Power PDF offers powerful security protection for your documents. There is a Security ribbon and three panels related to security: Signatures, Sign/Certify and Envelope. The security offering has the following main elements:
Passwords
Apply Open passwords that a recipient must use to open and view the PDF or Permissions passwords that are needed to define or change permitted or prohibited actions. The protection is achieved by encryption, whose removal is achieved only by supplying a password. See Password overview.
Permissions
Actions that can be allowed or prohibited using a Permissions password are: Printing the document, High resolution printing, Editing real PDF content, Copying or Extracting content, Extracting Pages, Accessibility Access (usually allowed), Commenting, Form filling and Signing and Document Assembly.
Digital identities (IDs)
Passwords give control over document use; their disadvantage is that you must distribute one or more passwords to recipients, via e-mail, letter or phone, and these messages can be intercepted and misused. Digital IDs avoid this pitfall. A Digital ID is used when signing or certifying documents or when using Certificate Security. Power PDF can create self-signed certificates, they can also be obtained from Certificate Authorities. Security Certificates allow documents to be locked and unlocked using public keys and private keys. See Digital ID overview.
Signatures
Documents signed through a Certificate Authority make it possible to verify that no changes have been made since the document was signed and assure the signer's identity. If changes were made, a comparison to can show what changed. A document can be just signed using the top part of the Sign/Certify panel, or it can be signed and certified using the bottom part of the panel. This allows the sender to limit the changes that recipients may make to the document See Sign/Certify Panel and Signing and Certifying Documents.
A signature or other identifier can be placed in a document as a stamp (that is, a type of comment), but offers no protection against later changes: create it from a hand-drawn signature, an imported image file (typically with your scanned signature) or a text that is typed in. See Handwritten Signatures.
Certificates
Certificates are files that contain Digital IDs and accompanying data. These files can be used for
Signing documents so their authenticity can later be verified.
Certifying documents, so they have a verifiable signature plus a limitation on the actions a recipient may perform.
Protecting documents by Certificate Security; this ensures that PDF contents are protected by encryption.
For Certificate security Power PDF can create self-signed certificates, they can also be obtained from Certificate Authorities.
Your own created Certificate file contains both your own private key plus your own public key. It must be stored in the Security Settings dialog box called from Security > IDs and Certificates > Manage Digital Identities or in the Windows Certificate Store. It must not be shared.
Choosing Export Certificate allows you to generate a Public ID file. It does not contain your private key, only your public key plus associated data. This file can be distributed to partners. Such files received from partners must be stored in the Manage Trusted Identities dialog box called from Security > IDs and Certificates > Trusted Identities or in the Windows Certificate Store.
Time Stamp Services
These are registered with a Time Stamp Server, and offer verification that the date and time shown in a signature really indicate the time of the signing. See: Time Stamping a Digital Signature.
Envelopes
These serve as containers to group together a set of attached files, which may have their own security. Security can also be applied to the envelope, setting up conditions for recipients to access all enclosed documents. See Envelopes overview.
Secure Delivery
This is a four-step wizard to help you prepare documents for delivery. The four steps are: choosing an envelope, attaching files, applying encryption and a signature. See: Secure Delivery.
Support exists for the Microsoft Active Directory Rights Management Service (RMS). Access it through the right-most tool on the Security ribbon. This functions only if your computer has an installed client component for RMS.