A signature in general refers to the intention of acceptance to the information contained in a particular document. For the transactions that take place online, it is impossible for rendering the hand-written signature. For the same purpose, a concept called electronic signature is invented in the digital world. Such electronic signature signifies the consent and acceptance given by the signatory, thereby making the customer bound by the same. E-signatures reflect the authenticity of a transaction. Electronic signature is created by cryptographic digital data and it is impossible to forge such e-signatures. Since the digitalisation of India has started to increase digital activities, it gradually has given rise to the usage of e-signature for various online transactions too.
For the creation of e-signatures under the cryptographic process, there are public key and private key for a digital certificate. The public key is the one which can be shared with others for encrypting any document, and the private key is only used for decrypting any digital document. For example, when X sends mail to Y, the user X is sharing his public key, i.e., the email id in this context to another person, Y. But he does not share his private key to Y. So, when Y wants to access the email, he does so by using his own private key. That means, he decrypts the documents using the public key of X and private key of Y. Under any circumstances, the private key should not be shared with any other person. This ensures protection to digital content. This whole process is run with the help of hash function software. There will be a separate hash code for every digital document, and any interception of the document by an unknown person can be traced easily. The hash functions of both the original and doubtful documents at the end of the documents must be checked in such circumstances to identify any misuse.
Certifying authorities are entities that issue digital certificates. They are appointed by Government and guided by strict regulations of Government. There are at present 9 licensed certifying authorities in India who can issue the digital certificate with respect to the e-signature. This creation of digital documents done only by the certifying authorities is considered trustworthy because of them being regulated by the Government. The Controller of Certifying authorities owns an official website wherein all the details regarding the digital signature certificates are recorded. Certifying authorities are governed by the (Certifying Authority) Rules, 2000.
Electronic Signature under Indian Law
- Electronic Signature has been brought into existence under Section 3A by the Information Technology (Amendment) Act, 2008.
- Section 5 of the Information technology Act, 2000 considers the e-signature on par with physical signatures when they are done in the manner prescribed.
- They are also admissible as evidence in the court of law as per Section 65-B of the Indian Evidence Act, 1872.
- Section 67A of Indian Evidence Act, 1872 says that a signatory has to demonstrate that the electronic signature belongs to him, in case of any dispute related to e-signature on any document arises.
- Section 66C of the Information Technology Act, 2000 renders punishment and penalty for identity theft, which also includes an electronic signature.
Since the leap of growth in digital transactions has taken place, the need for electronic signatures also increased. To make sure the transactions entered into are not fraudulent, there must be e-signature attached to the document to prove the authenticity with regard to the identity of a person. He is bound by terms of the document when he renders the e-signature. For the safety of the e-signature, the private key must be kept secret not to let anyone misuse it. Hence, getting a certificate of digital document for e-signature from a certifying authority increases the trust and let them transact with as many people as possible, online.