Signify
FAQs
Overview
Features & Roadmap
How It Works
Getting Started
Signer's guide
Pricing
FAQs
Contact us

FAQs

Currently no as it is required for Sign with Singpass to get secure electronic signatures.

Unfortunately no as there are no Corppass certificates available yet. The individual can still represent the organisation to sign. You could consider adding a line on the document itself which says Company Representative under the signature.

The data is hosted in Singapore.

Yes. The signature is signed using Sign with Singpass. The signing certificates are issued by Assurity, an Accredited Certificate Authority under the Electronic Transactions Act (2010), and signatures made using Sign with Singpass are recognised as Secure Electronic Signatures. Please ensure that the agency you are sending to does not modify the file in transit (content disarm and reconstruction). 

 

Refer to the latest guide on verifiyin Sign with Singpass signatures here. 

 

Sign with Singpass signatures can be verified using the Adobe Acrobat Reader application. This should already be installed on your government devices. However, if you are verifying on a non-government device, please:

  1. download Adobe Acrobat Reader
  2. load Singpass root signing certificates

 

Note: For government agencies, this should already be automatically available on your GSIB. If it is not, please raise a ticket to AFM to push “GSSP_Acrobat Reader Digital Signature Fix_2.0” to the agency's GSIBs. For the rest of the agencies, please approach your IT department to push the certificates so that it applies across your agency. 

 

Steps

  1. Open up signed document on Adobe Acrobat Reader
  2. Check if green tick with "Signed and all signatures are valid" (note: If you see "Certificate validity is unknown", this is because you do not have the Singpass root signing certificate on your device.) 
  3. Go to signature panel, each signature should show: 
    • Document has not been modified
    • Signer's identity is valid
    • The signature includes an embedded timestamp
    • Signature is long term validation (LTV) enabled 
    • Document owner should "click to view this version" to visually inspect that the contents of the document version is signed correctly.
  4. Right-click on each signature and select "Show Signature Properties". A pop-up modal should appear, and it will tell you:
    • The name of the signer (e.g. "MICHAEL ONG")
    • The time the document was signed
    • If you select "Show Signer's Certificate" at the bottom, you will see another modal with details about the certificate. Ensure that the the following details are correct: 
      • Singapore National Root CA - B1

         

      • Singapore NDI Intermediate CA 1 - B2

         

      • Signer's full name (as per NRIC)

      • If you click on the full name and then the "details" tab. You should see under "Subject":
        • cn = signer's name; and 
        • serialNumber = last 4 characters of NRIC 

If you see "Certificate validity is unknown", this is because you do not have the Singpass root signing certificate on your device. Please refer to this guide to install the Singpass root signing certificate. 

 

Loading timestamp root certificate
**This only applies to documents signed on 11 and 12 June 2025**

The timestamp certificate proves that your document was signed at the stated time. In order to verify that the timestamp certificate in your downloaded document is valid, you might need to load in the timestamp root certificate.

 

To load it in, please follow the steps below:

  1. Download the GlobalSign root certificate from here. If you're unable to access that link, please visit GlobalSign's CA repository and download the R6 GlobalSign Root Certificate.
  2. In your folder that you have chosen, you should find the file root-r6.crt
  3. Open Adobe PDF reader. If you do not have this, you may download and install here
  4. Click "Acrobat Reader" on the top left.
  5. Navigate to "Preferences"
  6. Under Categories, find and click "Signatures".
  7. Click "more" under Identities and Trusted Certificates.
  8. Click on "Trusted Certificates" 
  9. Click Import 
  10. Under contacts, click "Browse" and choose the certificate you have downloaded in the earlier step.
  11. Under certificates, click on GlobalSign and then click Trust
  12. Check "Use this certificate as a trusted root" with a tick and press OK
  13. Click on Import
  14. You should now be able to see that the signature includes an embedded timestamp

After a document has been signed, if there are any edits made, there will be a warning that the signed document has been edited after it was signed, when you open the file in Adobe PDF reader. 

 

You will also be able to see the exact copy of the document that was signed, before the changes were made.

Signatures do not expire. Documents are signed by Signify using the PDF Advanced Electronic Signatures Long-Term Validation (PAdES-LTV) standard.

Yes. The document can be traced back to the signer.

Signing in through Singpass on FormSG only provides Ordinary Electronic Signatures (OES) and not Secure Electronic Signatures (SES). 

Ordinary Electronic Signatures (OES) is a broad category that refers to electronic signatures that are not SES.

 

The key difference between a secure electronic signature and an ordinary electronic signature is that while both are accorded legal effect under the ETA, only secure electronic signatures are accorded the following presumptions:

  • It is the signature of the person to whom it correlates;
  • It is affixed by that person with the intention of signing or approving the electronic record; and
  • It is authentic and has integrity.

Login with Singpass in Signify provides proof of identity, since the login is verified against his Singpass account.

 

These presumptions are important in disputes over the validity of electronic signatures, as they will automatically apply for secure electronic signatures. The disputing party will then have to adduce evidence to the contrary if it is claiming that the electronic signature is not valid.

