Ask a Question

Advanced Search

Alert ID : INFO1034

Last Modified : 06/26/2018

Authentic Document IDs for BREW - FAQ's








About Authentic Document ID

System Requirements

Error Messages

About Authentic Document ID's

What is digital notarization?
Digital notarization is a timestamping service that lets you prove the existence and state of an electronic document at a fixed point in time by creating a digital receipt.

What is a digital fingerprint or hash file?
Often described as a digital fingerprint, a hash is simply a "summary" generated from a digital document using a mathematical rule or algorithm. It is designed so that a small change in the document would produce a big change in the hash. Hashing algorithms are "one-way": you can create a hash from a document, but you cannot recreate the document from a hash. A hash is not an encryption of the document. Most importantly, it's very difficult to find two documents that have the same hash.

The Authentic Document Service uses hash files because a small (but important) change in a document (like changing US$100,000 to US$1,000,000) would produce a completely different hash.

What is an Authentic Document ID
An Authentic Document ID is a Class 3 certificate that allows you to perform digital notarizations, using Symantec's Authentic Document Service, for the purpose of authenticating documents. Symantec Authentic Document IDs are used to create and send a signed fingerprint (hash) of the original document to Symantec's Authentic Document Service (the original document never leaves the requestor's personal computer). Upon receipt, the Authentic Document Service verifies the validity of the signature. After the signature is verified, the signed fingerprint is digitally time-stamped to create a digital receipt, which is delivered to the requestor's personal computer. The signed fingerprint submitted by the requestor is also stored by Symantec, and can be made accessible to the appropriate parties at a later date for dispute resolution and auditing purposes.
How long is the Authentic Document ID valid?
Authentic Document ID is valid for one year from the date of ID issuance

My Authentic Document ID has expired and I have unused digital notarizations. Can I use these when I renew my ID?
No, your unused digital notarizations expire with your ID. You will purchase new digital notarizations when you renew your ID.

What is an Authentic Document Seal?
The Authentic Document Seal is an icon you can attach to digitally notarized documents before you publish them online. By simply clicking on the seal, readers can verify that the document they are looking at is the same as the one you published and has not been altered or tampered with since you digitally notarized it.

What is the Personal Trust Agent (PTA)?
The Symantec Personal Trust Agent (PTA) is a software component that seamlessly downloads into the browser to give the user an enhanced and user-friendly experience when using various Symantec trust services.

What is a Digital Receipt?
A digital receipt is a block of data bound together and signed by Symantec's timestamping Certification Authority (CS). It includes a fingerprint (hash) of the document file along with the date and time derived from a trusted time source. A digital receipt acts as evidence that a document existed at a particular point in time. It forms the receipt returned to a requesting party to prove the transaction occurred.

With Symantec's Authentic Document Service, Symantec acts as witness, standing behind the assertion that the transaction took place at a specific moment in time. Because each receipt is a persistent data object, it can serve as non-repudiable proof of the document's existence at the time of digital notarization, and of the organization that digitally signed the document.

Does Symantec keep a record of the digital notarization receipts?
Yes, Symantec saves a copy of all digital notarization receipts generated from our Authentic Document Service. However, Symantec does not store the original document. In fact, the original document never leaves the requestor's personal computer.

What does the Authentic Document Service do?
Symantec's Authentic Document Service digitally notarizes a signed fingerprint of your document. By comparing the signed fingerprint stored in the digital receipt with a fingerprint calculated at a later date, Symantec is able to verify whether or not your original document has been changed.

How do I install PTA (ActiveX Control)?
The PTA and the ActiveX control are automatically installed when you apply for an Authentic Document ID.

What is the user profile created by the PTA?
When you submit your application for an Authentic Document ID, the PTA creates a user profile which is secured by a user selected password. This password must be remembered as it is required for use of the Digital ID for authenticating documents. The user profile contains the user's private key as well as the Authentic Document ID.

Why does the PTA require a password?
The password on the PTA dialog is used to protect your Authentic Document Profile. The profile stores your Authentic Document ID and the private key that is bound to that ID. The profile is protected with a password to ensure that only you can use that ID to request a digital notarization. Without the password, you cannot access your Authentic Document ID.

Why is it recommended that I backup my user profile (private and public keys)?
The PTA user profile stores both your private key and your Authentic Document ID. For security reasons, Symantec does not store user profile passwords and as such cannot recover or reset forgotten passwords. That means that if your user profile becomes corrupted or lost for some reason, you will be completely unable to use your Authentic Document ID and unable to access the Authentic Document Service. By backing up your PTA profile, you protect yourself against these types of situations. In fact, we recommend that the backup of the profile be saved to an offline medium, such as a floppy disk, etc. and stored in a separate, secure environment.

What do I do if I forget my password?
For security reasons, Symantec does not store PTA user profile passwords. Symantec cannot recover or reset your forgotten password. If you forget your password, you cannot use your Authentic Document ID or access the Authentic Document Service. There are two options for lost passwords: 

  • If you backed up your PTA profile, you may import your backup of the Authentic Document ID (you may have backed up your PTA profile during the enrollment process) into the profile and lock it with a new password.
  • If you did not back up your profile, you can no longer use your Authentic Document ID. Contact Qualcomm at

Should the backup password be the same as the PTA user profile password?
For security reasons, we recommend that your backup password and your PTA user profile password be different. In the event of your password being compromised, separate passwords would provide additional protection. We recommend that the backup of the PTA profile be saved to an offline medium, such as a floppy disk, etc. and stored in a separate, secure environment.

