Blog Post

New AuthSig Framework Targets Reuse of Scanned Signatures in Paperless Workflows

Protect paperless workflows with AuthSig. Discover how the new AuthSig framework stops scanned signature reuse and secures digital approvals end‑to‑end.

QS
QuickSign Team
Editorial Staff
December 1, 2025
8 min read
New AuthSig Framework Targets Reuse of Scanned Signatures in Paperless Workflows

New AuthSig Framework Targets Reuse of Scanned Signatures in Paperless Workflows

As businesses accelerate their shift to paperless workflows, a new research framework called AuthSig is taking aim at one of the most persistent vulnerabilities in everyday e-signing: the easy reuse and copying of scanned handwritten signatures.

Unveiled in a recent preprint titled “AuthSig: Safeguarding Scanned Signatures Against Unauthorized Reuse in Paperless Workflows,” the framework uses generative AI and invisible watermarking to bind authentication data directly into static signature images. The goal is ambitious but straightforward: enforce a practical “one signature, one use” policy for scanned signatures that today can be copied and pasted across contracts with almost no friction. (arxiv.org)

Why scanned signatures are still a problem in 2025

Professional signing contract on tablet in modern office, with floating handwritten signature and security icons symbolizing

Despite the rise of PKI-backed digital signatures and advanced eIDAS-compliant systems, simple scanned signatures remain common in day-to-day business. Employees often sign on paper, scan the page, and email a PDF—or paste a scanned PNG of their signature into a document editor. These images are convenient but fragile from a security perspective.

The AuthSig authors note that these static images have “almost lost their authentication attributes,” because there is no robust way to confirm the origin or intended context of use once the image exists in digital form. (arxiv.org) A signature block cut from one contract can be dropped into another with no cryptographic trace or technical barrier, especially in low-governance workflows used by small businesses, freelancers, and internal teams.

At the same time, many organizations still run hybrid workflows where only some steps are handled in professional e-signature platforms. Elsewhere, they fall back to email, scanned PDFs and ad hoc signatures—precisely the environments where AuthSig could have the most impact.

Close-up of a scanned handwritten signature on a digital document with faint geometric watermark patterns and holographic “on

Inside AuthSig: generative watermarking for handwritten signatures

AuthSig proposes a static electronic signature framework that couples generative models with invisible watermarking tailored to the human visual system. Instead of simply overlaying or embedding visible marks, AuthSig manipulates subtle style characteristics of a handwritten signature as it is generated or processed.

According to the paper, the system:

  • Uses a generative model to render or adapt the handwritten signature image.
  • Finely modulates style embeddings—small variations in stroke appearance and texture—so that they encode watermark bits that carry authentication data.
  • Ensures those variations are imperceptible to human signers yet machine-detectable by a watermark extractor trained alongside the generator.
  • Binds the signature instance to specific metadata, supporting an operational “One Signature, One Use” policy.

The authors leverage the fact that humans are relatively insensitive to minute style perturbations in handwriting, especially when viewing a typical scanned PDF. This allows AuthSig to carry a hidden binary signature inside the visual aesthetics of the ink itself, without distracting signers or document reviewers. (arxiv.org)

Solving the training data problem: keypoint-driven augmentation

One challenge in building such a system is data scarcity: there are relatively few large, diverse, high-quality datasets of handwritten signatures suitable for training generative models with watermark objectives.

AuthSig addresses this by introducing a keypoint-driven data augmentation strategy. The framework detects key structural points in existing signatures—such as stroke junctions, curves, and endpoints—and applies geometric and style transformations around those keypoints. This approach generates synthetic signatures that preserve personal style while increasing diversity, improving the robustness of watermark embedding and extraction. (arxiv.org)

Robustness claims: surviving print, scan, and distortions

Watermarking schemes often fail when images are cropped, rescaled, compressed, printed, or scanned. The AuthSig team reports that their method reaches over 98% watermark extraction accuracy under both typical digital distortions (compression, scaling, noise) and signature-specific degradations, and remains effective even in print–scan scenarios—a critical requirement for hybrid paper-digital workflows. (arxiv.org)

This robustness echoes trend

Split-screen of insecure copied scanned signatures vs secure AI-protected, watermarked AuthSig-style digital signature in a p

s in broader generative watermarking research, such as latent diffusion-based watermarking for AI-generated images, where small imperceptible changes are engineered to survive aggressive transformations. (arxiv.org)

Why this matters for e-signature workflows

For business professionals, the most important aspect of AuthSig isn’t the math—it’s the workflow implication. Many organizations operate in an “in-between” space:

  • Some contracts are signed in compliant e-signature platforms with strong identity checks and audit trails.
  • Others still rely on scanned signatures, especially in cross-border deals, customer support exceptions, and legacy internal processes.
  • Once a scanned image exists, there’s little to stop it from being reused on new documents—sometimes with fraudulent intent, sometimes out of convenience.

