Digital Signature - Rule Of Thumb
With the evolve of the Cyber space in our day-to-day routine, we the human
being are going deep into this cyber eco-system with a rapid pace, and the
concept of digital signature is one of them, now days we have more into this due
to UIDAI systems mandatory all over the India. And the Covid-19 play as a gas in
fire work, which really pace high of the use of Digital Signature in our
day-to-day life. Whether it is opening a demat account for investing or get
beneficiary in any government projects or subsidiaries.
People are more like to prefer the online options rather than long queues
outside of the campaign place or government designated offices. And this
instigates the use of the digital signature or e-signature use across the
country.
History and Background:
When you hear the word digital signature, you can assume that the latest
addition to the list of sudden technological leaps. Is easy to accept When you
hear about digital signature. However, the pandemic of COVID-19 has only
highlighted its importance. For quite some time, the idea of a digital signature
exists. In 1976, American cryptologists Whitfield Diffie and Martin Hellman
first proposed the notion of electronic signatures. In their research paper New
Directions for Cryptography, concepts such as public key cryptography and
digital signatures were presented.
The cryptosystem called the RSA algorithm (Rivest-Shamir-Adleman algorithm) was
created in 1977 by Professor Ronald Rivest, Adi Shamir Israeli encrypter and
Leonard Adleman American computational scientist. This algorithm uses prime
numbers, modulos, digital signatures and many more to securely transmit data.
This was the first instance that an electronic message was attached to a digital
signature in real life. While this was relatively slow, in 2002 the Turing Award
was presented to Leonard Adleman for this algorithm.
Besides this in 1999 another ground breaking notes were invented name as Lotus,
which was a digital signature floated around or embedded around a pdf. This one
was acquired by IBM from the Notes Technology, who were the inventor of this
technology.
What is Digital Signature?
A digital symbol is a method of validating the validity and integrity of a
message, software or digital document. This is the digital equivalent of a
handwritten signature or seal, but offers much greater intrinsic security. A
digital signature is meant to overcome the problem of digital communications
manipulation and impersonation.
Or,
An algorithm to confirm a signature that either accepts or rejects the
authenticity claim of the message given the message, public key and signature.
It requires two main qualities. First, a fixed message and a fixed private key
can verify the legitimacy of a signature by using a public key. Second, without
knowing the private key of that party, it should be computer-ineffective to
create a true signature for a party.
Evidence of origin, identity and status for electric documents, transactions or
digital messaging may be provided via digital signatures. Signers may also use
them for the purpose of recognition of informed consent. Digital signatures are
recognised legally binding just like conventional or the ordinary handwritten
signature in many states, including India, USA, EU etc.
Techniques that are used for Digital Signature:
Various methods are used in making e-signatures worldwide; the UNCITRAL model
provides a list of valid methods. Cryptography is the basic technique in the
design of e-signatures. Cryptography is a common phenomenon that has been used
for a long time to secure important messages. The cryptography encrypts or
codifies the message that must be preserved into a format that cannot be legibly
read by ordinary people and can only be read by the individual with the
knowledge required to decrypt a code.
Public Key Infrastructure Technique (PKI)
The PKI method is now one of the most prevalent and legally accepted techniques
for the design of electronic signatures in several countries worldwide, in
particular the USA and Germany. In the formation of e-signatures, the key
technique uses two separate keys. These are private and public keys.
Symmetric Cryptography Method
Two keys are also used in symmetric cryptographing to preserve messages. The
sender and the receiver have two keys, so the message can be read by only two
parties. This method is widely used in online business contracts where only two
parties are involved.
Asymmetric Cryptography Method
This method uses two different keys, the private and the public keys and both
parties have the keys. The public key is available to the general public, while
the private key is only available for the user in question. This technique is
used with customers in government programmes and business programmes, where one
party deals with a large number of people. India employs this method, as laid
down in the IT Act, 2000.
How it works:
Electronic Seal:
Electronic seals are unique data which identify the electronic seal entity and
are linked to the content of an electronic paper. By means of various procedures
and tools, electronic seals may be executed. Electronic screen can, for
instance, be executed with a pin code using smart cards. If organisations
require a large number of documents to be screened, several people may access
the screening system, for instance through personal pin codes.
