Electronic signature is any type of electronic data that can be used as a signature. Let’s first understand the type of electronic signatures.
Click Signature: This refers to when we press submit button after payment for confirmation in an online purchase. This is like signing a document, but done digitally.
Typed Signature: There are digital forms which need to be signed with our name in the space provided which is also similar to signing a document.
Digitized Sigature: This is what we do when accept a package and sign a digital strip with a stylus. This is also like signing on a screen with a digital pen.
Digital Signature: This is the most advanced type of electronic signature. This is used to authenticate a digital document.
Table of Contents
What is a Digital Signature?
Digital Signature consists of a mathematical scheme which can be used to validate the sender of a message. A digitally signed document is proof in itself that the sender is genuine as the digital signature cannot be forged. This can also be used to maintain the integrity of the message. A Digital Signature is a proven method of maintaining the security and privacy of very important information being exchanged over the Internet.
Digital Signature consists the following parts:
- Owner’s name
- Owner’s public key
- Expiry date of the key
- Serial number for the signature
- Name of the issuer- Digital Signatures can be issued by a Certification Authority (CA)
- Digital Signature of CA
How does Digital Signature work?
Digital Signature used the technology of Asymmetric or Public Key Infrastructure (PKI). A mathematical code known as the ‘message digest’, is generated with an algorithm and digital content when the user creates a digital content. This is unique to the process and content, everytime the digital signature is invoked. The sender’s unique private key encrypts this code and send it over the electronic media along with the document or transaction. At the receiver’s end, the private key of the sender (which is sent along with the message) is used to decrypt the same. Hence the authenticity of the sender is validated. However, during the encryption, nothing is encoded regarding the document or message content, rather, it is a way to decode the signature which will lead to the document or message.
Who can use a Digital Signature?
Digital Signature can be used by a person or the computer, where the entire process is automated and the idea is to streamline the entire process flow. Government entities use this for contracts, licenses and other official documents. Business houses or organizations can use it for multiple level authorizations and approval. Executives use it for approvals for processes while they might not be present in person.
Is Digital Signature legal?
Digital Siganture is legal in India under the Digital Signature Legislation. Digital Signatures issued by a licensed Certifying Authority are considered as valid and can be used in lieu of a physical signature under this Act. If a Digital Signature is used by anyone other than to whom it has been issued, then it is considered as an illegal act.
What are the cost and validity of a Digital Signature?
Digital Signature comes with a one year or a two year validity. The cost might vary according to the market prices. This generally includes a one time cost of a USB device, cost of issuance and the cost of renewal after validity is over.
Digital Signature can be used for tax filing purposes as well as directed by the Income Tax Department.
What are the advantages of Digital Signature?
Digital Signature has a threefold advantage:
Since the digital signature is electronically encoded and decoded, it provides high security to the content or message being sent. There is no way one can tamper with a digital signature to damage or modify the message being sent, hence data integrity is ensured.
Since the digital signature is unique and only in possession of the person to whom it has been issued, the sender cannot deny that he/she has not sent the data if it contains his/her digital signature. The private key of the sender is a secret code only available to the sender, unless he/she has been manipulated by someone else to derive the key.
A digital signature authenticates a document by by confirming the legitimacy of the sender since the sender has the full ownership of the private key.
How to get a Digital Signature?
Digital Signatures can be issued by Certification Authorities under Section 24 or The Indian IT-Act 2000. They can issue Class 2 or 3 certificates. In India, there are seven certified agencies, appointed by the Controller of Certification Agencies (CAA), who can issue Digital Signature Certificates (DSC).
The certifying agencies are as follows:
- Tata Consultancy Services (TCS)
- National Informatics Center (NIC)
- IDRBT Certifying Authority
- SafeScrypt CA Services, Sify Communications Ltd.
- (n) Code Solutions CA
- MTNL Trust Line
- Customs & Central Excise
For applying for digital signature, you have to follow this process:
- Download and fill the DSC Request Form according to guidelines. (Forms are available in the above authority websites).
- Submit the completed form along with requisite documents and photograph.
- Once the form starts processing, a Membership ID and password is sent via email.
- Once issued, the USB token or Smart Card for the digital signature needs to be collected which can be used to install and enroll for digital signature.
- The status of the application can also be tracked online. Once issued, the certificate can be downloaded, renewed and revoked online.
Other than this, Microsoft provides an option is creating your own digital signature by a following few steps, but this can only be authenticated in the computer which you have used to create the digital signature and not anywhere else.
For more details, you can visit www.mca.gov.in.