R Negi & Company, Chartered Accountants

R Negi & Company, Chartered Accountants

Digital Signature: Everything You Need to Know

by

Digital Signature

A digital signature is a cryptographic mechanism that enables a person or organization to sign electronic documents securely. It ensures the authenticity, integrity, and non-repudiation of digital communications. Digital signatures use encryption technology to verify that a document has not been altered and that it comes from the stated sender.

Unlike traditional handwritten signatures, which can be forged, digital signatures provide higher security by using public key infrastructure (PKI), which ensures tamper-proof verification.

How Does a Digital Signature Work?

A digital signature is generated using a public-private key pair. The process consists of three main steps:

  1. Key Generation

Each user involved in digital signing has a private key (known only to them) and a public key (shared with others). These keys are generated using cryptographic algorithms such as RSA (Rivest-Shamir-Adleman) or ECDSA (Elliptic Curve Digital Signature Algorithm).

  1. Signing the Document

When signing a document digitally:

  1. A hash function (such as SHA-256) is used to create a fixed-length hash value of the document.
  2. The sender encrypts this hash using their private key, creating the digital signature.
  3. The digital signature is then attached to the document before sending it.
  1. Verification Process

The recipient:

  1. Uses the sender’s public key to decrypt the digital signature.
  2. Recalculates the hash value from the received document.
  3. Compares the recalculated hash with the decrypted hash from the signature.
  4. If both hashes match, the document is authentic and has not been altered. Otherwise, it has been tampered with.

This process guarantees that the document is valid and has not been modified since it was signed.

Uses of Digital Signatures

Digital signatures are widely used in various sectors to ensure security and authenticity:

  1. Business & Legal Documents
  • Contracts and Agreements: Legally binding digital contracts in corporate and legal settings.
  • Non-Disclosure Agreements (NDAs): Confidentiality agreements between parties.
  • Business Approvals: Digital approvals for proposals, invoices, and reports.
  1. Government & E-Governance
  • E-Tax Filing: Used in Income Tax Return (ITR) filings.
  • E-Passports & IDs: Secure identity verification.
  • Voting Systems: Online voting authentication and verification.
  1. Banking & Financial Sector
  • Digital Payments: Ensures secure transactions in online banking.
  • Loan Agreements: Paperless lending processes with verified agreements.
  • Stock Trading: Secure trading of shares and financial assets.
  1. Healthcare Industry
  • E-Prescriptions: Verifying doctor-issued prescriptions digitally.
  • Medical Records: Securing patient records and medical history.
  1. IT & Software Development
  • Code Signing: Verifying the authenticity of software updates and downloads.
  • Email Security: Protecting email communication from tampering and phishing attacks.
  1. Education & Academic Institutions
  • Digital Certificates: Universities issue digitally signed diplomas and degrees.
  • E-Transcripts: Secure verification of academic records.

How Digital Signatures Are Created?

Components Required for Digital Signature Creation:

  1. Digital Signature Certificate (DSC) – Issued by a Certificate Authority (CA), proving the identity of the signer.
  2. Public Key Infrastructure (PKI) – A system managing encryption keys and certificates.
  3. Hash Function – Used to generate a fixed-length fingerprint of the document.
  4. Encryption Algorithm – RSA, ECDSA, or DSA (Digital Signature Algorithm) used for encryption.

Steps to Create a Digital Signature:

  1. Select the Document – Open the document to be signed in a digital signature-enabled application (e.g., Adobe Acrobat, Microsoft Word, or DocuSign).
  2. Hash the Document – The software generates a hash of the document.
  3. Encrypt with Private Key – The hash is encrypted using the signer’s private key.
  4. Attach the Signature – The encrypted hash is added to the document along with the public key.
  5. Send the Document – The signed document is sent to the recipient.

Precautions When Using Digital Signatures

To ensure security and prevent fraud, consider the following precautions:

  1. Protect Your Private Key – Never share or expose your private key to anyone.
  2. Verify the Signer’s Identity – Ensure the digital certificate is issued by a trusted Certificate Authority.
  3. Check for Expired or Revoked Certificates – Digital certificates have an expiration date and can be revoked if compromised.
  4. Us e Secure Devices – Sign documents only on trusted computers or mobile devices to avoid malware attacks.
  5. Avoid Phishing Scams – Hackers may attempt to trick you into signing fraudulent documents. Always verify before signing.
  6. Keep Backup Copies – Store copies of digitally signed documents to prevent data loss.
  7. Enable Multi-Factor Authentication (MFA) – Additional security layers help protect against unauthorized access

To generate a Digital Signature Certificate (DSC), the following documents are required:

  1. For Individuals:
    • Identity Proof (PAN Card, Aadhaar Card, Passport, Voter ID, or Driving License)
    • Address Proof (Aadhaar Card, Utility Bill, Passport, or Bank Statement)
    • Passport-size Photograph
    • Email ID and Mobile Number
  2. For Organizations & Companies:
    • Company’s PAN Card
    • Certificate of Incorporation (COI) or GST Registration
    • Authorized Signatory’s PAN Card & Aadhaar Card
    • Company’s Address Proof (Utility Bill, Bank Statement, or Rental Agreement)
    • Board Resolution (for company DSC issuance)
  3. For Foreign Individuals & Organizations:
    • Passport (Mandatory for Foreign Nationals)
    • Proof of Address (Bank Statement, Driving License, or Utility Bill – Notarized & Apostilled)
    • Authorization Letter (For Business Entities)
  4. For Government Employees:
    • Government ID Card
    • Official Email ID and Authorization Letter

Additionally, a USB token (cryptographic device) is required to store and use the DSC securely.

