What is eSign (eSignature)
Currently, several applications or forms submitted by a citizen need a physical signature of the citizen. A digital signature takes the concept of traditional paper-based signing and turns it into an electronic "fingerprint."
This "fingerprint," or coded message, is exclusively unique to both the document and also the signer and binds them along. In short, a digital signature has an equivalent performance as that of a written signature.
A number of the salient features of digital signature are non-repudiation, integrity, and genuineness. The Information Technology Act 2000 provides the desired legal holiness to digital signatures supporting uneven cryptosystems.
e-Sign India Service
Government of India vide its Gazette Notification (REGD. NO. D. L.-33004/99 dated 28th January 2015) has proclaimed a way that facilitates Certifying Authority to supply e-Sign service to citizens who have Aadhaar ID.
The objective of eSign service is to supply online service to citizens for immediate signing of their documents firmly during a legally acceptable form. 2 major challenges concerned are (a) authentication of the user and (b) trusty technique of signing.
Aadhaar based mostly authentication is disbursed to handle the primary challenge and Public Key Infrastructure (PKI) is used to firmly sign the user document and establish trust.
Citizens with Aadhaar ID are going to be ready to upload their documents to the eSign service to get them digitally signed. At the backend, validation of the user is disbursed using the Aadhaar service and generates a key pair (a public key and a private key) for the user, and signs the document. The user is given the digitally signed document and also the Digital Signature Certificate.
C-DAC through its e-Hastakshar initiative allows citizens with valid Aadhaar ID and registered mobile number to carry out digital signing of their documents online.
Easy and secure way to digitally sign data anyplace, anytime - eSign is an internet service while not using physical dongles that give application service suppliers the practicality to certify signers and perform the digital signing of documents using Aadhaar e-KYC service.
Facilitates legally valid signatures - eSign method involves shopper consent, Digital Signature Certificate generation, Digital Signature creation and affixing, and Digital Signature Certificate acceptance in accordance with provisions of IT Act.
It enforces compliance, through API specification and licensing model of Apis, and a comprehensive digital audit trail is established to confirm the validity of transactions, are preserved.
Flexible and simple to implement - eSign provides configurable authentication choices in line with Aadhaar e-KYC service and additionally records the Aadhaar id to verify the identities of signers.
The signature option includes biometric or OTP authentication (optionally with PIN) through a registered mobile within the Aadhaar database. eSign allows millions of Aadhaar holders a simple thanks to accessing legally valid Digital Signature service.
Respecting privacy - eSign makes sure the privacy of the consumer/customer by submitting solely the fingerprint (hash) of the document for signature performance rather than the whole document.
Secure online service - The eSign Service is ruled by e-authentication guidelines. whereas authentication of the signer is carried out using Aadhaar e-KYC, the signature on the document is carried out on a backend server, that is the e-Sign supplier.
eSign India services are offered by trusty third-party service suppliers, presently Certifying Authority. To boost safety and prevent misuse, certificate holder private keys are created on Hardware Security Module (HSM) and destroyed straight off after only one usage.
How eSign Works
Application Programming Interfaces (APIs) define the main fine arts elements and additionally describe the format and parts of communication among the stakeholders like Application Service supplier, Certifying Authorities, trusty Third parties, Aadhaar e-KYC service, and Application Gateway.
This standard eSign modifies Application Service suppliers to integrate eSign API in their Application with less effort. CDAC is functioning as eSign Gateway provider.
Who and where will use eSign
eSign has a versatile subscription Model for individual users, business entities, and Governments. eSign supported OTP (optionally with PIN) level authentication is appropriate wherever risks and consequences of information compromise are low however they're not thought about to be of major significance.
eSign supported Biometric (Fingerprint/Iris) level authentication ideal for and risks and consequences of information compromise are moderate. This could include transactions having substantial cost or risk of fraud, or involving access to private data wherever the probability of malicious access is substantial.
Government use of eSign (E Signatures)
Government authorities such as the Ministry of Corporate Affairs, Department of Revenue, and Ministry of Finance accept digital records authenticated using digital signatures. In the case of e-filing together with the Ministry of Corporate Affairs, income tax, and GST (goods and service tax) filings, digital signatures would be the preferred manner of execution.
The Reserve Bank of India (RBI) has allowed small finance payments and banks Banks to rely on electronic authentication for confirmation of the terms and conditions of the banking relationship. The RBI also allowed a one-time PIN (OTP) based eKYC procedure for onboarding customers with controlled entities, subject to certain conditions.
Which factors make e-signatures valid in India?
Here are the 5 most standards that e-signatures must Satisfy in order to become legitimate, as per the IT Act:
(1) E-signatures must be uniquely connected to the Individual signing the record. This affliction is often fulfilled by devoting a digital certificate-based digital ID.
(2) At the time of signing, the signer should have Overall control over the information used to create the e-signature. Most online e-signature providers allow signers to immediately affix their e-signature into the record so as to meet this condition.
(3) Any modification to this affixed e-signature or The document where the signature will be affixed must be detectable. This is sometimes done by encrypting the document using a tamper-evident seal.
(4) There needs to be an audit trail that details Measures performed during the signing process.
(5) The digital signature certification must be issued by a Certifying Authority (CA) realized by the Controller of Certifying Authorities (CCA) appointed under the IT Act.
How to Apply for eSign (E Signature)?
You are able to create your digital signature in a couple of various ways. Each Signature takes just a few clicks or clicks and will be stored in your HelloSign account for prospective signing. Here are the choices:
1. Yank on your touch with your finger or even a stylus. If you have access to your touchscreen, then you May use your finger to make an email signature directly in your document. This is particularly useful when you're signing on a cellphone Device or tablet computer!
2. Upload an image of your signature. Use Your phone or camera to have a picture of your paper signature. When it's Uploaded to your HelloSign accounts, it is going to be turned into a .png document That overlays neatly over the signature line on your document.
3. Use your cursor to draw out your touch. Using Your mouse or your own touchpad, you can drag your cursor over the touch Line to create a distinctive electronic signature.
4. Use your keyboard to type on your signature. This Is the easiest way to make your electronic signature. As Soon as You've typed In your title, you can select a font that best matches your paper Signature.
What is the fee for licence of electronic signature certificate?
Price list - New Purchase Dsc
Change of Digital Signature Certificate (DSC)
To change Digital Signature Certificate (DSC) information, the Organization need to follow the below process
1) Login with user ID using existing Digital Signature Certificate.
2) Go into the 'Change DSC details option
3) Fill in the required details of the DSC, which needs to be mapped with your own user ID.
4) Select the renewed/Changed DSC.
*Note:- Existing DSC and the DSC that has to be changed is required to be installed in the machine before following the above procedure.
If the current DSC is expired or you are unable to login with registered DSC, the following records are required for modification of the Digital Signature Certificate (DSC):
DSC change ask cum Authorisation Letter
Go To Internet Explorer - Tools -Internet Options - Contents - Certificates - Private Tab (and see certificate) then take the below screenshots.
Please Share above mentioned details to alter DSC to PANemail@example.com
In Order to utilize the new elements for digital signing and verification, Digital Signature Certificate (DSC) based users will be required to abide by the following pre-requisites with respect to the system configuration of the client servers:
1. Windows XP Professional Support Pack 3, Windows 7, Windows 8
2. Oracle JAVA (32-bit) 1.6 upgrade29 or over before java 1.8 update 66
3. I.E. browser version 7,8,9,10 and11
4. SafeNet e-Token drivers used should be the latest (if appropriate )