Only a hashed value of the file is uploaded to Filesign.net. This is enough for what we do. We do not know the contents of your file
nor do we know what kind of file it is. We do not even know the filename nor do we know who you are.
This is not a data backup service.
The first time you hand in a file for trusted timestamping and signing process a hash of it is uploaded to our servers. (More information about hashes
here.) The hash is then timestamped and cryptographically signed.
If the same file is handed over again the same hash gets uploaded. This time however it is compared to the old one and a message about
its prior existance is returned with the date when it was first seen.
There is also an optional handshake code you can put in your works and use during the signing process. Read more about it here.
1. Drag and drop a file into Filesign.net's signing page and let it process the file. Click the continue button when it appears.
2. You will see a page with the file's carbon dating (timestamp) information. You can save the information provided about your file by copying and pasting but it is not necessary as you can access the information by signing the file again. A shorter version of the same signing information is also posted on our Twitter signing feed.
3. Make sure you keep a master copy of the same file and do not change its contents. Even the smallest change will make it a different file in the eyes of Filesign.net. Please keep a read-only master copy of your file. Burn it on a DVD or use ZIP for compressing it non-destructively. ZIP creates a protective wrapper around the file. Then store it locally and in the cloud or in some other trustworthy place. You should treat the master file like you would treat patent certificates or other important documents.
4. If you need to demonstrate someone the timestamp of your creation you simply let Filesign.net process the same file again. The resulting page will show you when the file was first seen. You can also use GPG locally on your computer for verifying the cryptographic signature. You can also use our Twitter feed for demonstrating when your file was signed.
Filesign.net posts information about signed files in publicly visible places such as Twitter. When services like Twitter also put their timestamp on the signing information it adds to the authority of our signing process. Please check our Twitter signing feed. We currently use Twitter for this as it is very easy for anyone to check.
Filesign.net has not dated any files created prior to June 2016. This is because the service did not exist before this date.
Filesign.net uses UTC as the timezone for timestamping.
Filesign.net signing does not necessarily establish proof of ownership. You might achieve that with using your own web presence or other mechanisms together with this site. Filesign.net is an independent trusted timestamping service.
Filesign.net does not offer any arbitration service or resolution of disputes. It is solely up to you how you use the carbon dating (timestamp) information.
Filesign.net works at least on Android, iOS and Windows Mobile. Just tap the field on the sign page and choose a photo from your camera roll or other files.
Hashing is done using SHA-512. The hash and the timestamp are signed using our private key (PGP/GPG). A redundant salted hash called the FS token is also created and posted to Twitter.
You can check our code which runs in your browser. It does not upload any files to any server. You can also monitor your outbound traffic using networking tools (such as the Activity Monitor on OS X) and you will notice that only a very small amount of traffic (the hash) is sent to us.
Here is our public signing key. You can use it for verification of timestamp signatures.
Please refer to this page on how to verify a signature.