With how many Office documents do you deal in a day?
Maybe you received an Excel spreadsheet via e-mail, had a closer look at a Microsoft Word report that needs to be reviewed and worked on a PowerPoint presentation for an important meeting. Maybe you have spent hours carefully crafting a legal brief or a transactional document that contains sensitive information. Or maybe it is something completely different - but I would bet you have many Office documents going through your hands every day.
But out of all those Office documents, is it possible that one is not authentic, not what it is supposed to be? Could there be a recipient of your documents having second thoughts on whether he can trust that super-important document you have sent?
Digital certificates
Until recently, the only way to cater to these concerns would be to use digital certificates. Digital certificates are not a specific solution to prevent document tampering. They are used to protect all aspects of data communication, from websites for business and banking to shopping and product development, to social media.
The procedure to obtain and use a digital certificate involves a bit of a hassle. To obtain the certificates in the first place, you need a certificate authority (CA). A CA issues and sells the certificates. You can also have internal CAs that issue certificates, but those are limited to internal use.
Think of your digital certificate as a kind of passport. A passport is used to prove that you are who you say that you are. It is issued by a trusted authority: the state.
As with a passport, a digital certificate must be requested at a trusted authority – the CA in this case. The certificate is used to authenticate an entity at a specific IT service or used to secure communication.
Like a passport, a certificate has an expiration date. This date depends on the initial parameters in the certificate request. After a certificate expires, it is no longer usable. You need to go through a renewal process to have it working again.
Revocation also can stop a certificate from being used. Entities accessing the certificate must check to see whether the certificate was revoked before trusting it.
Taking it all round, it is all a bit too complicated to guarantee a document is tamperproof – and we didn’t even get to how to use the certificate with the document…
A New Approach - Blockchain Seals
In 2019, an alternative to using the digital certificates came up that focused on the maximum protection against manipulations (integrity) and assuring authorship (authenticity) of documents, files and processes - blockchain seals. Their use is far more straightforward, and they do not expire. Instead of relying on a centralized authority, the base idea is quite the opposite. Blockchain seals take advantage of the blockchain being a distributed ledger.
From the user standpoint, it is far easier to handle. You seal your files - automatically or with a simple click - and then any stakeholder can verify that digital seal. Stakeholders can, therefore, make sure no one manipulated the files that matter to them and that they are tamperproof.
From a technological standpoint, digital seals stored on a blockchain live independently of the object the seal refers to. The distributed nature of blockchain means there is no need for a central certificate authority or central timestamping server, which are the typical dependencies of existing e-signature systems.
You can achieve parallel signing and independent verification, with or without the object itself. You can implement business rules, such as rules-based on mandates, 4-eyes, majority vote, seniority, or any other.
Lastly, but not less important, you can register multiple actions in a sequence on a blockchain. Each registration is linked to a specific case, document, and task performed by the parties involved, creating a chain of transactions: an auditable trail. This audit trail can then be verified by authorized third parties, providing transparency, compliance, and, most importantly, trust. An example of how this is used can be found in the article published in May 2020 Blockchain to revolutionize invoices and quotes.
This solution was welcomed and awarded. Nonetheless, there was a final challenge for digital seals - making this solution work with the ubiquitous Office documents. This seems difficult because of the way Office files have their metadata, but finally, it became possible. Digitally sealing Office files was finally a reality in December 2020 when a new version of CB Blockchain Seal was launched. This is now a patent-pending technology.
CB Blockchain Seal
CB Blockchain Seal is a very flexible piece of software. It can be integrated into most mainstream business software like Microsoft Exchange, Dynamics 365, or Salesforce. To choose with which software you want to integrate with, think of which software holds the most import documents, files or processes for your organization. The integration capabilities of CB Blockchain Seal make it ideal for a project with systematic, automated processes and/or a large number of documents.
There is an out-of-the-box version for Microsoft SharePoint – CB Blockchain Seal for SharePoint. Having an out-of-the-box solution takes away all the complexity of setting up your own sealing system, with the added benefit of knowing the solution is GDPR compliant – and compliant with several other regulations worldwide as well.
You can automatically seal all documents or the documents that meet specific criteria. Alternatively, you can seal individual files upon request as well. Any user - internal or external to the organization -that views your documents will be able to verify the integrity of your files as well as the correctness of their origin. Additionally, they will be able to confirm the creation date and time of the files.
Use Cases
Any kind of information that you might want to prove untampered makes for a good use case. Some of the most common uses for Blockchain Seals are:
- Sensitive and confidential information, such as:
- Wage and salary rosters
- Healthcare records
- External financial information, such as:
- Invoices and receipts
- Bank statements
- Bills of lading and commercial letters
- Tax assessments
- Internal financial statements, including:
- Material withdrawal slips
- Proof of cancellations and transfers
- Expense reports
It is important to know that any of these can include Office documents as well. In the past, you would have had to save in a different format, normally PDF, and then seal.
All of these allow for historical proof. As the seal never expires or ends its validity, you can verify everything is still OK even years after the seal was originally created.
Pricing, costs and ROI
Using an out-of-the box solution such as CB Blockchain Seal for SharePoint makes this state-of-the-art technology available at a fraction of the cost of digital certificates solutions. It also has a low transaction cost (under one cent).
Takeaways
Blockchain seals have been a lead solution in proving documents’ integrity and authenticity since 2019, but they now are a much more encompassing solution as they can also be used on Office documents.
Would you like to see for yourself what CB Blockchain Seals can do?
I suggest you talk to our experts - they will be glad to provide you with a free demo or answer any questions you might have. You can also call us at +1 (720)-577-3030 if you prefer the phone.
Want to learn more? I recommend these articles from our blog:
Ana Neto
Technical Advisor
Connecting Software
Author:
Do you have any questions or comments about this article?
I would love to have your feedback, leave a reply below!
Comments 1
One of the solution’s advantages is that the user’s working environment does not change. The data integrity solution based on blockchain runs in the background of all existing system operations and processes.