Signing a PDF online is straightforward on most tools. What differs between them is where your document goes while the signature is being added. Most online PDF signing tools — including iLovePDF and Smallpdf — upload your document to their server, add the signature there, and send it back. Your signed document, which may contain a contract, personal information, or legal terms, passes through infrastructure you do not control.
The alternative is a tool that adds the signature in your browser, on your own device, without uploading the file. The signed document is assembled locally and downloaded directly. The original document never leaves your machine.
How browser-based signing works
Modern browsers can read and modify PDF files without sending them to a server. The PDF is loaded into JavaScript, the signature — whether a drawn image, typed text, or uploaded image — is embedded into the document as an image element, and the modified PDF is downloaded back to your device. The entire process happens locally.
This approach has a limitation: it does not produce a cryptographically verifiable digital signature. A digital signature in the security sense — the kind that uses a certificate and can prove in court that you signed at a specific time — requires a key management infrastructure that does not exist in a local browser context. What browser-based signing produces is a visual signature: your handwriting or name, embedded as an image on the page, indistinguishable from a scanned wet signature.
For the vast majority of signing use cases — approving a proposal, countersigning an offer letter, dating and signing a straightforward agreement — a visual signature is exactly what is needed. Legal enforceability of a visual signature in a PDF is governed by the same rules as a scanned handwritten signature, which is accepted in most jurisdictions for most document types.
When you need a digital certificate signature
A digital signature with a certificate — the kind that appears in Adobe Acrobat as a blue or green banner saying 'Signed and all signatures are valid' — requires a signing certificate from a certificate authority, or from your organisation's own PKI system. This type of signature is required for regulated industries (healthcare, finance, government) and for documents where the signing party must be provably identified.
For this use case, DocuSign, Adobe Sign, and similar products provide the full certificate-based signing infrastructure. These are paid services because the identity verification and certificate management they provide have real costs. If your use case requires provable identity and timestamp verification, these tools are the correct choice.
For everything else — the majority of everyday document signing — a visual signature embedded in the PDF is sufficient, free, and does not require uploading your document to any external service.
How to sign with Filum
Filum's PDF signing tool runs entirely in your browser. Upload the PDF (or drag it in), create your signature by drawing, typing, or uploading an image of your handwriting, then drag it to the correct location on the page. Scale and position it as needed. When you click Apply, the signature is embedded into the PDF using pdf-lib, a JavaScript library that runs locally. The signed PDF is downloaded to your device. The original document was never sent to any server.
The tool handles multi-page PDFs, signature placement on any page, and works on both desktop and mobile. There is no account required and no watermark added. The only technical limitation is that it produces a visual signature, not a certificate-based digital signature — which is the appropriate choice for most non-regulated signing scenarios.
What to check before signing
Before adding your signature to any PDF, verify that the document is the final version. PDFs can look identical after modification if the changes are in metadata or embedded content rather than visible text. If you are signing a document received from another party, confirm with them that the version you received is the final, authorised one before applying your signature.
Save a copy of the unsigned document before signing, particularly if you may need to dispute the terms later. The signed version proves you agreed; the unsigned version is evidence of what you agreed to. Both are worth keeping, especially for contracts or formal agreements.