Most signing tools optimise for the moment of signing. We optimise for the twenty years afterwards — the merger, the audit, the lawsuit, the archive in a hard drive marked "don't lose this."
The incumbent way is famous; the security model behind it isn't. Servers hold the document. Servers hold the keys. The "signature" is a typed-name image plus an audit-log promise. Fine for a kitchen-renovation quote — quietly inadequate for almost everything else.
We made a different bet: hide the cryptography behind a fingerprint tap, and let the security story do the work in the bits no human ever sees — the sealed PDF, the audit trail, the per-signature certificate. The signing flow should feel like nothing. The verification, decades later, should feel like everything.
We will tell you exactly which mode encrypts which bytes. If we can read your document, we'll say so on the same page where you upload it.
WebAuthn, PAdES, RFC 3161, X25519. Boring choices that will outlive any one company.
If a third party can't verify a sealed document offline, we haven't shipped the feature.
Per-seat. No envelope counts. No surprise upgrade prompts when you grow.
Founded in 2026 by a small group of cryptographers and product engineers who got tired of explaining to lawyers why a PDF needed a sealed PDF inside it. We're hiring across cryptography, frontend, and design. Email hello@authii.com.
We commit to disclosing material security incidents within 72 hours of confirmation, regardless of regulatory minimums. Our public timeline lives at /security. There are no incidents to disclose at the time this page was written.