The Office of Controller of Certifying Authorities (CCA), issues digital signature certificates only to certifying authorities (CAs). A certifying authority issues the certificates to applicants after a thorough verification process. SafeScrypt is India’s first and leading certifying authority. It provides SIFY class 2 digital signature certificates (DSCs) and SIFY class 3 digital signature certificates.
SIFY class 2 DSCs can be issued to both business personnel and individuals. The certificates will confirm that the information in the application provided by the subscriber matches the information in well-recognised consumer databases. If any changes are made to the electronically signed documents, it invalidates the signature.
Class 2 digital signature certificates are used for
• Filing income tax returns online
• CERSAI registration
• Filling commercial taxes in West Bengal
• Online transfer claim portal for EPFO
• Email encryption and signing
• Signing form 16
Adweb Techno-Trade Pvt Ltd. is authorised to sell class 2 digital signature certificates online, to government and banking institutions, individuals and private organisations. The buyers could be located anywhere in the world. E-sign, an e-commerce initiative by Adweb Techno-Trade Pvt Ltd., enables businesses to carry out secure online transactions such as online tenders, e-procurement, e-ticketing, encryption of emails etc.
DSCs use the public key infrastructure (PKI) technology. It is a mathematically-proven method of encrypting and decrypting information. The encrypted data can be decrypted only when both a public key and a private key match each other. Safescrypt(Sify) digital signature certificates are stored in Vasco e-tokens. The private key is stored in the device. The owner should safeguard the key against unauthorised users. The private key can be used only with the issued password.
SIFY class 2 digital signature certificates come with a validity of one or two years. Every certificate has a date of issuance and an expiry date. The expiry dates of certificates issued are added to the certificate revocation list (CRL). When a user submits an online application using a digital certificate, validity of the certificate is checked. After the certificate’s validity expires, it is removed from the revocation list. The users are recommended to renew their certificates well in advance if they wish to apply for online tenders or e-procurement in India.
Along with the public key the certificate, contains information about a user’s identity such as the owner’s name, email address, the date on which the certificate was issued and the name of the certifying authority that issued it.
As per the Information Technology Act 2000, digital signatures are legally valid in India.