January 3, 2022 Digital Signature & Electronic Signature under Information Technology Act, 2000 By Adv. Apurva Chodankar Introduction A signature is a depiction of the handwritten name or identity of an individual to show his unique identification on any document file etc. For an individual signature is of utter importance in giving his consent on any document. In recent times, traditional signatures have been replaced by electronic and digital signatures. It is pertinent to note that with new innovations and technology in different fields there is a tremendous increase in online transactions that causes transfer of online payment and document sharing in everyday life. Present-day sharing documents are done through email etc. There emerged a new mode to sign the document and this mode is called the e-signature or digital signature. Historical Background The first hand-written signature can be traced back to 3100 BC. One Gar Ama signature on clay tablets and one Spanish soldier El Cid is considered to be the very 1st to have their own signatures in the history of mankind. In the 16th century, the State of Fraud Act was passed in England’s parliament making signatures mandatory in contracts. Since, then it has become a rule to sign every document, job application, job-related form, etc. to show an individual identity. Advent of Information Technology Act, 2000 In India, electronic and certificate-based digital signatures are controlled by the Information Technology Act,2000 also known as the IT Act, and the Rules made under the act and these are Information Technology (Certifying Authorities) Rules 2000, Digital Signature (End Entity) Rules, 2015 and Information Technology (Use of Electronic Records and Digital Signature). Digital Signature A digital signature is defined in Section 2(1)(p) of the Information Technology Act,2000. A digital signature is a mathematical algorithm that is regularly used to validate the originality and if the message is true and genuine. A digital signature is a computerized fingerprint that is distinct to a person or independent organization and it is used to protect the information in the digital message or document. In the case of emails, the email itself becomes part of the digital signature. In simple words, a digital signature is a present-day alternative to the traditional way of signing documents on paper with ink. A digital signature is a kind of electronic signature that is used to verify the name of the sender of a message or the signer of a document. It makes sure that the document or message is genuine and the documents that are sent are untouched. Digital signature gives 2 algorithms. Private key or user secret keyVerifying signature that includes the user’s public key. The output of the signature process is called the digital signature. Under Information Technology it is relevant to describe the basis of cryptography. So, public-key cryptography is the method accepted by the IT Act to protect any computerized document. Public key cryptography is the creation of cryptography that permits users to exchange without any danger to access shared secret keys. Authentication using Digital Signature The verification of electronic records is done by creating a digital signature that is a mathematical expression of subject matter in a message. Cryptography secures the privacy of data by replacing it with a changed version that can be redone to reveal the original data only to someone who has the proper key. A key is an arrangement that manages the operation of cryptographic transformation. It involves 2 processes i.e., encryption and decryption. Encryption is the process of modifying a plain message into a cipher text. In decryption, the several of chipper text into the original message. Digital Signature Certificate A digital signature certificate (DSC) is equal to a physical or paper certificate. DSC is a procedure to show the authenticity of electronic documents. It is needed to be presented electronically to show the identity, access information, or sign document digitally. The Central Government has appointed the Controller of Certifying Authority that will grant a license to the Certifying Authorities to issue DSC to the user. Types of Digital Signature Certificate There are 3 types of digital signatures based on security level i.e. class 1, class 2, and class 3 certificate. Class 1 certificate: It is not legally recognized. It is based on confirmation of valid email and not direct verification. Class 2 certificate: This is based on the identification of the person that is required to be verified against a reliable pre-verified database. Class 3 certificate: is a person in the presence of the Registration Authority proves his identity. Lastly, businesses in India are using digital signatures to sign documents like invoices, reports, contracts, agreements, HR letters, and other such documents. Features of Digital Signature AUTHENTICATION It means that the digital signature will help the receiver to recognize who has sent the message or authenticate the source of the message. INTEGRITY It may be so that while sending the message the document may get altered in this case the receiver will be able to know the originality of the message. NON – REPUDIATION The sender cannot refuse that he did not send any message. Advantages of Digital Signature DIGITAL SIGNATURE ARE SECURE Digital signatures using cryptographic algorithms cannot be copied, unlike handwritten signatures which can be forged and copied. Slightest, change to a digitally signed document makes the signature