Why Digital Signatures are Important

Why Digital Signatures are Important

What are Digital Signatures?
Digital signatures are a type of advanced electronic signatures. Digital signatures are used to implement electronic signatures and not all electronic signatures qualify as digital signatures. A digital signature is a mathematical scheme that validates the integrity or authenticity of a given digital document or digital message. The digital signatures prove the authenticity of a digital message or document to a receiver that it has been sent by a known person and it is not tampered with during the transit. These digital signatures have wide usage across software distributions and other financial transactions where detecting fraud, forgery and tampering is essential.

How does it Work?
The data sent over internet needs to be safe, secure and confidential, if the data is sensitive like money transactions, important company documents and other such important data. This can be achieved through encryption of the data. Encryption of a given data is the translation of the data into a secret code language called cipher text. Decrypting this encrypted data requires a secret code or password by encrypting person. Science of cryptography is the basis of all encryption. Encryption is of following two types:
1. Symmetric key encryption – Both encrypting & decrypting the message are done with a single key.
2. Asymmetric key encryption or public key encryption – In this type of encryption, one key is used for encrypting or locking the message called as private key and the other key is used for decrypting or unlocking the message called as public key. Public key encryption makes use of both public key and private key. The private key is only known by the person encrypting the message whereas the public key is distributed and available to all those who want to decode the message. A person decrypts or unlocks a message by using the public key of the sender sent along with the message or document.

Process of Authentication

  • The document and the signature are separated and the document is processed with hash function which creates a second finger print for the document.
  • The public key of the signer is obtained from the certificate repository of certificate authority or it might come along with the document.
  • This public key is used in decrypting the message or document to get the document’s first finger print.
  • If the second finger print of the document does not match with the first finger print of the document, then the document is rendered invalid. In case both the finger prints match, then the signature and the document to which it is attested are considered valid and legitimate.

Uses of Digital Signature

  • You can file your income tax returns with the help of valid documents with digital signatures.
  • For e-filing of company incorporations.
  • The e-attestation by the chartered accountants, company secretaries, and cost accountants are legitimized by digital signatures.
  • E-filing of government tenders requires digital signatures.
  • Trademark & copyright applications require documents with digital signature.
  • E-signing of agreements and contracts require digital signatures.

How you can get a Digital Signature?

A licensed authority who has been granted the license to issue digital certificates by the government can issue digital signature certificate. There are three classes of digital signature:
Class I DSC – Given for individuals for validating the email identification of the users.
Class II DSC – It is given for business organizations or individuals to validate the information given by the subscriber in the application against the information available in a trusted consumer database.
Class III DSC – It is directly issued by the certifying authority and it is needed by the applicant to authenticate, present and prove his/her identity in front of a registration authority.

What is the Validity of Digital Signatures?
According to the ‘Information Technology Act 2000’, the digital signature certificates in India issued by licensed certifying authority approved by Ministry of Information & Technology are valid in India. These Digital Signature Certificates come with an explicit starting date & explicit expiration date. Certificate Revocation List (CRL) manages the digital certificates based on expiration date. The digital certificates whose expiration date has arrived will be removed from CRL. An individual can have two DSC’s, one for his personal identification and another one for official identification.