Digital Signature Certificates or DSC or Digital Signatures are being adopted by various government agencies and now is a statutory requirement in various applications. From filing statutory returns to authenticating documents, Digital Signature Certificates are required in almost all digital filings. In coming times, it will become mandatory in almost every digital transaction.
Different classes (level of security) of certificates are available to help organizations and individuals secure online transactions with legal validity as per the Indian Information Technology Act, 2000. There are various types and classes of DSC.
Digital Signature Certificate is like your signature in a digital format with an underlying mathematical algorithm for validation and authenticity. In other words, it equivalent to a handwritten signature, but far more safe and secure digitally. It is a mathematical technique used to validate the authenticity and integrity of a message or an electronic document. A Digital Signature Certificate guarantees the authenticity of an electronic document or message in digital communication and uses encryption techniques to provide proof of original and unmodified documentation.
How do Digital Signature Certificate Work
Digital signatures follow a global standard protocol called the PKI (Public Key Infrastructure) that creates two keys – one public, and one private using a mathematical algorithm. The public key and private key are mathematically linked to each other.
When an electronic file is digitally signed a unique digital fingerprint (called a hash) of the document is created using signer’s private key. This hash is specific to this particular document. The data in the file gets encrypted and the resulting encrypted data is the digital signature. The slightest change would result in the digital signature getting invalidated. Thus, once the digital signatures are affixed on any digital document, the data therein cannot be altered without the digital signature getting invalidated.
The digital signature only requires the signer to have the pair of cryptographic keys (Digital Signature Certificate). The signer signs the document using his/ her private keys (DSC) and the receiver can verify the signature using the signer’s public keys that are available publicly.
Advantages of Digital Signature Certificates
- Digital signatures are secured and risk-free:
Handwritten signatures and even electronic signatures can be easily copied or forged, whereas digital signatures use unique cryptographic algorithms and cannot be copied/replicated/reproduced. Any change to a digitally signed document renders the signature invalid, hence, the digitally signed document cannot be changed without detection.
- Digital signatures ensure authentication:
Since digital signatures require digital certificates that are issued by a trusted third party, it unquestionably identifies the person as who he claims to be.
- Digital signatures ensure non-repudiation:
Digital signatures are done using a unique set of algorithms within a digital certificate issued to signers after due diligence by certifying authorities. The signer of digitally signed documents can be determined by the highest degree of trust, hence signers cannot repudiate their signatures at any point.
- Legally valid in most countries:
Countries having e- signature legislations provide digital signatures with the same validity as the handwritten signatures. Some of them also recognise electronic signatures, but most of them need highly secure digital signatures for signing electronic documents.
- Cost-effective and efficient:
Businesses and Governments are now accepting the idea of digitally signing the documents in order to implement a paperless office. Going electronic with processes helps them make processes more efficient, reduce costs and secure documents.
Type of Digital Signature Certificates
Sign DSC can only be used for signing documents. The most popular usage of is signing the PDF file for Tax Returns, MCA and other websites. Signing via DSC gives the assurance of not only the integrity of the signer but also the data. It is proof of untampered and unaltered data. These are most common type of DSCs as all most of the statutory filings are done using these signatures.
Encrypt DSC can only be used to encrypt a document; it is popularly used in the tender portal, to help companies encrypt the documents and upload. You could also use the certificate to encrypt and send classified information. Encrypt DSC is fit for e-commerce documents, legal documentation and sharing documents that are highly confidential and contains information that needs to be protected.
- Sign & Encrypt
Sign and Encrypt DSC can be used for both signing and encrypting. It is convenient for users who need to authenticate and maintain the confidentiality of the information shared. Its usage includes filing government form and application.
Validity of the Certificate
The validity is controlled by the law, and one cannot buy Digital Signature Certificates for more than 3 (three) years and less than 1 (One) year validity.
Classes of Certificates
The Information Technology Act, 2000 allows three Classes of DSC i.e. Class 1, 2 and 3. Degree of security varies with the class of DSC.
Class 1 Digital Signature Certificate
Class 1 DSC can be issued for both business personnel and private individuals use. These certificates will confirm that the information in the application provided by the subscriber does not conflict with the information in well-recognized consumer databases.
Class 2 Digital Signature Certificate
Class 2 DSC can be issued to individuals and organizations for both Indian and foreign applicants. The main function of this certificate is to authenticate the details of the signer. It re-affirms the already mentioned data of the user. It is used in various form-filling, online registration, email attestation, income tax filing and etc. Uses of class 2 DSC are given below :
- MCA (Ministry of Corporate Affairs) e-filing
- Income Tax e-filing
- LLP and company registration
- GST registrations, returns filing and application filing
- Import-export code (IEC) registration
- trademark e-filing
- Form 16 and others.
Class 3 Digital Signature Certificate
Class 3 digital signature certificate is more secure in comparison to class 2 certificate; this is the safest of all certificates. It is used in matters of high security and safety. It is mainly used in online trading and e-commerce, where a huge amount of money or highly confidential information is involved. If you opt for class 3 certificates, all applications which are created for Class 2, should be able to recognize your certificates. Following are the main functions of Class 3 certificates:-
- Patent and trademark e-filing
- MCA e-filing
- Customs e-filing
- E-auction and others
Who could buy Digital Signature certificate
There is no limitation on who could buy the certificates. People and organization from India and outside India can buy digital signature certificates provided they meet the verification guidelines.