How Does a Digital Signature Work?
DSCs (Digital Signature Certificates) are computer-generated files that are issued by Certifying Authorities (such as Pantasign CA, Safescrypt, E Mudhra, Capricorn, Verasys, and IDSign CA) upon submission of the required documentation. These days, we can easily and effectively file online applications and returns thanks to this handy tool.
The Functions of a Digital Signature?
Any document can be authenticated digitally by using a Digital Signature Registration Certificate, i.e. by signing it digitally. A digital signature must be obtained based on individual requirements, and there are three classes:
| Sr. No | Class of Digital Signature Certificate | Purposes | Illustrations |
| 1 | Class 1 | The information provided in the application is checked against the well-recognized consumer database, which is the Certifying Authority. A document is not validated or signed with it. | Test purposes, such as verifying the contact information of a person. |
| 2 | Class 2 | This Certificate provides assurance in an environment where the risk of data assurance is moderate, i.e. it involves substantial monetary risk. In addition to validating a document, it also holds validity when signing a document digitally. | Filing GST returns, Income Tax returns, Provident fund returns, etc. |
| 3 | Class 3 | There is a high probability of fraud risk associated with this signature, which provides a high level of assurance. Personal (physical) appearance is required for the issuance of these certificates. | E-bidding, tender filing, etc. |
Misuse of a digital signature certificate has what legal consequences?
- Section 66C of the Information Technology Act, 2000 punishes identity theft. It is punishable with imprisonment of either description for a term which may extend to three years, or with a fine up to rupees one lakh for the use of an electronic signature, password, or other unique identification feature of any other person who acts fraudulently or dishonestly.
In order to obtain a license or electronic signature, it is illegal to misrepresent or suppress material facts. – It can be used in the following situations:
- Persons who misrepresent themselves to controllers or certifying authorities
- The controller or certifying authority may be misled if a person suppresses any material fact
Attempting to obtain any license or electronic certificate by misrepresenting or suppressing material facts is punishable by up to two years’ imprisonment and up to rupees one lakh in fine. Controllers and certifying authorities should receive correct and complete information. A violation of section 71 of the act is presenting false, incorrect, or misleading information.
A publication of an electronic signature that is false in certain respects is in violation of Section 73. False particulars in an electronic certificate can be published in the following situations:
- A certificate of electronic signature that has not been issued by the certifying authority is published.
- The publication of an electronic signature certificate that has not been accepted by the actual subscriber.
- Revoked or suspended electronic signature certificates are published.
The Act provides that if an electronic signature certificate is created, published, or provided for fraudulent or unlawful purposes, it may be imprisoned for a period of two years or fined up to one lakh rupees.
1860 Indian Penal Code
Forgery is punishable under Section 463 of the Indian Penal Code, 1860. Those who fabricate false documents or false electronic records, or parts of these documents or electronic records, with the intent of causing damage or injury, or supporting a claim or title, or causing anyone to part with their property, or entering into any express or implied contract, or attempting to commit fraud or the possibility of fraud, commit forgery.
Section 463 is explained as follows:
Whenever a document or electronic record affixed with an electronic signature has been made, signed, sealed, executed, or transmitted fraudulently or dishonestly.
Whenever someone alters a document or record maintained electronically or substantially its part thereof without proper authentication, he or she must execute it or affix it with an electronic signature, whether that individual is alive or deceased at the time of the alteration.
It is fraud and dishonest to sign, seal, execute, or alter a document, an electronic record, or affix one’s electronic signature on any electronic record when the person is of unsound mind and is unaware of the contents of the signed document or how the document has been altered.
Forgery is punishable under section 465 of the Indian Penal Code, 1860. A person who commits forgery may be imprisoned for a term up to two years, fined, or both. A Magistrate First Class can grant bail and try this case.
How Can Digital Signatures Be Safeguarded Against Misuse?
Despite being a helpful tool, Digital Signature Certificates are also high risk. The following measures can be taken:
- The token should be kept physically with the person who owns it
- An authorization letter must be obtained before signing any documents on behalf of our clients. This needs to be taken further, e.g. A practicing chartered accountant signing ITRs or other GST returns on behalf of clients since obtaining custody of the token at every filing time might be problematic. It is therefore necessary to obtain a letter of authorization along with its custody
Digital Signature Myths:
“Signing on a paper and scanning it is a digital signature” is a myth that circulates among us. However, this is incorrect and could lead to fraud. The digital signature is actually a token generated by the certifying authority on an application. Signed with the utility of the respective platform, this token identifies the document.
Read more,