I enrolled for and installed my Authentic Document ID on my computer. Can I move this Authentic Document ID to a different computer?
Export your Authentic Document ID to a file, transfer the file to the new computer, and import the ID into the new computer. Go to the Authentic Document ID Preference Center at  SO7231. Click Export ID and follow the instructions. Transfer the exported file to the new computer. On the new computer, go to the Authentic Document ID Preference Center. Click Import ID and follow the instructions to install the ID on the new computer.

When would I need to de-install the PTA?
Under normal operation it should not be necessary to de-install the PTA. If a new version of the PTA is available, your version will automatically be upgraded. However if the PTA on your machine has been corrupted (you cannot use it to perform a digital notarization), you may need to de-install the PTA then install it again.

How do I de-install the PTA?
To de-install the PTA, do the following:

  1. Start Internet Explorer.
  2. Under the Tools menu, click on Internet Options.
  3. Choose the General Tab and click on Temporary Internet Files: Settings.
  4. Click on the "View Objects" button.
  5. Right click on the VSPTA Class and choose the Remove option. If there is a VSNZ Class, remove that as well. 

Can I use my Authentic Document ID if the PTA has been de-installed?
No, you cannot use the Authentic Document ID, without the PTA being installed on your machine. Although removing the PTA does not result in removing the Authentic Document ID, you need the PTA to be able to access the ID.

How do I re-install the PTA?
To re-install the PTA you must navigate to the Enrollment page where you applied for a Authentic Document ID. The PTA is automatically installed on your machine during enrollment

How do I digitally notarize a document?
The creation of a digital notarization request requires that the requesting user be an authenticated user of Symantec's Authentic Document Services. Therefore, the first step in digitally notarizing a document is to enroll for an Authentic Document ID.

To digitally notarize a document:

  1. Make sure you have an active Web connection.
  2. Right click the document you want to digitally notarize.
  3. Highlight and left click Digitally Notarize in the context menu.
    The Symantec Personal Trust Agent window will appear
  4. Enter your username and password, and click Next.
    Usernames and passwords are case specific.
  5. Choose the Authentic Document ID with which you want to digitally notarize your document, then click Select.
  6. Click Done when the message "Authentic Document Service operation was completed successfully" appears in the progress window. 

Where are my digital receipts saved?.
Digital receipts are saved to the same directory as the document that was digitally notarized. 

  • Digital receipts have the same filename as the original document with a ".rcpt" extension. If the filename of the original document is report.doc, then the filename of the receipt file is 

How do I verify my document?.
When you verify your document, you are actually verifying that your document has not been altered and that your receipt is still valid.

  1. Locate the digital receipt for the document you want to verify.
    Note: Your document must be in the same directory it was in when the digital receipt was created.
  2. Open (double click) the digital receipt you want to verify.
  3. If the fingerprints match, the digital receipt is still valid for your document.
    You (or readers of the documents you publish online) can also simply click on the Authentic Document Seal. 

System RequirementsSystem requirements for the Symantec Personal Trust Agent

  • Windows 95, 98, ME, NT, 2000, XP or Vista
    NOTE: Windows 2000 users must be logged in as an administrator/power user.
  • Internet Explorer 5.0 and higher  

Error MessagesThe Authentic Document Service server is not available.
Either the Authentic Document Service server is temporarily down, or you have run out of Authentic Document Service credits. (Each Authentic Document ID comes with "credits" that entitle you to digitally notarize 250, 500, or 1,000 documents.)

Verify that you have Authentic Document Service credits available and attempt to digitally notarize your document again at a later time. If you are out of Authentic Document Service credits, send an e-mail to Symantec Customer Service.

The file "*.rcpt" already exists.
A valid digital receipt already exists for the selected document. If the document has been changed since the last Authentic Document Service receipt was created: 

  • Rename your document, rename the digital receipt, or delete the digital receipt.
  • Attempt to digitally notarize your document again.
    Note: Digital receipts have the same filename as the document they digitally notarize with a ".rcpt" extension.

Error sending the request to the Authentic Document Service server
The Personal Trust Agent was unable to connect to the network for one of two reasons: 

  • You don't have an active Web connection.
  1. Confirm that you have an active Web connection.
  2. Attempt to digitally notarize your document again.
  • Work Offline has been selected in Explorer's File menu.
  1. Launch Microsoft Internet Explorer.
  2. Select File > Work Offline, then attempt to digitally notarize your document again.

Re-opening my document causes my receipt to become invalid.
Some applications change the content structure of a file even if the user just opens and closes the file. Since the Personal Trust Agent's ActiveX conrol creates a fingerprint of the current document to compare with the fingerprint stored in the digital receipt, even a change as small as a single character or extra space will invalidate the digital recipt. This behavior is most common with Microsoft Word, Excel, and PowerPoint. If the document is not going to be edited, we recommend opening your document in read-only mode.