CT Signature audit evidence

Tamper-evident audit trail on every signed document.

Every envelope produces a tamper-evident audit certificate showing every action: viewed, consent acknowledged, signed, declined, with cryptographic hash, IP address, device fingerprint, and timestamps. The defensible evidence courts and auditors expect when an electronic signature is challenged.

Get early access What's in the audit

Cryptographic: Document hash, not just metadata
Per-action: Every step timestamped
Verifiable: Independent of the platform

What's in every audit certificate

The evidence chain that defends signatures

When a signature is challenged, the audit certificate is what determines the outcome. CT Signature's certificate documents every element.

Cryptographic hash of the signed document
Every action: viewed, signed, declined, with timestamps
IP address and device fingerprint per action
Consent disclosure acknowledged
Independent verifiability via hash chain

Cryptographic

Hash, not just metadata

Independent

Verifiable without platform

Per-action

Every step timestamped

Defensible

Court-ready evidence

Why this matters

An audit trail that's just metadata isn't audit evidence — it's a list.

Many e-signature platforms produce 'audit trails' that are essentially logs of metadata: timestamps, IP addresses, who clicked what. Useful for general visibility, but the gap shows up when a signature is actually challenged. Without cryptographic integrity binding the audit log to the specific document signed, an opposing party can argue the document was altered after signing — and the audit trail can't refute it conclusively because the trail doesn't prove the document hasn't changed.

CT Signature's audit certificate is different. It includes a cryptographic hash of the document at the moment of signing. Future verification is straightforward: hash the document being challenged, compare to the hash in the audit certificate. If they match, the document is provably the one signed. If they don't match, alteration occurred after signing. The verification doesn't require trusting the platform — it's mathematics, independently verifiable by anyone with the document and the audit certificate.

On top of cryptographic document integrity, the audit certificate documents every action chronologically: when the envelope was sent, when it was first viewed, what consent disclosure was acknowledged, when each field was signed, the IP address and device fingerprint per action, when the envelope was completed. The full lifecycle of the signing event is reconstructable from the certificate alone, without access to platform logs that could be questioned.

What real audit evidence requires

Cryptographic document hash — not just metadata about the document
Independent verifiability — doesn't require trusting the platform
Per-action attribution — every step with timestamp, IP, device
Consent capture — what consent was shown and acknowledged
Tamper-evidence — alteration of the certificate itself is detectable

Audit trail capabilities

What CT Signature's audit certificate documents.

Cryptographic hash of the signed document

The audit certificate includes a SHA-256 hash of the document at the moment of signing. Future verification: hash the document being challenged, compare to the certificate's hash. Match means the document is the one signed; mismatch means alteration after signing. Verification is mathematics, not trust.

Per-action chronological log

Every action is documented in chronological order: envelope sent, first viewed, consent disclosure acknowledged, each field signed, envelope completed (or declined, or expired). Each action has a timestamp accurate to the second.

IP address and device fingerprint per action

Each action captures the IP address it originated from and a device fingerprint identifying the specific device used. If the same envelope is signed from multiple devices (e.g., viewed on a desktop, signed on a phone), each action's device is documented. The signing context is reconstructable.

Consent disclosure documentation

Before signing, every signer is presented with explicit consent disclosure (per ESIGN/UETA requirements). The audit certificate documents that the disclosure was shown and acknowledged, with timestamp. If a signer later claims they didn't consent to electronic signing, the certificate refutes the claim.

Independent verifiability

The cryptographic hash and timestamps are independently verifiable without requiring access to CT Signature's platform. Anyone with the signed document and the audit certificate can verify integrity. The verification doesn't depend on the platform being available or trusted.

Tamper-evident certificate

The audit certificate itself is cryptographically protected from modification. Tampering with the certificate is detectable. The certificate's integrity is a separate cryptographic guarantee from the document's integrity, both verifiable independently.

What it looks like in practice

A few ways teams use this.

Signature challenged in court

Opposing party in litigation claims the contract was altered after signing. Plaintiff produces the signed PDF and the audit certificate. Court hashes the PDF, compares to the certificate's hash — match. Document integrity is established mathematically; the alteration claim fails. The audit certificate's IP, device, and timestamp data corroborate the signing event happened as represented. Case proceeds with the contract validated.

Regulator audit of e-signature compliance

Regulator audits a sample of electronically-signed consent documents. For each, the audit certificate documents: consent disclosure shown, consent acknowledged, signing action with timestamp, IP and device per action, document hash. The certificate satisfies the regulator's evidentiary requirements without follow-up. Audit closes without findings.

Years-later document verification

Five years after signing, a question arises about whether a specific document was altered. The signed PDF is retrieved from archive; the audit certificate is retrieved from the same archive. Hash verification proves the document is unchanged. The verification doesn't require CT Signature's platform to still be running — the cryptographic guarantee is independent of the platform.

Frequently asked

Common audit trail questions.

What cryptographic algorithms does the audit trail use?

Document hashing uses SHA-256, an industry-standard cryptographic hash. The audit certificate's tamper-evident protection uses standard digital signature schemes. Specific algorithms are documented in the platform's security architecture documentation, available to early-access partners under NDA. All algorithms meet current industry standards for cryptographic strength.

Can the audit certificate be modified after the fact?

No. The audit certificate is cryptographically protected from modification. Any alteration of the certificate would be detectable through the cryptographic verification chain. The certificate's integrity is preserved by mathematics, not by access controls or trust assumptions.

How long is the audit certificate valid?

Cryptographic hashes don't expire — SHA-256 is currently considered cryptographically strong indefinitely under current threat models. The audit certificate's evidentiary value is preserved as long as the cryptographic algorithms remain unbroken. Industry guidance is to migrate to next-generation algorithms when current ones approach the end of their security horizon; the platform's algorithm choices follow industry guidance.

Is the audit certificate admissible as evidence in court?

The audit certificate is designed to be admissible under federal and state rules of evidence for electronic records. It documents the elements courts look for when authenticating electronic signatures. Specific admissibility in any case depends on the specific court's evidentiary rulings; the certificate provides the foundation. The cryptographic verification is independently performable by experts as needed.

Can audit certificates be exported for long-term archive?

Yes. Audit certificates are downloadable per envelope and can be archived alongside the signed PDFs for long-term retention. The cryptographic integrity is preserved in the exported file; verification is performable independent of the platform. Standard archive format ensures audit certificates remain readable years later.

What about audit trail data privacy?

The audit certificate captures IP addresses and device fingerprints — data that may be considered personal under some privacy regimes. The platform's privacy posture treats audit data per HIPAA-aligned controls (access scoped to authorized users, retention rules applied). For privacy-sensitive use cases, contact us to discuss specific data handling requirements during onboarding.

Audit evidence that holds up under scrutiny.

Get on the early-access list and we'll walk through the audit certificate's structure and verification flow against your specific documentation and compliance needs.

Request early access Back to CT Signature