What is Digital Signature?
A digital signature is an electronic form of a signature that can be used to authenticate the identity of the sender of a message. It ensures that the original content is unchanged while in transit. Digital signatures cannot be copied by someone else. It ensures that the original signed message has arrived and the sender cannot disclaim it later.
Interested? Fill in your details
*Mandatory Fields
What is a Digital Signature Certificate (DSC)?
Digital Signature Certificates (DSC) is the electronic format of physical certificate like a driving License, passport etc. All Certificates serve a certain purpose. For example, a passport identifies someone as a citizen of that country in same manner a Digital Signature Certificate can be presented electronically to prove the identity of an individual.
Why do I need a Digital Signature Certificate (DSC)?
A Digital Signature Certificate (DSC) validates your identity electronically. DSC provides you with a high level of security for your online transactions. You can use certificates to sign/encrypt information such that only the intended recipient can read it. You can digitally sign information to assure the recipient that it has, will not change in transit, and also verify your identity as the sender of the message. You can use Digital Signatures for the following:
- For sending and receiving digitally signed and encrypted emails.
- For carrying out secure web-based transactions or to identify other participants of web-based transactions.
- In e-Tendering, e-Procurement, MCA, Income Tax and also in many other applications.
What is a difference between Digital Signature and Digital Signature certificate?
A Digital Signature is a tool to sign an electronic document whereas a Digital Signature Certificate is a computer based record which:
- Identifies the Certifying Authority issuing it.
- Has the name or I the identity of its subscriber.
- Contains the subscriber’s public key.
- Is digitally signed by the Certifying Authority issuing it.
- Is valid for either one year or two years.
Why would you use a digital signature?
| Efficient |
Saves Time: Shorter turnaround times (TATs) as physical loss of time in gathering signatures from different sources is saved. Saves Cost: Cost saving in many cases, where indirect cost such as filing, tracking, printing, delivery etc. is saved. Workflows: Digital signature assures better workflow efficacy. |
|---|---|
| User interface |
Digital signature offer enhanced customer experience as limitations related to location, costs, timelines are no longer there. Organisations get more flexibility in framing designs & customer experience. |
| Compliance |
Digital signature is governed by Information Technology Act, 2000. Multi-factor authentication protects authenticity of signatures. All disputes can be traced and verified legally online. |
Role of Digital Signatures
According to Information Technology Act, 2000, Digital Signatures used on e-documents are secure & authentic & each Indian must use only valid Digital Signature issued to them. Thus, digital Signatures play a key role in solving the problem of tampering and impersonation in digital communications and ensure workflow efficacy.
| Protects Signature Tampering & Impersonification |
A digital signature certificate (DSC) has unique user information such as name, pin code, country, email address, date of issuance of DSC & Certifying authority (CA). Each digital signature uses public key encryptions and thus can be tracked back. DSC origin, identity and status can be used as evidence legally. |
|---|---|
| Workflow efficiency |
Digital signatures ensure work efficiency with easier, swifter & secure use cases. |
How do digital signatures work?
Digital Signatures use a mathematic algorithm and are thus unique, safe & secure. Let’s understand the process:
| Step 1: Signing of Document |
A digital signature provider uses a mathematical algorithm & generates two keys: public key & private key. When a signer electronically signs a document, the signature is created using the signer’s private key, which is always securely kept by the signer. How? When signer signs a document digitally, a cryptographic hash is generated for document. |
|---|---|
| Step 2: Encryption of Cryptographic Hash |
Now the cryptographic hash is encrypted using sender’s private key. Encryption protects information by converting it into secret code. The information is stored in HSM box. From here, it is sent to the document / recipient which has sender’s public key. |
| Step 3: Digital Signature at recipient’s end |
The recipient decrypts encrypted hash with sender’s public key. Here again, a cryptographic hash is generated for recipient. |
| Step 4: Confirmation of Signing of Document |
Both cryptographic hashes are matched to establish authenticity. If the results do not match, it is considered invalid. |
Frequently Asked Questions
A digital signature is an electronic footprint of your identity. It helps you swiftly establish your consent for documents online. Thus, to obtain a mandate for digital Signature, you are required to submit a DSC application form along with a proof of identification, address, attestation officer and a brief about the purpose or need.
Applicants are required to approach Certifying Authorities (CA) with supporting documents or complete eKYC using PAN or other government issued ID proof. In case you opt for Aadhar linked verification, other support documents are not required.
Only licensed Certifying Authorities (CA) can issue digital signature certificates. The list of CAs along with contact details can be obtained from official portal of Ministry of Corporate Affairs (MCA) https://www.mca.gov.in/MinistryV2/certifyingauthorities.html
Digital Signature Certificate i.e. DSC, can be obtained directly form licensed certifying authorities (CAs). Submit the form and provide the support documents and attested copies. You can also obtain it using Aadhar based eKYC and no support documents will be required.
Yes, a person can have different digital signatures for personal & professional use respectively. However, on government websites it would not be possible to use different signatures and you would be required to register again for another signature on the server.
Digital signature certificates could be of Class 1, Class 2 or Class 3. In class 1& 2, the identity is verified through pre-verified database. However for Class 3 DSC, the person needs to come in front of a Registration Authority (RA) and establish identity authentication.
After download and import Digital Certificate in your web browser, you can use your Digital Certificate with web browser but for using with your email you have to configure necessary settings. To get descriptive help for configuring email client software for using digital signatures, please visit following link: - http://support.microsoft.com/support/kb/articles/q168/7/26.asp
No, Your DSC needs to be revoked and you will apply for new DSC
Yes, you can use digital signatures for e-tendering.