In addition, mass sealing cards permit the performance on a large scale of the
electronic seal.
Electric time stamp:
Instead, electronic time stamps are the result of a procedure that guarantees
the date and time of the electronic document. A system software is provided to
someone who requires an electronic time frame and provides the following rapid
steps:
The fingerprint file is sent to the time stamp providers, which is a code that
identifies the file (also referred to as hash code)
The time stamp providers certify the print and its date/time by applying their
digital signature for example;
A fingerprint certified shall be returned to the person who requested a time
stamp. In concrete terms, a certificate is received stating the date and time of
the corresponding electronic document.
Advantages of the Digital Signature:
Identity: Electronic signatures help an individual in the digital world to gain
identity. It means that he/she is uniquely accepted and cannot be misused.
Secure: digital and cryptographic signatures cannot be validated with ordinary
authentication procedures. Thus, it is unlikely to be manipulated.
Swift: Digital-based, quick and hassle-free working. Thanks to these
e-signatures, companies are nowadays widely used in the field of business, where
the work is fast and safe. In the majority of cases, full documents are approved
in minutes, in contrast to normal paperwork days or hours.
Recording: e-signatures contribute to better maintaining an individual's
personal records. Today in our country, many national entry tests use
e-signatures to upload individual documents.
Green: Finally, e-signatures can benefit our environment in the long term. It's
a method of saving paper. Today, when thousands of trees are cut to form paper
every year, the use of e-signatures can be a significant step towards
environmental protection.
Besides that:
In high volume and cross-border transactions, electronic trust services
guarantee significant time and cost savings, allowing simultaneous document
execution, wherever in the world the signatories are.
The use of QES (in EU) to seal these documents via automated process is made
possible by companies and organisations that process a broad range of electronic
documents, for example leasing companies, banking companies and public
institutions.
These are some of the advantages of the Digital signature.
International Laws on Digital Signature:
In 1998, the United Nations pointed out the need for a legal framework to
address e-signatures in the recent years for an increased number of transactions
in cyberspace. In addition, there was considerable doubt as to the legal impact
of such authorisations on the matter constantly discussed by the persons
concerned and the courts in various nations. Thus, the problem was dealt with
using a uniform legislative approach.
Consequently, 2001 was adopted the UNCITRAL Model Law on Electronic Signatures.
This complete document, amongst other things, sets forth some basic standards
and procedures for Member States to follow while drafting their law on
e-signatures, in their own legislative house.
Under accordance with Article 6 of the UNCITRAL Model Act, there are specific
requirements of an electronic signature that must be ensured by each member's
state in its local law:
Trustworthiness: First of all, the E-signing must be trustworthy, so that
specific criteria can also be trusted. An E-signature can be regarded as
reliable only if it has:
Retraceable: The technique employed in the production of technology allows you
to quickly connect the message to the original source (creator).
Controllable: The technique utilised must be so controlled by the source.
In addition, the technique must be such that even after the signature has been
applied any inappropriate alteration of essential data can quickly be
identified. The most complete text now is the UNCITRAL Model legislation on
electronic signatures
Legal Scenario in USA:
Legislation of electronic signature applicable here:
ESIGN (Global and National Trade Electronic Signatures) and UETA Act (Uniform
Electronic Transactions Act)
Short legal overview:
To facilitate the adoption of electronic signatures the US federal government
passed the ESIGN Law of 2000 (Electronic Signatures in Global and National
Trade). Moreover, 47 U.S. states, the Columbia District, Puerto Rico, and United
States Virgin Islands adopted UETA.
Legality of electronic signatures in this jurisdiction:
Whilst the regulations authorise practically any kind of agreement to utilise
electronic signatures, the consent of businesses must be obtained before they
conduct their business electronically from all parties concerned.
ESIGN Law and UETA both give electronic signatures the legal status of the
traditional wet-ink signatures within the United States. They preclude validity
or enforceability denial only because it is electronically available.
Key Exceptions:
Both ESIGN law and UETA exclude transfers of property, testaments and other laws
among e-signature-linked documents.
Legal Scenario in EU laws:
EU Member States (Austria, Belgium, Bulgaria, Croatia, Greece, Hungary, Hungary,
Ireland, Germany, Greece, Latvia, Lithuania, Luxembourg, Malta, the Netherlands,
Polish-Romania, Slovakia, Spain, Portugal, Sweden, Sweden, Romania, Hungary,
Cyprus, Spain, Croatia, United Kingdom.
