Contribution of DSC in e-Governance

As the world is turning digital, DSC is growing in popularity and is being widely used to sign documents. They are easily transportable, unduplicated, and automatically time-stamped. DSCs can be widely used in any type of document signing, whether or not encrypted.

Requisites to apply for a DSC

A Digital Signature Certificate can be issued by any licensed Certifying Authority (CA) conforming to the rules and regulations as set by the Indian IT Act - 2000. Registering and obtaining a DSC from a CA is very easy. Here are three processes through which you can acquire a DSC:

• The applicant with their original documents can approach the CA directly. These documents may be needed for verification purposes.
• Company Secretary
• Whether the applicant or the CA belong to different locations or they are working at a different time zone altogether, you can easily apply for a digital signature certificate online This virtual application is possible through Aadhar e-KYC where no supporting documents are required.
• An applicant can also produce a certificate issued by the Bank mentioning the requirement of a DSC. In such a case, the bank official needs to verify the digital signature and the certificate must be certified by the bank manager.

What is e-Governance?

Electronic Governance or e-Governance is the functioning of the government using Information and Communications Technology (ICT). It is the government’s initiative to move towards Simple, Moral, Accountable, Responsive and Transparent (SMART) governance. E-Governance facilitates the transaction between various stakeholders, which include G2C (Government to Citizens), G2B (Government to Business), G2G (Government to Government), and G2E (Government to Employee.

Incorporation of Digital Signatures in e-Governance

NeGP or National e-Governance Plan is a digital initiative by the Government of India in order to make government services easily accessible to the common man, in order to ensure efficiency, transparency and reliability of such services. The implementation of the NeGP scheme has made it possible for various government services to easily adapt to the new digital age, which helps them to efficiently and effectively carry out their business activities. With so much documentation going digital, the utmost necessity was to make it secure. Digital signatures were found as the solution to serve the purpose of securing these important documents with legally enforceable signatures. It proved to be a cost-effective solution for slow and expensive paper-based approvals.

How does a Digital Signature Work?

Digital Signatures use a Public Key Infrastructure (PKI) to generate two keys, Public and Private Keys, for the DSC owner. With cryptography, these keys are used to encrypt and decrypt the document. The public key can be shared with everyone, keeping the private key confidential with the owner. When an online document is signed digitally, the sender uses the private key to verify the authenticity of the digital signature, and the receiver uses the sender’s public key to view the document. This functionality in Digital Signature Certificates ensures that the documents shared/exchanged between the parties remain secure and the content in these documents remain unaltered.

Important Features of Digital Signatures

Digital Signature Certificates provide three main features:

• Authentication - It is easy to identify the origin of a message because of the public key cryptography. And with a valid signature it is possible to identify the sender.
• Integrity - The Public Key Infrastructure again helps to ensure that the message is encrypted and decrypted within the parties involved in the transmission of a message and that the content of the message in the process is not altered.
• Non-repudiation - Once the signature of a sender is verified and authenticated, it can be used to sign any document for innumerable times. A sender who has signed a document cannot later deny signing it.

Public Key Infrastructure (PKI) in India

The Government of India has formed a hierarchical structure for the PKI to lay the foundation for secure online communication and ensure its authenticity and privacy. At the top of the hierarchy the Controller of Certifying Authorities (CCA) functions both as the apex authority and the Root Certifying Authority of India (RCAI), who is responsible for issuing the Public Key Certificates to licensed Certifying Authorities known as CA. The role of CAs is to issue the Digital Signature Certificates. There is the Registration Authority (RA) who verifies a Certifying Authority before a Digital Signature Certificate is issued to an applicant. Within this process of verification, the RA processes the requests of the applicants, confirms their identity and documents them into the user database.

Examples of e-Governance Applications who use Digital Signature Certificates

Key Takeaways