invalid. DIGITAL SIGNATURE ENSURES AUTHENTICATION It means that an electronic document signed will be legally valid, which stands in court just like any other paper document. DIGITAL SIGNATURE ENSURES NON-REPUDIATION The digital signature is created using a distinctive set of algorithms within a digital certificate issued to the signer after doing analysis by Certifying Authority. The signer is the true authorizer of his authentication (signature). LEGALLY VALID IN MOST COUNTRIES A digital signature is legally valid in most of the countries that have laws on e-signature. Though it recognizes electronic signature the need to have a highly secure digital signature for signing an electronic document COST EFFECTIVE AND EFFICIENT New businesses and governments are welcoming the concept of digitally signing the document to make or have paperless transactions, with the implementation of e-signature, the entire process has become convenient, effective, has reduced the cost, and documents are secured. TRACKING DIGITAL SIGNATURE DOCUMENT Any digital document that is digitally signed can be traced effortlessly and located in a short time. TIME -STAMPED OF DIGITAL SIGNATURE Time stamping will allow the digital signature to give a clear indication of when the document was signed. SPEED With e-signatures, it has become easy for the parties to sign any documents with a digital signature, as they don’t have to wait for the paper document to receive it from the courier. Any contract can be signed by the concerned parties instantly no matter where they are geographical. Disadvantages of Digital Signature EXPIRE Just like any other electronic device or technology it’s based and dependent on the technology. In times of rapid growth of sophisticated technology, many such products have a short life. SOFTWARE The sender and the recipient have to purchase the verification software for the working of digital signature. COMPATIBILITY The standards of digital signature are different and most of them are contradictory to each other and create confusion while sharing digitally signed documents. Documents on Which Digital Signature is Valid Certain documents need a notarial process or the documents are required to be a physical signature. Some documents are also required to be registered by the Registrar or sub-registrar to be legally enforceable. Negotiable instrument such as promissory note or bill of exchange other than cheque.Trust deedsPower of attorneyA Will and testamentary depositionReal estate contract (lease/ sales agreement) Electronic Signature The electronic signature or e- signature is equal to that of a handwritten Signature under the Information Technology Act, 2000. Though there are few exceptions to it. The act permits signing any document using e-signature. An e-signature must meet certain conditions and it needs to be studied before it is used by any individual. According to the US Federal ESIGN Act, electronic signatures are defined as: “Electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record.” Two types of E-signatures Electronic signature joined with an Aadhar identity number with electronic know -your- customer (e-KYC) method. It is also known as e-sign online electronic signature service.Digital signature is set up by an “asymmetric crypto-system and hash function”. The signatory is given 1-2 years of digital ID which is stored on a USD token, along with personal PIN to accent the document. Additional conditions to be fulfilled for the two types of e-signature The signatory e-signature must be unique. This particular condition is fulfilled with certificate based digital ID.The signatory should have access over the data used in creating the e-signature at the time of signing. Any changes made to the e-signature should be removable on any document to which such e-signature is affixed.All the financial records should be checked while signing.Signer certificate will be issued by Certifying Authority (CA) identified by Controller of Certifying Authorities appointed under the IT Act. Validity of Electronic Signature Any person when signing a particular document with Electronic signature his ID has to be linked .Electronic signature is based on an audit trail.The person should have control over the date created that is being made to sign with an electronic signature. Government’s Use of E-Signature Authorities like the Ministry of Corporate Affairs, the Department of Revenue, and the Ministry of Finance agree on electronic records authenticated using a digital signature. When it comes to e-filing the mode which is agreed by the Ministry of Corporate Affairs, income tax or service tax filing is digital signatures. The RBI has permitted small finance banks and payment banks to depend on electronic authentication for confirming the terms and conditions. It allows one-time PIN (OTP) based eKYC for onboarding customers by all regulated entities, subject to certain conditions. Conclusion In the present era of technological development and the advent of online transactions which are taking place on a day-to-day basis are on rising, the aim of the Government of India is to make India a paperless economy with online transactions currently in trend. Still today physical signatures are valid in certain conditions. More people need to be aware of electronic signatures who are into business. Though there is still confusion in the minds of people. They have misconceptions regarding the similarity of both signatures but both digital signatures and electronic signatures are different. Post Views: 26,594 Related Technology Law