unique identifier (different for each file).
• Location: place in which the document was signed (it includes street number, city, zip code, region and country).
• Private document identifier: Signaturit’s own identifier.
• Date and time of signing.

> In “Process Evidence” you can see the different states through which the document passes since it is sent so sign: email sent, email delivered, document opened and document signed.

The following data is included for each state: IP address, date and time when each stage of the process has taken place, type and version of the operating system being used as well as browser type and version.

The data in “Shipping Information” and “Process Evidence” can be easily downloaded and displayed as a PDF.

Example of the audit trail document:

Signaturit’s own certificate.> In addition, the audit trail includes two certificates guaranteeing that neither the documents nor the signatures have been altered once the signature has been made.

1. Time Stamping Authority certificate.

What is a Time Stamping Authority?

A Time Stamping Authority (TSA) is a provider of certification services and acts as a trusted third party that provides timestamping services to ensure the date and time in which any electronic operation or transaction occurred.

Timestamping is a method to prove that a set of  data existed before a certain point in time, and an assurance that none of these data has been modified since.

When internet operations or transactions are made, knowing the time when they occurred is important. The services of a TSA that, as a trusted third party will record the date and time at which the transaction occurred, are vital to provide evidence, to ensure the source of time used and ensure the integrity of the sealed data.

Sources: (In Spanish) Portal de Aministración Electrónica and CERES.

To view the two certificates, you must open the audit trail with Adobe Acrobat Reader. Both certificates can be viewed by clicking the “Signature Panel” button. You can also view the certificates in the signed document itself if opened with Adobe Acrobat Reader.

From where can I download the audit trail and the signed document?

Once the signer has signed the document, go to Signaturit’s dashboard →  Inbox → Sent Documents. Here you will see that the status of the document you sent to sign is now marked as being “Completed.”

By clicking on the document, a window will open from which you can download both the signed document and audit trail. To download the audit trail, click “Download Full History.”

Both documents will be downloaded in PDF format. When the downloaded files are opened with Adobe Acrobat Reader, you will see both the certificate issued by Signaturit and the TSA certificate.

The signer will receive a copy of the signed document in his/her email but not the audit trail, the latter only being accessible to the sender.

If you have not tried our electronic signature solution, you can do so today. We offer 7-day free trial for you to learn how quickly and easily you can send documents to sign, and to test out all of our tool’s advanced features – for free!