We live in a digitized world. Today, most of our communication and transactions happen online. This means that we send and receive critical information across the internet. Websites have become the new store-fronts for most businesses and users tend to equate the organization’s services with the experience they have with the brand online. Further, the digital world is constantly kept on its toes by hackers and cyber-miscreants. Hence, as an enterprise, ensuring the security of data on your website is absolutely critical. This is where a digital signature steps in. In this article, we will offer a comprehensive understanding of a digital signature and steps to help you prepare it.
What is a Digital Signature?
Before we talk about a digital signature, let’s look at the importance of signatures. A signature is your identity. You use it on almost all legal correspondences, banking documents, academic documents, etc. If you observe, most signatures are impossible to copy. They seem like a random throw of lines that only the owner of the signature can replicate. Hence, it is tamper-proof and protects the signature’s owner from frauds. Also, it assures the person receiving a signed document that it comes authentically from you.
In the digital world, while physical signatures are not possible, the importance of signing an important document to authenticate its source is more prevalent. Hence, digital signatures were designed. In simple terms, a digital signature allows the recipient to ensure the authenticity of an email or document received. If the document has a digital signature, then the recipient knows the creator of the document and whether it was altered before it reached him/her. Digital signatures use encryption for ensuring authentication.
Encryption is a process of communication between two computers which is encoded in a manner that only the terminals have the decoding key.
Digital Signature Certificate (DSC)
While digital signatures are fine for individuals sharing documents, when it comes to encrypting data on a large scale (like a website), one needs a different approach. This is where digital signature certificates (DSCs) come in.
A DSC ensures the user that the website (and the server it is hosted on) is trusted by a Certificate Authority. This is an independent source that verifies and authenticates websites by using the public key encryption process on a large scale. It works like a middle-man that both the website and the user trust. It allows them to believe that the terminals are who they say they are and provides public keys of each terminal to the other.
Classes of a DSC
There are three classes of a DSC with each defining its purpose. Each class has a set of security features that point to a certain level of trust.
- Class I DSC – Class I DSC verifies the association of an email address with a person. They are issued to personnel as well as private individuals.
- Class II DSC – You can use Class II DSC for e-filing documents with the Ministry of Corporate Affairs (MCA). You can also use it for filing returns with the Income Tax Department and obtaining the Import Export Code. You can get this DSC as a USB token after you submit self-attested copies of identity and address proof.
- Class III DSC – This is the most secure form of a DSC. The Registering Authority verifies the identity of the applicant in person before issuing a Class II DSC. You can use this to establish the identity of the signee in e-commerce and e-tendering.
There are also Special Purpose Certificates – Secure Socket Layer (SSL) for HTTPS websites and Document Signer Certificate for bulk signing.
How to get a DSC?
In India, you can purchase a digital signature certificate from Certifying Authorities like E-Mudhra, Sify or N-Code. Along with the application form, you need to submit:
- A valid contact number
- A valid email address
- Self-attested copy of identity proof (PAN Card or Aadhaar Card)
- Self-attested copy of address proof (Aadhaar Card)
- A passport Size Photograph
Once the application is submitted, you will receive a verification link on your mobile phone. You will also receive a video verification link on your email address. You need to complete BOTH these verifications.
Once the verification process is complete, your DSC is approved.
It is important to note that DSCs have a validity period (one/two years typically). Hence, you must keep a tab on the expiry date and renew the certificate accordingly.
Digital signature certificates help enterprises conduct business online with an added layer of security. They save time and cost since you don’t need to scan and send documents via email. They also ensure the integrity of data in the documents allowing you to take action without worrying about forgery. You can have different DSCs – one for personal use and one for official use. These are legally accepted documents that are a must for modern businesses. We hope that this article offered a good understanding of a digital signature and the importance of DSCs. Please drop us a line if you have any further questions.