Digital Signatures and Certificates
Why would I need to obtain a legally valid Digital Signature Certificate?
If you need to perform any of the above mentioned tasks or intend to identify yourself positively in all email communication that you send you should obtain a Digital Signature Certificate.
Why is my digital signature certificate given to me on a device called a VASCO DP Key 101, USB cryptographic token?
Security. Your digital signature is as valuable as your hand written signature and misuse or misrepresentation can lead to legal liability. To protect your digital signature certificate from misuse we only offer it loaded onto a USB cryptographic device which use a special smart card based chip to prevent tampering, is password protected and erases itself if subjected to brute force attacks.
How is this legal liability enforced in a court of law? What role does the issuing CA play?
The certifying authority who issued the digital signature certificate is summoned to provide proof of the issuance to prove that a person was actually issued one and the proof presented by that person to acquire the digital signature.
How can I revoke my digital signature certificate?
All revocation requests must be made in writing to us with a physical signature of the holder of the digital signature certificate. We in turn will transmit this request to the certifying authority office that in turn will action it.
Can I hold multiple digital signature certificates concurrently? Is it not illegal to hold multiple passports concurrently? Why would I ever need to hold more than one digital signature certificate?
Yes. Unlike holding two passports of once country which amounts to impersonation holding more than one digital signature certificate is quite acceptable under the Indian IT Act 2000. These digital signatures may be issued by a single certifying authority or different ones and could belong to any class. They may also be used for different applications simultaneously or separately. Different organizations may mandate different levels of authentication or validation of an identity the details of which would be included in the fields of a digital signature certificate. For example the Director General of Foreign Trade mandates that the exporter community quote their IEC code number in their class III digital certificate while the income tax department may insist on the PAN number being listed in the details of the class II digital signature certificate, hence the requirement of more than one digital signature certificate, for the same user if he/she is a member of both user groups.
How do digital signature certificates actually work in identifying me on the internet? What is the process and technology used for such identification to work?
Whenever used a digital signature is normally attached as evidence of signing the transaction. This digital signature when interpreted by the computer system or application shows the subscribers identity details and the name of the certifying authority who issued him/her the credentials. The technology at work for this is called PKI (Public Key Infrastructure) technology.
What are the examples of usage of legally valid Digital Signature Certificates?
Digital Signature Certificates are often used, but not limited to these kinds of situations over the internet.
- Exchanging digitally signed and or encrypted email.
- To log into a bank account
- To identify yourself in a financial transaction with a bank, stock exchange or commodity exchange.
- To submit information of a financial and or legal nature to the government – for example to the Ministry of Company Affairs or the Income Tax Department for filing tax returns and information.
- To book airline tickets or railway tickets as a travel agent – for example whilst interaction with IRCTC (Indian Railways) or Air India.
- To participate in an electronic tendering process floated by government or private entities.
- To sign a document or contract as a authorized signatory or professional like a Chartered Accountant or Lawyer or Notary Public for the public at large.
- Company employees interacting with their administration department.
- Students interacting with the University office.
Which is the most reputed public Certifying Authority in India, for issuance of Digital Signature Certificates?
SIFY, represented by its most efficient, longest standing and ethical Registration Authority – Jash International, issues over 100,000 Digital Signature Certificates every year to Indians resident in India and foreigners who need to transact under Indian laws. Jash International may be visited online at https://www.esign.in or on telephone number +912228790310 or by email to email@example.com
What are the various types of Digital Signature Certificates issued by Indian Public Certifying Authorities?
Digital Signature Certificate (DSC) is issued in 3 classes by Indian Public Certifying Authorities (CA) like SIFY in India.
• Class I: A certificate which only validates the email address of the user.
