Sign a Card with an additional keyThis guide shows how to sign a Card with an additional private key for providing your digital solution with the highest level of security.When you care about your security, you shouldn't trust anyone. Thus, to be sure that a user's Card wasn't replaced with another one, you have to add an additional signature into a Card.Before publishing a user's Card on Virgil Cards Service you sign a Card with the private key of your Application Server that was generated during Application registration on Virgil Dashboard. Remember, you cannot change a Card's content after it's published. Sign a user's CardIn order to add the signature of your app server to a user's Card you need to:transmit an existing user's Card to your server. You can use any suitable way to transmit the Card.If you need to export a user's Card to a string representation on a client side or import a Card from the string representation on a server side, use the following lines of code:// export Virgil Card to base64-encoded string $exportedAliceCard = $aliceCard->export(); // import a Virgil Card from string $aliceCard = $virgilApi->Cards->import($exportedAliceCard);sign a transmitted user's Card and publish it on Virgil Cards Service:// publish a Virgil Card $virgilApi->Cards->publish($aliceCard);As result, a user's Card will be published on the Virgil Cards Service, where it will be available at any time.setup Virgil Card Verifier. By default, CardVerifier only verifies the signatures of a Card owner and Virgil Cards Service. So when you want to verify an App Server signature, you also have to set up CardVerifier.At the Virgil Services, the Virgil Card(s) will be also signed. Developers can verify the signature of the Virgil Card owner, the Virgil Services, and the Application Server at any time.