Types of Digital Signatures Based on Class and Validity

Digital signatures are categorized into different classes based on their level of security and intended use. In many countries, including India and the EU, digital signatures are classified into Class 1, Class 2, and Class 3 (though Class 2 has been phased out in some regions).

1. Class 1 Digital Signature Certificate (DSC)

🔹 Definition: Class 1 digital signatures provide basic authentication but do not verify the identity of the signer beyond an email ID or username.

🔹 Security Level: Low
🔹 Validation Process: Only email and username verification
🔹 Issued To: Individuals for basic authentication
🔹 Validity: 1 to 2 years

🔹 Use Cases:
✔️ Basic email encryption
✔️ Non-critical communications
✔️ Logging into certain websites

🔹 Limitations:
❌ Not valid for legal or financial documents
❌ Does not verify the true identity of the signer

2. Class 2 Digital Signature Certificate (DSC) (Phased Out in Some Regions)

🔹 Definition: Class 2 DSC verifies the identity of the signer using official government-issued documents like PAN cards, Aadhar, or passports.

🔹 Security Level: Medium
🔹 Validation Process: Identity verification via government ID
🔹 Issued To: Individuals and businesses
🔹 Validity: 1 to 3 years

🔹 Use Cases:
✔️ Filing income tax returns (ITR), GST, and company registration
✔️ Business transactions and contract signing
✔️ Banking and insurance transactions

🔹 Limitations:
❌ Less secure than Class 3
❌ Phased out in India since 2021 for business and legal transactions

3. Class 3 Digital Signature Certificate (DSC) (Highest Security Level)

🔹 Definition: Class 3 DSC offers the highest level of security and requires in-person verification of identity. It is often used in legal, financial, and e-tendering applications.

🔹 Security Level: High
🔹 Validation Process: In-person verification + government ID authentication
🔹 Issued To: Individuals, businesses, and organizations
🔹 Validity: 1 to 3 years

🔹 Use Cases:
✔️ E-Tendering, E-Procurement, and E-Bidding (government & corporate tenders)
✔️ High-value financial transactions
✔️ Legal contracts and court filings
✔️ Stock market trading and banking authentication

🔹 Limitations:
❌ Requires physical identity verification
❌ More expensive than Class 1 and Class 2

Comparison of Digital Signature Classes

Feature Class 1 DSC Class 2 DSC (Phased Out) Class 3 DSC
Security Level Low Medium High
Identity Verification Email & Username Government-issued ID In-person verification + ID
Legally Binding No Yes Yes
Use Cases Email encryption, basic authentication Tax filings, business transactions E-tendering, legal, stock trading
Validity 1-2 years 1-3 years 1-3 years

Validity of Digital Signatures

The validity of a digital signature certificate depends on the issuing Certificate Authority (CA) and the country’s regulations.

🔹 Common Validity Periods:

  • 1 Year – Short-term security needs
  • 2 Years – Most commonly used duration
  • 3 Years – Preferred for long-term use

🔹 Renewal Process:

  1. Apply for renewal before expiry.
  2. Identity re-verification may be required (for Class 3).
  3. Receive a new certificate with an extended validity.

🔹 What Happens After Expiry?

  • A digital signature certificate cannot be used after expiration.
  • The signer must obtain a new DSC from an authorized CA.

What is the Fee for Digital signature?

​The cost of obtaining a Digital Signature Certificate (DSC) in India varies based on several factors, including the class of the certificate, validity period, certifying authority (CA), and whether a USB token is included. Below is a general overview of the pricing:​

Class 3 DSCs offer the highest level of security and are widely used for e-tendering, e-procurement, and other high-value transactions.

Validity Period Price Range (INR) Includes USB Token
1 Year ₹1,350 – ₹2,599 Yes
2 Years ₹1,500 – ₹3,599 Yes
3 Years ₹2,250 – ₹4,599 Yes

Additional Costs

  • USB Token: Some providers include the USB token in the DSC package, while others may charge separately. Ensure to verify this detail when purchasing
  • Goods and Services Tax (GST):An 18% GST is typically applicable on the DSC price

Factors Influencing DSC Pricing

  1. Validity Period: Longer validity periods generally offer better value, reducing the need for frequent renewals.​
  2. Certifying Authority: Prices can vary between different CAs based on their service offerings and reputation.​
  3. Service Provider Margins: Authorized partners or resellers may add their service charges, affecting the final price.​

Recommendations

  • Compare Prices: Evaluate offerings from multiple CAs and service providers to find the best deal that suits your requirements.​
  • Check Inclusions: Confirm whether the quoted price includes the USB token and applicable taxes to avoid hidden costs.​
  • Validity Selection: Opt for a validity period that aligns with your usage needs to maximize cost-effectiveness.​

Digital signature in Greater Noida

R Negi and Co. is a trusted provider of Digital Signature Certificates (DSCs) in Greater Noida, offering secure and efficient services for individuals and businesses. They provide Class 3 DSCs for e-tendering, tax filings, legal documentation, and other online transactions. With a streamlined application process, competitive pricing, and expert support, R Negi and Co. ensures hassle-free DSC issuance with validity options ranging from 1 to 3 years.