PDF Personalization

From Drumlin Security Wiki
Jump to navigation Jump to search

Personalization and Stamping


In the technical specifications for PDFs, stamping is a form of annotation that displays text or graphics intended to look as if they were stamped on the page with a rubber stamp. When opened, it should display a pop-up window containing the text of the associated note (if any).

However, the term "stamping" is often used to indicate that a PDF has been modified to include a personalized watermark, a notice that this file is a DRAFT, special numbering for reference and tracking purposes, and date/time information to show download or file submission timings. A number of web-based services that support so-called 'digital downloads', provide the option for automatic stamping of the downloaded PDF following purchase of the file. Examples include SendOwl and DPD, and typically the stamping involves adding the buyers details, purchaseID, date/time and other text information onto the source PDF and then optionally applying standard PDF encryption to the resulting downloaded file. This approach provides limited security of course, although some describe it as a form of "Social DRM", i.e. a form of discouraging (rather than prevention) of abuse of copyright. To this extent stamping is most applicable to documents of low intrinsic value.


Within a Digital Rights Management (DRM) environment stamping that identifies the licensed user becomes a powerful form of deterrent against abuse by screen capture or sharing of personal access control details. In offline apps the personalization details often identify the individual by name or account name, device, download date/time, and optional other details. The information is part of the underlying page or pages of the PDF as opposed to an overlaid floating dynamic watermark. In online environments the personalization details are more akin to dynamic watermarking and are overlaid on the viewed page. Typically they will include user details based on their access control information (e.g. username, email address, company name etc) and details such as the current date/time, IPAddress used for access, and document details.

The Drumlin DRM service includes personalization as a facility that enables publishers (e.g. training companies) to create multiple secure (strongly encrypted) copies of a single input PDF file, each uniquely dynamically watermarked and each uniquely named. The personalization procedure is quick, flexible and can generate a large number of strongly encrypted personalized files from a single input PDF coupled with a text file that contains a comma separated list (csv file) of the details to be used when generating the output files. For more details see the DrumlinPublisher manual, Personalization section.