AuthSig doesn’t convert scanned signatures into full-blown PKI digital signatures, but it offers a pragmatic upgrade: tying each signature instance to a hidden code that can be checked before a document is accepted. In theory, a document management or e-signature system could:

  1. Require that uploaded signature images be AuthSig-compliant.
  2. Check the embedded watermark when a document is signed or countersigned.
  3. Flag signatures that have already been used in another transaction, or that don’t match the expected signer or workflow step.

That could be especially valuable for SMBs and solo professionals that still accept scanned signatures but want a stronger technical defense against straightforward copy-paste abuse.

Where AuthSig fits in a modern e-signature landscape

Most established platforms—like DocuSign, Adobe Acrobat Sign, Dropbox Sign (formerly HelloSign) and others—are built around cryptographic digital signatures, strong authentication, and well-defined audit trails. These systems already address many fraud scenarios, but they don’t necessarily cover the entire universe of paper and scanned-signature workflows.

For smaller businesses, price and complexity are often the blockers. Per-seat pricing and enterprise-focused configurations can push teams back to the “good enough” route: scan a paper signature and email the PDF. That gap is where modern tools like QuickSign.it are trying to change behavior by making secure, structured e-signing more accessible.

Unlike traditional incumbents, QuickSign emphasizes:

  • AI document generation to draft contracts and agreements directly in the platform.
  • A streamlined flow—Upload PDF → drag & drop fields → send—that mirrors how users already think about scanned forms, but with real auditability.
  • AI-powered document variables for smart auto-fill across templates.
  • A generous free tier (2 AI document generations and 1 document send to unlimited recipients) and flat-rate pricing from $15/month, avoiding the per-seat model common at larger vendors.

As experimental frameworks like AuthSig mature, platforms operating in this space could explore integrating invisible watermark checks as an additional layer of assurance—particularly when users insist on bringing their own scanned signature assets into an otherwise digital workflow.

Potential business use cases and limitations

In practical terms, AuthSig-style watermarking could appear in several scenarios:

  • Onboarding and HR: A company could issue each new hire an AuthSig-protected signature image for use in specific internal forms, with automatic checks to prevent reuse outside approved document types.
  • Vendor contracts: Small suppliers accustomed to sending scanned signatures might be guided to upload AuthSig-compliant images, allowing buyers to validate that each contract bears a fresh, context-bound signature.
  • Regulated industries: Where fully qualified digital signatures are not mandated for every interaction, AuthSig could act as an intermediate assurance mechanism without requiring hardware tokens or national ID integrations.

There are, however, realistic limitations:

  • Deployment complexity: AuthSig is currently a research framework, not a commercial product. Implementing it would require integration work in document management and e-signature platforms.
  • Adoption friction: For watermark checks to matter, counterparties (law firms, regulators, auditors) need to trust and understand the mechanism—or at least accept it as an internal control measure.
  • Threat model boundaries: Watermarking mitigates “simple copy-paste” abuse but does not replace strong identity verification, secure channels, or legal enforceability standards.

AuthSig is best viewed not as a substitute for digital signatures, but as a way to raise the security floor for the vast number of workflows that still rely on scanned handwriting.

How platforms like QuickSign could respond

For digital workflow and e-signature providers, AuthSig is a signal that the research community is taking the “messy middle” of signature practices seriously. While much attention has focused on fully cryptographic systems, a huge amount of real-world risk still sits in PDF attachments, copied signature images, and loosely controlled archives.

Modern, SMB-focused services such as QuickSign.it are well positioned to operationalize this type of research because they already serve users who might otherwise fall back to scanned signatures. By combining:

  • AI-generated contracts and reusable templates,
  • simple drag-and-drop e-signature fields,
  • real-time tracking of who has opened and signed each document, and
  • affordable, predictable pricing without enterprise lock-in,

they can give small teams a compelling reason to retire legacy scan-and-email habits altogether. If AuthSig or similar frameworks become practical to deploy, they could be layered in as a behind-the-scenes check for any uploaded signature image, quietly reducing the risk of unauthorized reuse.

What businesses should do now

AuthSig is still a research proposal, not a turnkey solution, but it highlights concrete steps organizations can take today:

  • Map where scanned signatures are used in your current processes—especially outside formal e-signature tools.
  • Standardize on digital workflows for as many agreements as possible, using platforms that provide clear audit logs and strong authentication.
  • Set policies around reuse of signature images, explicitly prohibiting copy-paste signatures across documents.
  • Monitor emerging standards in watermarking and AI-assisted authentication that could be incorporated into your tools over time.

For many small organizations, the most impactful change is simply moving away from emailed scanned signatures toward structured e-signing. Tools like QuickSign make that shift more feasible by giving you AI-assisted document creation, effortless sending, and real-time status tracking at a flat monthly cost that doesn’t grow with every new seat.

Looking for an affordable e-signature solution? Try QuickSign for free - no credit card required.