Docusign Trust Center

Trust Center

Your source for our latest security &
system performance information

Meeting the most rigorous security standards in the world

DocuSign meets and exceeds some of the most stringent US, EU, and global security standards. DocuSign's commitment to and significant ongoing investment toward protecting customer data extends to all of DocuSign's operating environments, not just the core DocuSign Signature service itself —and third-party audit reports back it up. DocuSign is ISO 27001:2013 and SSAE 16, SOC 1 Type 2, SOC 2 Type 2 certified and tested internationally – across the entire company and its data centers.

Learn More

March 16, 2018

DocuSign TLSv1.0 support to end June 30, 2018

Following industry best practices, DocuSign will end TLSv1.0 support effective June 30, 2018. This date aligns with the deadline the PCI Security Standards Council has set for companies that wish to remain PCI Data Security Standard (PCI DSS) compliant ...

March 6, 2018

Update 3/6/2018 @ 2.15 PM Pacific Time - New Phishing Campaign Observed Today

DocuSign has observed a new phishing campaign that began the morning of March 6th, 2018 (Pacific Time). The email purports to come from "DocuSign Electronic Signature and Invoice" using the email addresses and The ...

Feb. 28, 2018

Update 2/28/2018 - DocuSign and SAML Vulnerability Update

On February 27th, CERT released details about a SAML vulnerability affecting some libraries which may allow an attacker to perform an authentication bypass. More details are available here:

Our security and identity ...