As the world is turning digital, DSC is growing in popularity and is being widely used to sign documents. They are easily transportable, unduplicated, and automatically time-stamped. DSCs can be widely used in any type of document signing, whether or not encrypted.
A Digital Signature Certificate can be issued by any licensed Certifying Authority (CA) conforming to the rules and regulations as set by the Indian IT Act - 2000. Registering and obtaining a DSC from a CA is very easy. Here are three processes through which you can acquire a DSC:
Electronic Governance or e-Governance is the functioning of the government using Information and Communications Technology (ICT). It is the government’s initiative to move towards Simple, Moral, Accountable, Responsive and Transparent (SMART) governance. E-Governance facilitates the transaction between various stakeholders, which include G2C (Government to Citizens), G2B (Government to Business), G2G (Government to Government), and G2E (Government to Employee.
NeGP or National e-Governance Plan is a digital initiative by the Government of India in order to make government services easily accessible to the common man, in order to ensure efficiency, transparency and reliability of such services. The implementation of the NeGP scheme has made it possible for various government services to easily adapt to the new digital age, which helps them to efficiently and effectively carry out their business activities. With so much documentation going digital, the utmost necessity was to make it secure. Digital signatures were found as the solution to serve the purpose of securing these important documents with legally enforceable signatures. It proved to be a cost-effective solution for slow and expensive paper-based approvals.
Digital Signatures use a Public Key Infrastructure (PKI) to generate two keys, Public and Private Keys, for the DSC owner. With cryptography, these keys are used to encrypt and decrypt the document. The public key can be shared with everyone, keeping the private key confidential with the owner. When an online document is signed digitally, the sender uses the private key to verify the authenticity of the digital signature, and the receiver uses the sender’s public key to view the document. This functionality in Digital Signature Certificates ensures that the documents shared/exchanged between the parties remain secure and the content in these documents remain unaltered.
Digital Signature Certificates provide three main features:
The Government of India has formed a hierarchical structure for the PKI to lay the foundation for secure online communication and ensure its authenticity and privacy. At the top of the hierarchy the Controller of Certifying Authorities (CCA) functions both as the apex authority and the Root Certifying Authority of India (RCAI), who is responsible for issuing the Public Key Certificates to licensed Certifying Authorities known as CA. The role of CAs is to issue the Digital Signature Certificates. There is the Registration Authority (RA) who verifies a Certifying Authority before a Digital Signature Certificate is issued to an applicant. Within this process of verification, the RA processes the requests of the applicants, confirms their identity and documents them into the user database.