Digital signatures are given legal recognition under the Information Technology (IT) Act, enabling them to be as valid as signatures on paper. By affixing a digital signature to an electronic document, the writer or owner of the document may establish his rights over its content, and file a lawsuit if the same is violated.
The clause for digital signatures has been defined under Section 4 of the IT Act to primarily facilitate e-governance and e-commerce. Remember, this section of the IT Act overrides other laws, such as the Consumer Protection Act, which tends to become general legislations to facilitate electronic transactions.
Legalities for Creating a Valid Digital Signature
Section 14 of the IT Act has established certain guidelines for creating a valid and secured digital signature.
The section states that at the time of fixing a digital signature:
- It should be unique.
- It’s security procedure must be agreed to by both parties.
- It is capable of identifying all parties or subscribers of the electronic document.
Limits to Recognition of Digital Signature
Digital signatures on all electronic records and contracts are considered valid under section 4 of the IT Act, except in the case of:
- A will.
- A negotiable instrument.
- A document of title.
- A contract for disposition of an immovable property.
- A trust or power of attorney.
- A document notified by the Central Government.
Indian laws, including the Indian Contract Act, require these documents to be written and attested in writing. Further, in India, paper documents are perceived to be far more reliable and trustworthy than electronic documents.
Some may argue that having these limitations on legal recognition of digital signatures would bar the growth of electronic transactions. However, these laws are meant to safeguard the interest of the online visitors.
To obtain a legally valid digital certificate as per Indian IT Act from the licensed Certifying Authorities (CA) operating under the Root Certifying Authority of India (RCAI), Controller of Certifying Authorities (CCA) of India. (http://www.cca.gov.in/) >
Steps for obtaining Digital Certificate
- Visit the site of the licensed CA using internet browser.
- Apply for a digital certificates
- Digital Signature,non-repudiation certificate(used for Signing) and
- Key Encipherment Certificate (used for encrypting Bid Document) with Organization name for the designated individual with organization name.
- Ensure the Digital Certificate is legally valid in India.
- For making payment for Digital Certificate and submission of documents required for issue of the Digital Certificate, follow the instructions on the CA’s website.
Links to some licensed CA’s are provided below:
http://www.tcs-ca.tcs.co.in
http://www.safescrypt.com
http://www.mtnltrustline.com
http://www.ncodesolutions.com
What is a USB Token?
- It is secure Device, used specifically to carry Digital Certificates.
- USB Tokens offer military grade security and the contents are also encrypted internally.
- A virus cannot affect USB Token, and the digital Certificate stored would always be secure.
- When you insert the Token, it automatically copies the certificate to the browser and when you remove the Token it automatically removes the certificate from the browser.
- The Private key never leaves the Token and signing takes place within the Token itself. So, the security is guaranteed.