Announcing FileOpen BrowserUX: Share PDFs Securely with No Plug-in Required

Posted by Sanford Bingham on Feb 12, 2021 8:52:39 PM

We are excited to announce production availability of our system to display FileOpen-encrypted PDF in any modern browser, on any platform, without installation of any software!


FileOpen BrowserUX works for any PDF encrypted with the FileOpen software, now or in the past, and delivers the files as native PDFs (not converted to images or any other format). All of the core functionality and security of FileOpen PDFs displayed in Adobe Acrobat/Reader can now be delivered without installation of the FileOpen Client.

What does this mean for you and your users?
Now you can deliver PDF documents securely, with the same rich feature set of access controls, to your intended users regardless of their particular environment. Your users won’t have to install any plug-ins or client software to access protected files, reducing friction and tech support issues.

How FileOpen BrowserUX works
All components of the system are built from the W3C and ISO standards that define the Web and PDF. So the user experience is the same in any modern browser (Chrome, Safari, Firefox, Edge. etc.) on any supported platform (Windows, Mac, iOS, Linux, Android and Chromium.)

As has always been true of FileOpen products, the PDFs displayed in the browser are ISO 32000-compliant, full-featured PDFs so retain all PDF navigation features (bookmarks, thumbnails, etc.) and preserve accessibility. The files are the very same encrypted PDFs that might otherwise be opened on the desktop via Adobe Acrobat/Reader (and other viewers that support the FileOpen Client). Because of this commitment to standards, FileOpen BrowserUX is fully backward compatible to even the very first FileOpen-encrypted PDF -- any PDF that can be opened in Acrobat/Reader can now also be opened in the browser.

Permission to decrypt and use PDFs in the browser is managed by the same PermissionServer logic used to control access in Acrobat/Reader. So user identity and credentials can be the ones in use today, and the same permission controls and watermarks can be imposed. Because it runs in the browser, the system enables integration with single-sign on systems like SAML and with other web components or portals. And since no server-side format conversion is needed, the system can scale up to handle even the largest implementations.

How is this different from other DRM products that work in the browser?
Many of the PDF viewers that have been developed in the past decade, especially the ones embedded into browsers, do not fully support the PDF security model. These applications are not extensible and there is simply no way to open a PDF encrypted with a Security Hander. Moreover, each of these viewers presents its own error message when failing to open an encrypted PDF, and almost none of these messages actually explain to the user what has happened and why.

But the fact that the PDF viewers embedded into modern browsers are not capable of decrypting FileOpen PDFs does not mean that FileOpen PDFs cannot be displayed in those browsers. This is because the processing environment of modern browsers has become sophisticated enough that a PDF viewer can be delivered to that browser in real-time, basically like a webpage, and that PDF viewer can be enabled to open encrypted PDF.
The primary enabling mechanism for this new functionality is a technology called Web Assembly, which permits a server to deliver a complete application into a browser.


Applications delivered this way are more secure than ordinary web pages, because the Web Assembly layer permits the application to be encoded, or compiled, into executable code. Desktop applications are typically compiled. And while it is not entirely true that Web Assembly applications are equivalent to desktop applications, for example because Web Assembly applications run in a sandbox so can’t read from or write to the native OS, they are a major upgrade to the functionality and security of browsers.

In this new world it is no longer necessary to install an application on the desktop, or even a browser add-on, in order to view an encrypted PDF. FileOpen BrowserUX offers the capability to deliver the PDF viewer along with the PDF, in real time.

How to get started with FileOpen BrowserUX
Licensees using FileOpen RightsManager and the FileOpen Viewer platform can begin delivering PDF into the browser immediately. FileOpen RightsServer licensees can choose between setting up a private instance of the delivery module or using one hosted by FileOpen. FileOpen Toolkit/SDK licensees also have the choice of delivering files into the browser from their own infrastructure or using a FileOpen hosted platform. In most cases the new capability can be added with little or no modification to the existing PermissionServer.


Contact Us to schedule a demo or to turn on BrowserUX for your end-users.

Topics: adobe reader protecting sensitive documents document security DRM advice how to implement DRM FileOpen-protected documents