• Class II: A certificate that may be validated for by a Registration Authority or Sub-Certifying Authority on behalf of the CA. This certificate calls for presenting of documentary evidence like an identity proof and a proof of residence or domicile. Besides this the sub-ca may also demand certain other proofs if the DSC is being issued for a particular closed user group like the exporter community, who possess a Importer Exporter Code Number or a Chartered Accountant who has a membership number of the ICAI. The CA undertakes to underwrite the identity validation provided, based on documentary evidence the CA relies upon
• Class III: A certificate which is validated only by the CA without any intermediary involvement indicating the highest level of trust. The issuance of this type of certificate requires personal (in the flesh) validation of the person to whom the DSC is to be issued along with ID and domicile proofs. The CA undertakes to underwrite the identity validation provided, based on documentary evidence the CA relies upon
What are the various classes of Digital Signature Certificates used for? Can you give us a few examples?
Class I Digital Signature Certificates: Only for basic email validation. Normally used within closed user groups like companies who want to exchange email between employees and or partners. As all employees and partners are validated by their respective departments the trust level is acceptable to all users.
Class II Digital Signature Certificates: Currently the Ministry Of Company Affairs under the MCA21 project and the Income tax department are the largest acceptors of Class 2 digital signature certificates in India for e-filing of compliance reports and tax returns online.
Class III Digital Signature Certificates: Tendering authorities of state governments such as Madhya Pradesh, Gujarat, Assam, New Delhi Municipal Corporation, Indian railways and a host of others only rely on Class 3 DSC usage by bidders. Normally a holder of a Class III DSC may participate in all transactions which require any other class of DSC as the Class III Digital Signature Certificate is considered to have the highest level of inherited trust from its issuer.
What does a digital signature certificate look like? Is it a scanned copy of my written signature?
A digital signature certificate is a hashed (garbled) machine readable piece of information which uses your personal details as a base: For example:
Common Name: Sandeep Goenka.
Organization Name: Goenka Bros Ltd.,
Organization Unit: Head Office
It is not a scanned copy of your written signature.
How do I apply for a digital signature certificate?
1. Decide on the class of digital signature you require to purchase by inquiring with the organization or website where you intend to use it just to be doubly sure that you are not enrolling for an incorrect type of digital signature certificate. You may also use the handy wizard on https://www.esign.in to make the right selection.
2. Visit our website https://www.esign.in and shop online for your selected type of digital signature certificate. We offer you the option of paying online using your MasterCard, Visa or American Express card through our highly secure EBS e-payment gateway. You may also use any debit card or internet banking account. We also accept payment by Demand Draft or RTGS/NEFT fund transfer and by handing over of cash, at our office in person or via your messenger, along with all relevant documents.
3. Download the relevant forms. Fill them out completely, attach the relevant notarized or attested proofs as required and courier it along with the online payment proof / offline payment copy to our office address as follows:
Mumbai Registration Authority for SIFY Certifying Authority
309 Shree Krishna Commercial Center,
6 Udyog Nagar, Off SV Road,
Lane of Vifor - Opposite MTNL Exchange Goregaon West
Tel: 28790310 email: firstname.lastname@example.org
Office Timings: Monday – Friday: 10.00 AM to 7: 00 PM
Closed On Saturday, Sunday & Major Bank Holidays
4. We will contact you by email and phone to keep you posted about the enrollment process and the delivery of the digital signature certificate. Our staff will assist you in first usage of the digital signature certificate once you have received the box containing the digital signature certificate loaded on an e-token along with a CD containing software and the relevant drivers which have to be loaded onto every computer from where you intend to use the signature.
What is the difference between a digital signature certificate and the lock I see at the bottom of the page when I log into my internet banking account?
While the digital signature certificate is used to identify a person the lock you see at the bottom of a website ( like ours https://www.esign.in) when you perform a secure banking transaction is in-fact the symbol of a digital signature which creates a secure tunnel between your computer and the banks computer. Such digital signatures are called Secure Sockets Layer (SSL) web server certificates. These also use PKI technology but besides just identifying the organization which owns the IT infrastructure and website it also, like a personal digital signature certificate, secures the transmission of data between the user and it.
Digital Signatures and Certificates
I need to use my certificate from a different machine. Is this possible?
Yes. You can easily transfer your certificate from one machine to another. The process is called ''Certificate Export / Import''. Please click here for a detailed user guide.