Legislation of electronic signature applicable here:
Regulation on eIDAS (Electronic Identification and Authentication and Trust
Services)
Short legal overview:
When eIDAS entered into force on 1July 2016, the E-Signatures Directive was
replaced and any existing EU legislation that is incompatible with eIDAS was
amended automatically. It set up a standard legal framework for e-signature
recognition throughout the European Union. Article 25 stipulates, as evidence in
legal processes, that all electronic signatures and verification services are
accepted.
Legality in this jurisdiction of electronic signatures:
Electronic signatures shall be valid as long as all parties involved in the
electronic transaction receive their prior consent.
Key Exceptions:
This law does not have any essential exceptions.
Legal Scenario in Canada:
Legislation of electronic signature applicable here:
Law on the protection of personal information and electronic documents (PIPEDA)
Short legal overview:
For practically any sort of agreement, PIPEDA allows the use of electronic
signatures. However, before conducting business electronically it is necessary
for companies to secure authorization from all parties involved. PIPEDA also
specifies how the privacy and security of consumer information is to be treated.
Legality in this jurisdiction of electronic signatures:
In the same status as conventional wet ink signatures, electronic signatures are
given.
Exceptions Key:
Real estate agreements, voluntary agreements and attorneys' powers are immune
from this legislation.
Legal Scenario in India:
The Indian authorities took the initiative of dealing with electronic signatures
in the country, acknowledging the UN observation in 1998. The IT Legislation of
2000 is an act by which the notion of e-signatures was first established in
India. No e-signature recognised by statute or court ruling before 2000. The
e-signature in accordance with the 2001 UNCITRAL Model Act is contained in the
IT Act.
Paragraph 2(a) of the IT Act defines what an e-signature is. It defines an
electronic record that is authenticated electronically by the subscriber by
means of a digital signature technique as indicated in the second schedule.
Under the IT Act, the country's central government has the authority to declare
or disregard the specific technique and must comply with the UNCITRAL Model
Code.
Offenses associate with E-signature:
The digital world is at the height of its limit, a new technology is coming
every day and another technology is coming the very following day which can
manipulate the previous one. As e-signatures represent one's identity, most of
the related crimes are based on identity. Certain specific crimes that
e-signatures could be committed are:
Theft of identity
It requires the creation of false, fraudulent electronic signatures, etc. Theft
of identity is an offence punishable in accordance with Article 66C of the IT
Act. The section provides for a penalty of up to three years' imprisonment for
the offence.
Misrepresentation
Simplistically speaking, the misrepresentation means the removal of vital facts
to get contract consent electronically in this case. If a person suppresses the
essential facts of an electronic act, it is the misrepresentation. In the case
of e-signatures, Article 71 of IT law imposes a penal offence on
misrepresentation.
False e-signatures publishing
It is punishable by Article 73 of the IT Act. In either case, e-Signatures not
permitted by the Source can be published by a person or e-signature can be
revoked prior to being published.
False e-signatures creation
Many unscrupulous programmers are now illegally accessing people's personal
documentation and creating false e-signatures. Section 74 of the IT Act imposes
a punishable offence on the establishment or publishing of false e-signatures,
punishable from two years' prison term to fines of up to 1 lakh of rampant.
New Updates regarding this by govt. of India:
Recently, India's government has launched the E(Sign) programme, one of the
world's largest initiatives. The programme aims to give Aadhar card holders in
the country e-signing facilities. It will be helpful to open bank accounts and
to use other services where documentation is required. Therefore, the outlook
for e-signatures in India is clear. With more internet services spread
throughout the country, e-signatures will increase. While technology boasts a
reliable and reliable approach, new challenges are inevitable in the emergence
of new technologies.
Conclusion:
Electronic trust services provide business operators with a good chance to
simplify processes while enhancing the reliability of processes. This can only
be achieved if the risk assessment is effectively carried out on a case-by-case
basis.
In order to balance legal certainty and the need to simplify enterprise
processes without jeopardising efficient risk management, both legal and
technical issues are to be taken into account.
Law Article in India
You May Like
Please Drop Your Comments