Deduction under Section 80J
April 23, 2018
Section 14A – Disallowance of Expenditure Incurred on Exempt Income
April 24, 2018

Digital Signature Certificate

Last Update Date : August 14, 2018

A Digital Signature Certificate also usually called as DSC plays a very important role in business transactions. Let us understand what it is and how it can be obtained along with a few important things one should not miss out on.

dsc - digital signature certificate

What is a Digital Signature Certificate?

A Digital Signature Certificate is used to sign electronic documents digitally. It is issued by certifying authorities. It is basically a secure digital key by which the identity of the Digital Signature Certificate holder is proved. The identity of the holder like holder’s name, email, pin code, country, certificate issuance date, public key along with the name of the certifying authority is available in the Digital Signature Certificate.

Classes of Digital Signature Certificate

There are 3 classes of Digital Signature Certificate. The class of DSC applicable to a person is depended on the reason for which it is required and the type of certificate holder. Below mentioned are the 3 classes of certificates along with their applicability:

  • Class 1: This class of certificate gives a basic level of assurance where the risks and consequences of data is involved, however it is not of major importance. It can be used by individuals or private subscribers. It takes care that the information provided by subscribers in the application is not in disagreement with the information available in the consumer database of certifying authority.
  • Class 2: This class of certificate is applicable when the level of risk in the data is of moderate level. It can be used by Individuals, directors or signatory authorities of the company. It is used for e filing with income tax, the registrar of the companies, etc. For individuals it is It is mandatory in the process of filing of certain forms under income tax act or return with the ROC.. This certificate is applicable when transactions of major monetary value, fraud risk, access to confidential information which may have risk of high malevolent opportunities are involved.
  • Class 3: This certificate is applicable when the involved transactions are of very high financial value or of fraud risk. It can be used by individuals and organizations both. However, it is issued to individuals only on their physical appearance before the certifying authorities. These are mostly for e-commerce applications and are used in bidding in e-auctions. This certificate is mandatory for the online tender participants.

Types of Digital Signature Certificate

  • Sign: This certificate can only be used for signing documents electronically. e.g., Income tax returns, MCA etc.
  • Encrypt: This certificate can be used to encrypt documents and upload or share classified information. It is mostly used in the tender portal.
  • Sign and Encrypt: This type of certificate is used for both signing and encrypting documents.

Reasons for Obtaining a Digital Signature Certificate

Digital Signature Certificates are beneficial for Foreign Trade, e-Tendering, e-Procurement, e-Return file, e-filing of ROC, Employee provident fund, PDF signing, Invoice signing etc.

  • E-forms can only be signed by a Digital Signature Certificate
  • Saves time and cost
  • Secure and authentic data

Benefits of Digital Signature Certificates

  • Time Saver: Electronic documents can be signed digitally and can be shared or sent promptly. Here a lot of time is saved from the lengthy process of getting the hard copies of the documents, singing them physically and to share them, getting them scanned and then share through email. The digital signature certificate holder need not be physically present for authorizing a business or transactions.
  • Cost Saver: As explained in the first point, the money is saved due to this paperless concept of signing documents.
  • Data Integrity: The documents are non-editable by anyone once they are signed digitally. This aspect has made the data secure as no one can make changes in the data for any malicious reason. These certificates are often requested for verifying the transaction by the government agencies.
  • Originality: As mentioned in the 4th point, the documents signed by the digital signature certificate cannot be edited afterwards. This aspect assures the receiver that the documents are not fake and are original.

What is a Certifying Authority?

Certifying authorities play a very important role in the process of obtaining the Digital Signature Certificates by an applicant. They are responsible for verification and issuance of digital certificates. They act as a trusted third party who is trusted by the holder of Digital Signature Certificate and receiver of the documents which are signed by Digital Signature Certificate. Certifying Authorities can also create a sub Certifying Authority under them, however, they are not independent legal entities. The Certifying Authorities must keep the application form of DSC for 7 years after expiry of the Digital Signature Certificates.

