As the name suggests, a digital signature certificate is a digital form of an actual physically drawn certificate, only here, certificate refers to proof of identity. Day-to-day used proofs of identity include, passport, voter ID, driving licence, etc. Such documents can be used as proof of identity of an individual as well as an organization. Similarly, a digital signature certificate is a digital identity- proof certificate used to access information or services on the internet as well as sign documents online manually.
A digital signature certificate validates an individuals’ electronic identity. It ensures confidentiality of classified online transactions. It can be used to encipher content and ensure that none other than the intended receiver is able to access it. Furthermore, the sender can digitally sign the content to assure the receiver that it has not been edited during the transit and also verify their identity as the sender.
To organizations, a digital signature certificate is used in eTendering, eProcurement, e-filing income tax, e-filing income tax returns, etc. Confidential documents (MS Word, MS Excel, PDF’s), such as during company mergers or even everyday exchanged reports that are exchanged, can be signed and secured using digital signature certificate.
A digital signature certificate links the identity of a person with two keys; public and private. It contains the users’ information such as their name, pin code, email address, date of issue, etc. The two keys work only when both are present. They are used by browsers and servers to code and decode the information of the certificate users’ identity. The private key is the one that is installed in the certificate carriers’ computer hard disk or an external storage device. The user holds control of the private key that can be used only post an issued password verification. The public key is embedded along with the digitally coded information. The authentication process of the two will automatically abort if either of the keys fails to match the other. The coded data remains untouched in case of failure of authentication. This process safeguards the encrypted data from access to unauthorized parties.
Digital signature certificates, like most digital facilities, have a predefined date of issue and expiration. When the certificates are used to access information on the internet, the validity is always checked prior to provision of access. This expiration of the certificate is mainly to manage a certificate revocation list. The certificate is removed from the revocation list once its expiration date arrives, thereby halting the access to the required services. Digital signature certificates are issued by licensed Controller of Certifying Authorities (CCA) working under Ministry of Information Technology and licensed Registration Authorities (RA) as per the Information Technology Act.
Tailored to the needs of use, there are broadly four classes of digitally signature certificates that are issued by certifying authorities, a Class 0 Certificate is issued for demonstration and testing purposes; a Class 1 Certificate is issued to individuals and private subscribers. This certificate confirms that a user’s name and email address are assigned to a single individual within the certifying authorities’ database; a Class 2 Certificate is issued are issued to business persons as well as for individual private use. They make sure that the data in the application of the subscriber does not in any way contradict with information in the consumers database; lastly, a Class 3 Certificate which is also issued to individuals and organizations are highly encrypted and intended for e-commerce applications. They are issued by the certifying authorities strictly post their physical appearance and application submission before them.
In conclusion, digital signature certificates provide obvious benefits such as reduced cost, time-saving, convenience and authenticity of data in a secured orderly manner as defined by the Government.