In today’s quickly evolving era of digital landscape, business transactions and personal work are mainly conducted online. From signing contracts to engaging in e-commerce and submitting tax forms, the digital domain has become an integral part of our lives. However, this digital shift requires secure and reliable ways of authenticity, security and integrity of electronic transactions. In this article, we’ll explore the core concept of Digital Signature Certificate in personal and business transactions.
What are Digital Signature Certificates?
A digital signature certificate, also referred to as a DSC, is a cryptographically secure key that Certifying Authorities (CAs) provide to verify and affirm the identity of the person holding the certificate. When organizations need to digitally sign documents online and need a way to safely authenticate the signature and validate the signed document, DSCs are frequently provided and used.
If offered by the certifying authority, applicants can also acquire DSCs while using Aadhaar KYC-based verification. In addition to these techniques, a letter with the applicant’s details for the online signing certificate stored in the bank’s database can be used. The bank manager should certify such certificates.
Benefits of Digital Signature Certificate in personal and business transactions
Benefits of a Digital Signature Certificate (DSC) are:
- Digitized time stamp: Time stamping is the method of accurately recording the date and time of a document’s signing, as well as any subsequent changes. This allows you to determine when the DSC was added to the document and at what time.
- Document authenticity: The recipient of a digitally signed document is relieved knowing that the signer’s identity and the document’s validity have both been verified. They need not worry about the legitimacy of the supporting documents being called into question due to forgery or accidental misuse.
- Authentication: The DSC holder’s identity, contact information, and transaction history may all be verified with this service.
- Time and cost saving: These days PDF files can be digitally signed and emailed without the time-consuming process of physically signing and scanning paper papers. A person with a DSC can execute or authorize transactions without being present.
- Data Integrity: The data is secure because digitally signed papers cannot be changed or updated once they have been signed. These certifications are frequently requested by government agencies to double-check and authenticate a business deal.
How Does DSC Work?
The DSC work in the below mentioned manner:
- A DSC links an individual’s identification to electronic keys. The CA endorses the private and public keys.
- The DSC holds user identity. It includes the name, country, PIN code, email address, certificate date, and certifying authority.
- CA-approved electronic keys. One cannot work without the other. These keys encrypt and decrypt identification data during information exchange by browsers and servers.
- The device or token stores the digital certificate’s public key. User-controlled private keys can only be used with the password.
- Encrypted data dispersed with the public key. If the public and private keys do not match or are unavailable, the e-Signed document cannot be authenticated.
- This encryption approach prevents unauthorized parties from decrypting data by making the document unavailable.
Types of Digital Signature Certificate used in personal and business transactions:
Certifying authorities issue three kinds of DSC for personal and business transactions. These are:
- Class 1 Certificate: Private subscribers receive them to verify their CA database information. They need an Aadhaar e-KYC biometric, paper-based application form with supporting documents, or OTP & video verification.
- Class 2 Certificate: Signatory authority receives these certificates for e-filing with the Registrar of Companies (ROC). They need Aadhaar e-KYC biometric, OTP, or video verification.
- Class 3 Certificate: Indian vendors use Class 3 certificates to bid in e-auctions and online tenders. They need an Aadhaar e-KYC biometric or paper-based application form, supporting documents, and a CA appearance or OTP and video verification
Techniques of obtaining Digital Signature Certificate
Different Techniques of obtaining Digital Signature Certificate are:
- Applicants can speak with Certifying Authorities (CAs) directly if they need a digital signature certificate. Both the original supporting papers and their self-attested duplicates must be available for this purpose.
- Using Aadhaar e-KYC-based authentication, applicants can also receive documents with digital signatures.
- For acquiring a digital signature certificate, a letter certified by a bank manager and providing the applicant’s information for a digital certificate that is stored in the bank database may also be used.
- A digital signature certificate (DSC) can be obtained online and is valid legally throughout the nation for the necessary use.
Key criteria for issuing Digital Signature Certificate
Section 36 of the Information Technology Act, 2000 (hereinafter referred as “the Act”) requires a CA to certify that the applicant has complied with the Act and its regulations.
- The CA must confirm that it published the DSC or made it available to the subscriber and that the subscriber accepted it.
- The Digital Signature subscriber must hold the private key that can create a digital signature and the private key that matches the public key in the certificate.
- Subscriber’s private and public keys work together.
- Digital Signature Certificate data is accurate.
- The mentioned public key can verify the subscriber’s private key’s digital signature.
- The Certifying Authority should certify that it is unaware of any significant fact that, if included in the DSC, would compromise the representations made in clauses mentioned above of Section 36 of the Act.
Areas where Digital Signature Certificates are used in personal and business transactions
Below are the areas where Digital Signature Certificates are used in personal and business transactions are:
- Income tax filing online.
- Company registration electronically.
- Chartered Accountants, Company Secretaries, and Cost Accountants signing digitally.
- E-filing government tenders.
- Trademark & Copyright electronic filing.
- Digitally signing contracts and agreements.
- Sign Word, Excel, and PDF files.
- Digitally signed and encrypted emails.
- To protect web-based transactions or identify participants.
When should electronic signatures not be used?
E-signatures cannot be used on all kinds of papers in India, as stated in the IT Act, 2000, and there are some circumstances where physical signatures are still required. The following are instances when legislation governing e-signatures are deemed invalid:
- Wet signatures are to be taken into consideration as being legitimate in any contract for the sale of real estate in India as well as any contract, interest, or conveyance in such property.
- The Powers of Attorney Act, 1882’s Section 1A prohibits the use of electronic signatures in the event of powers of attorney, as stated in the laws governing e-signing in India.
- According to the e-signing regulations, a will and/or testament disposal as defined by Section 2(h) of the Indian Succession Act, 1925 cannot be approved using e-signatures.
- According to Section 13 of the Negotiable Instruments Act, 1881, electronic signatures cannot be used on any other type of negotiable document besides a check, such as a promissory note or a bill of exchange.
- According to Indian e-signing regulations, a trust deed as defined by Section 3 of the Indian Trusts Act, 1882 cannot be signed using an electronic signature.
Digital Signature Certificate Suspension
Section 37 of the Information Technology Act, 2000 allows the CA to suspend a DSC upon request from the subscriber listed in the DSC or any person duly authorized to act on behalf of that subscriber.
The Certifying authority may suspend the DSC in the public interest. The subscriber must be heard before the Digital Signature Certificate is suspended for more than 15 days. Subscribers receive suspension orders from the Certifying Authority.
Digital Signature Certificate Revocation
The certificate can be revoked in following conditions:
- A certifying authority may revoke a Digital Signature Certificate upon request from the subscriber or authorized person.
- DSCs can also be withdrawn if the subscriber dies, the firm dissolves, or the company is wound up.
- If the Certifying Authority feels that a material fact in the DSC is false, disguised, or not met.
- The DSC’s dependability was compromised by the certifying authority’s private key or security system.
- Insolvency, death, or dissolution of a firm or company. It may revoke DSC. The authority can revoke the digital signature certificate and notify the subscriber. The subscriber must be heard before it is revoked.
Takeaway
Digital Signature Certificate in personal and business transactions cannot be overstated. As it gives a secure and robust mechanism for authentication, maintaining the integrity of digital exchanges, and non-repudiation. By using DSCs, individually, and in businesses can set up the authenticity of their digital identities, streamline processes, and protecting against fraud and tampering. DSCs make sure individuals to sign documents securely, communicate electronically with confidence and conduct online transactions.