Digital Signature Certificate

Overview

A Digital Signature Certificate is a secure digital key that is issued by the certifying authorities for the purpose of validating and certifying the identity of the person holding the certificate. Digital Signatures make use of the public key encryptions to create the signatures for documents.

A digital signature certificate (DSC) contains information about the user’s name, pin code, country, email address, date of issuance of certificate, expiry of the certificate and name of the certifying authority.

Benefits of a digital signature certificate

Digital Signature Certificates are helpful in authenticating the personal information details of the individual holder when conducting business online.

1. Reduced cost and time

Instead of signing the hard copy documents physically and scanning them to send them via e-mail, you can digitally sign the PDF files and send them much more quickly. The Digital Signature certificate holder does not have to be physically present to conduct or authorize a business, their representatives can do.

2. Data integrity

Documents that are signed digitally cannot be altered or edited after signing, which makes the data safe and secure. The government agencies often ask for these certificates to cross-check and verify the business transaction.

3. Authenticity of documents

Digitally signed documents give confidence to the receiver to be assured of the signer’s authenticity. They can take action on the basis of such documents without getting worried about the documents being forged.

4. Enhanced security

Digital Signature Certificate prevents unauthorized use of your document and data. No one can fake your signature, tamper the data or alter your document. Digital Signature Certificate ensures your signature is valid, verified and legitimate. It cannot be used without your verification.

5. Legal validity

According to the Information Technology Act, 2000, a Digital Signature Certificate is accepted evidence in any court of law similar to the acceptance of any signed document.

6. Global acceptance

Apart from government bodies like GST, MCA, Income Tax, etc., a Digital Signature Certificate is being accepted in all the countries across the world as it offers greater security. Digital Signature Certificate is important for companies looking to take part in government tenders.

Fulfilling Statutory Compliance

Individuals and business entities that are required to get their accounts audited have to file their income tax return compulsorily using a digital signature. Furthermore, the Ministry of Corporate Affairs has made it mandatory for companies to file all reports, applications, and forms using a digital signature only. Nowadays, business entities have to use Digital Signature Certificate for participating in e-tenders.

Under GST also, a business entities can get registered only by verifying the GST application through a digital signature. The use of a digital signature is necessary even for filing all applications, amendments and other related forms.

Certifying Authorities for Digital Signature Certificate

The Controller of Certifying Authority for the purpose of issuing digital signatures in India has authorized eMudhra as one of the certifying authority for issuance of Digital Signature Certificate. Other certifying authorities may include (n) Code Solutions, National Informatics Centre, Safescrypt and Institute for Development and Research in Banking Technology.

Different Classes of Digital Signature Certificate

The type of applicant and the purpose for which the Digital Signature Certificate is obtained defines the kind of Digital Signature Certificate one must apply for depending on the need of the Digital Signature Certificate. There are three types of Digital Signature certificates issued by the certifying authorities.

Class 1 Certificates

These are issued to individual/private subscribers and are used to confirm that the user’s name and email contact details from the clearly defined subject lie within the database of the certifying authority.

Class 2 Certificates

These are issued to the director/signatory authorities of the companies for the purpose of e-filing with the Registrar of Companies (ROC). Class 2 certificate is mandatory for individuals who have to sign manual documents while filing of returns with the ROC.

Class 3 Certificates

The Class 3 is the upgraded version of Class 2 Digital Signature Certificate. These certificates are used in online participation/bidding in e-auctions and online tenders anywhere in India. The vendors who wish to participate in the online tenders must have a Class 3 digital signature certificate. It is issued to individuals and organisations that want to participate in bidding for government tenders or online tenders and auctions.

  • Documents required

  1. ID proof like Passport/Driving license or any Photo Identity issued by the Govt
  2. PAN card (Individual or Organization)
  3. Address proof like Aadhaar card/Voter ID/Driving license/Registration Certificate
  4. Attesting Officer proof
  5. Partnership deed (if applicable)
  6. List of Authorised Signatories which could be the list of Directors, Board resolution, etc. (if organization)
  7. Authorised Signatory ID proof
  8. GST certificate (if organization)

How Digital Signature Certificate Work?

A Digital Signature Certificate is created based on the PKI mechanism where two keys – a public key and private key are generated. The private key is kept by the signer and the public key is required by the receiver to decrypt the information regarding the identity of the user during information exchange. The user can store the private key on a computer or hard disk as a token and access it with his/her respective password issued.

During the transfer of information, both the keys are used by the browser and the server to encrypt and decrypt information, to authorise the identity of the user. The public key is disseminated with the encrypted information. The authentication process fails even if one of the keys does not match. Hence the encrypted data cannot be decrypted making it impossible for unauthorized access.