We built Authii so the security story is short enough to fit on this page, and so the worst-case version — us being breached or compelled — still leaves your documents private.
Every signature is a WebAuthn assertion from a passkey on the signer's device — the same standard your bank uses for biometric login. The private key never leaves the signer's device. We never see it; you never type it. The signature is verifiable for the life of the elliptic curve.
Standard mode encrypts every document at rest with AES-256-GCM under a key we hold in HSM-backed storage. The default for most contracts.
End-to-end modegenerates a fresh key in your browser, wraps it under each recipient's passkey-derived public key (X25519), and uploads only ciphertext. Even with full access to our database, the document is unrecoverable without one of the recipients' passkeys.
When the last person signs, we bake every signature, every certificate, and every timestamp into the PDF as PAdES-LTV (Long-Term Validation). Adobe Acrobat or any compliant reader can verify it offline, in any year, without ever talking back to Authii. If we vanished tomorrow, your sealed contracts would still hold.
Every signature carries an assurance level on its certificate: who proved what, when, and how. Email + passkey covers the everyday case. Government ID + selfie liveness raises a document to AES (Advanced Electronic Signature) under eIDAS. In-person notarial verificationtakes it to QES — equivalent to a wet signature in front of a notary public.
Postgres on a hardened VM. TLS terminating at Caddy. Strict CSP, HSTS, Permissions-Policy locking biometric APIs to the WebAuthn flow. Sessions stored server-side with 30-day rolling expiry. Email subjects sanitised against control-byte injection. Atomic challenge consumption against replay. We publish our incident response timeline on the about page.
Document encryption at rest. NIST-recommended, FIPS-validated.
Per-recipient key wrapping in E2EE mode. Curve25519, modern, audited.
Signature primitive. P-256 ECDSA over the document hash.
Key derivation everywhere we need to mix domain separation in.
The sealed-PDF profile. Long-term verifiable, offline.
Trusted timestamp on every seal. Future-proofs court admissibility.
Email security@authii.com with a description and (where possible) a proof of concept. Coordinated disclosure: 90 days standard, accelerated for actively-exploited issues. We don't pursue good-faith researchers under the CFAA or its UK equivalents.