A digital signature is an electronic form of a signature that can be used to authenticate the identity of the sender of a message. It ensures that the original content is unchanged while in transit. Digital signatures cannot be copied by someone else. It ensures that the original signed message has arrived and the sender cannot disclaim it later.
Digital Signature Certificates (DSC) is the electronic format of physical certificate like a driving License, passport etc. All Certificates serve a certain purpose. For example, a passport identifies someone as a citizen of that country in same manner a Digital Signature Certificate can be presented electronically to prove the identity of an individual.
A Digital Signature Certificate (DSC) validates your identity electronically. DSC provides you with a high level of security for your online transactions. You can use certificates to sign/encrypt information such that only the intended recipient can read it. You can digitally sign information to assure the recipient that it has, will not change in transit, and also verify your identity as the sender of the message. You can use Digital Signatures for the following:
A Digital Signature is a tool to sign an electronic document whereas a Digital Signature Certificate is a computer based record which:
Efficient |
Saves Time: Shorter turnaround times (TATs) as physical loss of time in gathering signatures from different sources is saved. Saves Cost: Cost saving in many cases, where indirect cost such as filing, tracking, printing, delivery etc. is saved. Workflows: Digital signature assures better workflow efficacy. |
---|---|
User interface |
Digital signature offer enhanced customer experience as limitations related to location, costs, timelines are no longer there. Organisations get more flexibility in framing designs & customer experience. |
Compliance |
Digital signature is governed by Information Technology Act, 2000. Multi-factor authentication protects authenticity of signatures. All disputes can be traced and verified legally online. |
According to Information Technology Act, 2000, Digital Signatures used on e-documents are secure & authentic & each Indian must use only valid Digital Signature issued to them. Thus, digital Signatures play a key role in solving the problem of tampering and impersonation in digital communications and ensure workflow efficacy.
Protects Signature Tampering & Impersonification |
A digital signature certificate (DSC) has unique user information such as name, pin code, country, email address, date of issuance of DSC & Certifying authority (CA). Each digital signature uses public key encryptions and thus can be tracked back. DSC origin, identity and status can be used as evidence legally. |
---|---|
Workflow efficiency |
Digital signatures ensure work efficiency with easier, swifter & secure use cases. |
Digital Signatures use a mathematic algorithm and are thus unique, safe & secure. Let’s understand the process:
Step 1: Signing of Document |
A digital signature provider uses a mathematical algorithm & generates two keys: public key & private key. When a signer electronically signs a document, the signature is created using the signer’s private key, which is always securely kept by the signer. How? When signer signs a document digitally, a cryptographic hash is generated for document. |
---|---|
Step 2: Encryption of Cryptographic Hash |
Now the cryptographic hash is encrypted using sender’s private key. Encryption protects information by converting it into secret code. The information is stored in HSM box. From here, it is sent to the document / recipient which has sender’s public key. |
Step 3: Digital Signature at recipient’s end |
The recipient decrypts encrypted hash with sender’s public key. Here again, a cryptographic hash is generated for recipient. |
Step 4: Confirmation of Signing of Document |
Both cryptographic hashes are matched to establish authenticity. If the results do not match, it is considered invalid. |