SHA-256 tamper detection on every document.

Docuplete records a SHA-256 hash of every completed PDF at the moment of generation. If the file is modified after delivery, the mismatch is detectable immediately — giving you cryptographic proof that the document is unchanged.

Start free trial See live demo →

How it works

What you get with this feature.

SHA-256 hash computed and recorded for every completed document
Hash stored independently in Docuplete's submission bank
Any single-byte modification to the PDF changes the hash and is detectable
Verify any document via the Docuplete verification endpoint or API
Combined with RFC 3161 timestamp for multi-layer tamper evidence
Hash included in the signing certificate page appended to the document

Details

Everything to know.

How SHA-256 works

SHA-256 is a cryptographic hash function that produces a unique 256-bit fingerprint of any file. Even a single character change produces a completely different hash — making modification detectable.

Applied at generation

The hash is computed at the moment Docuplete generates the completed PDF — before delivery. This creates an immutable record of the original document.

Verification by hash or token

Verify any document via the Docuplete verification endpoint — providing either the document's unique token or the SHA-256 hash. No account required.

Combined with trusted timestamps

The SHA-256 hash is cryptographically bound to the RFC 3161 trusted timestamp. Together they provide: proof of content (hash) and proof of time (timestamp).

Included in the signing certificate

The SHA-256 hash of the completed document is printed on the signing certificate page appended to every signed PDF — making it auditable without any system access.

Independently verifiable

SHA-256 is an open standard. Any SHA-256 tool can recompute the hash of a Docuplete PDF and compare it against the recorded value — without needing to involve Docuplete.