The Process of Obtaining Digital Signature Certificate

  • Applicants need to fill up the Digital Signature Certificate application form
  • Copy of supporting documents like identity proof, address proof and few other documents are required depending on the type of applicant and the class of Digital Signature Certificate for which the application is being made
  • Provide the Certifying Authorities with the above documents
  • Pay the nominal fee
  • Certifying Authority may,
    (a) after consideration of the certification practice statement or the statement under sub-section (3)
    (b) after making enquiries as they may deem fit
    grant the Digital Signature Certificate or may reject the application. The reasons for rejection needs to be recorded in writing.
  • For issuing the Digital Signature Certificate the Certifying Authorities usually take 3 to 7 working days.
  • Digital signature certificate can also be obtained by Aadhar eKYC based authentication if offered by the Certifying Authorities in which case at times the DSC is issued on the same day if the terms and conditions are fulfilled. Similarly, a letter issued by a bank which is certified by the bank manager containing the DSC applicant’s information as retained in the bank database can also be accepted.

Validity of Digital Signature Certificate

The validity of the certificates is controlled by law and these certificates are valid for a minimum period of 1 year and maximum of 3 years.

Renewal of Digital Signature Certificate

Digital Signature Certificates cannot be reused on its expiry. A fresh application is required to be made on the expiry.

Suspension and Revocation of Digital Signature Certificate

Suspension

Suspension of a Digital Signature Certificate is basically a temporary hold placed on it. The requestor of suspension can also request for the activation of the Digital Signature Certificate. The Certifying Authorities add these suspended certificates to the revocation list. The Certifying Authority who issued a Digital Signature Certificate may suspend Digital Signature Certificate on receival of a request from the subscriber or any person duly authorized to act on behalf of the subscriber. If the certificate issued is not in public interest in the opinion of the Registration Authority or Certifying Authority, the certificate can be suspended by them. It cannot be suspended for more than fifteen days unless the subscriber has been given a chance of expressing his views in the matter. The Certifying Authority shall communicate to the subscriber on the suspension of a Digital Signature Certificate.

Revocation

It is an official cancellation of the Digital Signature Certificate. The Certifying Authority who issued a Digital Signature Certificate may revoke the same on request of the subscriber or any person authorised by him or upon the death of the subscriber or upon the dissolution of the firm or winding up of the company wherein the subscriber is a firm or a company. If the Certifying Authority who issued the digital signature certificate is of the below mentioned opinion subject to the provisions of sub-section(3) and without prejudice to the provisions of sub-section(1), then the certificates can be revoked.

  • A material fact shown in the certificate is incorrect or kept secret
  • A requirement for issuance is not satisfied.
  • private key or security system of the certifying authority was compromised in a way that it affects the Digital Signature Certificate’s reliability significantly.

Revocation cannot be done unless the subscriber has been given a chance of expressing his views on the matter. The Certifying Authority shall communicate to the subscriber on the revocation of a Digital Signature Certificate.

Frequently Asked Questions

What is the cost of obtaining a Digital Signature Certificate?

These costs are depended on the class and validity of Digital Signature Certificate. The entities issuing digital signature certificate are many and there is no standard price for obtaining a Digital Signature Certificate. It can differ for every Digital Signature Certificate issuing entity.

Are the certificates of the signer and the issuing Certifying Authority required for the verification of a Digital Signature Certificate of an individual?

The certificate of the signer and the certifying authorities are required. Series of certificates up to the Root certificate are required. This chain can be a part of the digital signature itself or can be made available to the verifier by the application service provider.

Will the signature be valid after the expiration of Digital Signature Certificate?

The signature will be considered valid if the Digital Signature Certificate was valid at the time of that signature.

Are all classes of certificates required to be issued by all the Certifying Authorities?

It is not mandatory for a certifying authority to issue all classes of certificates. They can choose to issue the any class or classes of Digital Signature Certificates. They are only allowed to issue the certificates to those allowed by Controller of Certifying Authorities and specified in the India PKI CP.

Are self-attested documents accepted by Certifying Authorities for the issuance of Digital Signature Certificates?

Those who wish to apply for Digital Signature Certificate can approach Certifying Authorities directly with the original supporting documents, wherein self-attested copies are sufficient.

Can an electronic record be signed without the signer being aware of it?

An electronic record can be signed without the signer being aware of it if the private key is not stored securely.

In the days wherein, the technology is expanding rapidly, Digital Signature Certificates are making the process of signing electronic documents easier and making it a way more secured process than the physical signing process of documents. The fraud risk gets reduced and the data confidentiality is maintained.

If you have any query related to Income tax or GST, you can ask your questions on the TaxForum by H&R Block where our in-house tax experts will be happy to help you out.

  • Share: 

Still Have Questions?