How to Verify Singpass PDF Digital Signatures Online

A complete, step-by-step guide to verifying digital signatures on documents signed via Singapore's National Digital Identity (NDI) "Sign with Singpass" feature.

By Minhaj, Founder of PDF SignCheck·
🇸🇬
Verify Your Singpass PDF Signature Instantly

Upload your digitally signed PDF to pdfsigncheck.com. We will compute cryptographic hashes, validate PKCS#7 structures, and check the validity in seconds — 100% in-memory with zero file retention.

1. What is "Sign with Singpass"?

Sign with Singpassis a secure digital signing service introduced by the Government Technology Agency of Singapore (GovTech). It is part of Singapore's National Digital Identity (NDI) initiative, allowing Singpass app users to sign electronic contracts, agreements, and official applications digitally.

When a user signs a document using their Singpass app, they authenticate using biometrics (Face verification or Fingerprint) or their passcode. The app then triggers the generation of a secure digital signature bound to the resident's unique verified identity.

2. Netrust & Accredited Certifying Authorities in Singapore

Under Singapore's cryptographic architecture, the digital certificates used during a Singpass signing transaction are issued by Netrust CA. Netrust is Singapore's first licensed Qualified Certifying Authority under the Electronic Transactions Act.

Netrust cryptographically verifies the identity data provided by GovTech and binds it to a public-private key pair. When the user signs the PDF, the private key (stored securely in a hardware security module managed by Netrust) signs the document hash, creating a PKCS#7/CMS signature block embedded directly into the PDF.

3. How to Verify Singpass Signatures on pdfsigncheck.com

To check the authenticity of a Singpass-signed document and verify that the content has not been tampered with since signing, follow these steps:

  1. Upload original PDF: Drag your signed document into the verifier on pdfsigncheck.com. Do not scan or photocopy the printed document, as this removes the digital cryptographic block.
  2. In-Memory Processing: Our system reads the PDF structure, locates the byte ranges, and extracts the PKCS#7 signature dictionary.
  3. Signature Verification: We decrypt the signed digest using the public key in the Netrust certificate, check the validity of the certificate chain, and confirm the document has not been altered.
  4. Read Signing Metadata:The results box displays the signing date, the signer's name, and the Netrust issuer details.

Download PDF Signature Validator on Mobile

Verify digital signatures, check cryptographic validity, and view PDF documents securely directly on your Android device.

Get it on Google Play

4. Security Features of Singpass Signed Documents

Singpass digital signatures utilize a robust cryptographic setup to ensure extreme document security:

  • Tamper Detection: If a single word, number, or field is modified after the signature is applied, the cryptographic hash verification fails, indicating the document is invalid.
  • Non-Repudiation: Because the signing keys are bound to a verified GovTech identity and secured within Netrust HSMs, the signer cannot deny signing the document.
  • GDPR & PDPA Compliance: The signing transaction contains only necessary identity descriptors. PDF SignCheck verifies these files temporarily in memory and never stores them.

5. Legal Validity Under Singapore's Electronic Transactions Act (ETA)

In Singapore, digital signatures created under the National Digital Identity (NDI) framework are governed by the **Electronic Transactions Act (Cap. 88)**.

The ETA recognizes **Secure Electronic Signatures**, which carry a legal presumption of authenticity and integrity. Under Section 18 of the ETA, when a secure electronic signature is verified:

  • The signature is presumed to be that of the person to whom it is correlated.
  • The secure electronic record is presumed not to have been altered since the specific point in time the signature was created.

This makes Singpass signatures fully admissible in Singapore courts and accepted by major statutory boards such as ACRA, IRAS, and the CPF Board.

6. Troubleshooting & Frequently Asked Questions

Why does my Singpass PDF say "No Signature Found"?This happens if the PDF document has been printed to PDF or saved via a basic browser PDF viewer. These processes flatten the document, converting the digital signature block into a flat image or removing it entirely. Always verify the original downloaded document file.
Can I verify documents signed by corporate certificates on pdfsigncheck.com?Yes, PDF SignCheck extracts and verifies the integrity of PKCS#7/CMS signatures, displaying the signing certificate information, issuer, and timestamps. It validates the cryptographic hash on the file.
Online PDF Verifier

Ready to verify your PDF digital signature?

Validate certificates against NIC, eMudhra, and global trusted roots in under 2 seconds. Fully secure and private browser-side verification.

Verify Your PDF Now

Zero-Knowledge Privacy

Files are processed strictly in secure memory modules inside your local browser. No server storage.

Cryptographic Standards

Fully compliant with IETF RFC 5652 (CMS), Adobe PDF specs, eIDAS, and Controller of Certifying Authorities (CCA).

Verify Anonymously

No personal registration or document tracking is required. Verify up to 2 files daily as guest.

Detailed Audit Trails

Generates downloadable, verified PDFs with structural signature stamps and trust summaries.

Edge Sandbox Security

Verification executes inside sandboxed browser modules to ensure isolated document handling.

Zero Data Logging

Absolutely no logging of files, names, email contents, or signature details. Pure privacy.