A digital signature consists of a transformation of an electronic record using an asymmetric cryptosystem and a hash function such that a person having the initial untransformed electronic record and the signer’s public key can accurately determine whether the:

  1. transformation was created using the private key that corresponds to the signer’s public key and
  2. if the initial electronic record has been altered since the transformation was made.

 

The digital signature is not the picture that we see affixed on the document. The signature is the electronic record behind the image. Hence, a printed copy of the document is not valid as the digital signature cannot be authenticated.

 

This is true for all platforms and all digital signatures governed under the Electronic Transactions Act.

Yes, PDFs uploaded onto Signify cannot be password protected, as this will change the file and make the signature invalid.

Documents shared via email can have up to 30 recipients. Each recipient can be assigned up to 20 signature placeholders. 

 

Documents shared via a link can have up to 20 signatures on it.

 

There is no limit on how many documents you can send out for signing. However, 1 signature using Signify can apply to the entire document. Hence it may be worthwhile changing processes (e.g. it may not be necessary to have 1 signature on each page).

No. There cannot be duplicated email addresses.

No, a signatory must have a Singpass account to sign on Signify. 

For Email Mode

By default, Signify’s workflow requires all designated recipients to sign before a document is finalized. However, if you have enough signatures and want to stop the process early, you can use this workaround:

  • Download the in-progress document from your dashboard to save the current signatures.
  • Delete the document from your dashboard to prevent any remaining recipients from signing.

 

For Link Mode

Signature placeholders do not have predetermined signers. The document automatically marks itself as complete once all available signature placeholders are filled.

If you wish to stop additional people from signing before that happens, delete the document from your dashboard to deactivate the link.

Yes, documents can be download for up to 30 days, after all the signatories have completed signing. Once the dates have passed, the document will be expired and it can no longer be downloaded from Signify. However, download documents' certificates are still verifiable.

Yes.

No it must be in PDF, hence you need to convert it to PDF. 

This is currently not possible.

  1. Signee's full name
  2. SIgnee's last 4 characters of NRIC, and
  3. Timestamp of the signature

No. The Sign with Singpass signature follows a standard specification.

No. It is currently not possible. 

No. It is not possible as this modifies the document and its validity.

Completed signatures will be sent by Signify from donotreply@mail.postman.gov.sg. 

 

This is the only document you should trust. If the signer sends you another document directly, you need to check and verify the authenticity. See FAQ on "How to verify signatures?". 

 

If the user frequently sends you the signed document, you may consider having clearer instructions to the signer via your personalised messages or uploaded document that you will only accept Singpass signatures. 

Yes, but you must download it. Please download the document from the Signify portal after the document has been signed. Signify stores documents for a maximum of 30 days from the time of document issue. After this period, the document is removed. 

 

Track your document completion based on how it was shared:

  • If you received the signing request via Signify's official email, a notification email will be sent to all parties once all the document's signatures are placed. 
  • If you received the signing request via a link (e.g. on a website), the Signify does not have your email and is unable to send you email notifications. 

In the signature, your full name will be recorded. In the embedded signing certificate, the last four characters of NRIC will also be embedded in the document.

Yes, if the signer is legally authorised to sign on behalf of another person. The signer would use his own Singpass account to sign, similar to what he would do for wet ink signature.

No. Singpass is required. This is because the Electronic Transactions Act recognises signatures made using certificates issued by Accredited Certificate Authorities (CA) as Secure Electronic Signatures. Sign with Singpass uses signing certificates issued by an accredited CA, Assurity.

If the document is not deleted by the admin through the platform or APIs, they will be available for 30 days after all signatories have signed the document.

While the invitation to sign can be sent to more than 1 person, only one person can sign at a given time. There will be an error message that pops up to try again later if a signing session is ongoing.

The email address mentioned will be the email address that generated the API key.

You may use the "Get Single Document" API which will include expiry dates, document status, signees signing statuses.

It is likely the intranet has a firewall which does "Content disarm and reconstruction (CDR)". When the file goes through the firewall, the firewall processes and rewrites the content in what it considers to be a "safer format". However, that unfortunately modifies the Singpass signature and renders it invalid. You may need to ask your IT department to help with this, and either disable the CDR functionality for such pdf files, or else update their CDR code so that it does not modify Singpass signatures in PDF files.

You can create the document using our UI and inspect the network call.

If you experience errors uploading the PDF, the PDF might have been generated using an older version of PDF that cannot be signed. 

 

To fix this, you will need to regenerate the PDF file. One way to do so is to open the PDF file in Chrome, click on Print, and then Save as PDF. This will fix any issues.

 

Example: Open and Print a PDF using Edge/Chrome

  1. Step 1: Open the file in Chrome and click on Print 
  2. Step 2: Choose Save as PDF to regenerate the PDF file

 

Alternatively, you can also re-save the original .doc file using a newer version of Microsoft Word.

A possible reason is that the document was actually scanned / created in landscape first, and then rotated 90 degrees in Adobe Acrobat. There is a limitation currently in the Signify application that cannot handle this setup.

 

To fix this, please re-scan the document in portrait A4.

Signify can handle up to Restricted and Sensitive Normal data. 

Last updated 30 Jun 2026

Was this article useful?

Signify

Team's direct contact (not button below): https://go.gov.sg/signify-support