In today’s digital era, people are slowly going paperless for environmental issues and personal convenience. We prefer to check the bills online rather than have them delivered to our address. Even companies are charging extra to send physical copies of a bill or a receipt.
Continuing with the trend, traditional physical signatures, which were a unique representation of a person’s identity, are replaced by digital signatures. The signature on the document reveals the identity of the person. The signature is used in various day to day transactions as we make payments or send notices, etc.
For an illiterate, the thumbprint is considered as a signature. While no two thumbprints are the same, forging the signature has become easy. With increased crimes related to forgery and tampering and the lack of any substantial evidence for online transactions, the government has decided to find a solution.
The Information Technology Act 2000 introduced the concept of digital signature based on UNCITRAL Model Law on Electronic Signatures 2001. The purpose of digital signature online is the same as the purpose of a traditional physical signature. An electronic signature ensures that the transaction is legitimate and authentic.
A digital signature cannot be forged. The person doesn’t have to physically deliver the documents at the destination. Digital documents can be sent to any part of the world. According to Section 2 of IT Act 2000, a digital signature is described as,
‘Authentication of any electronic record by a subscriber by means of the electronic technique specified in the second schedule and includes a digital signature.’
A digital signature is created and verified using PKI technology (Public Key Infrastructure), where a public key and private key are used to encrypt and decrypt the information. To keep the information safe, the encrypted public key can be decrypted only when the corresponding private key is used and vice versa.
Legal Acceptance and Recognition of Digital Signature
According to Section 3 of the IT Act 2000, electronic records can be authenticated using digital signature online. The technological requirements for the digital signature are provided in this section. An asymmetric cryptosystem and a hash function for authentication should be used for a digital signature to be valid. The purpose of this system and function is to prevent the corruption or tampering of the digital signature by converting it into an unreadable format.
In Section 5 of the IT Act 2000, the provisions for legal acceptance of a digital signature have been provided. The digital signature has been given the same importance as a physical handwritten signature.
Misuse of Digital Signature
Various sections have been drafted to identify and deal with frauds related to the digital signature. For example, Section 66 of the IT Act 2000 deals with the punishment for identity theft using a digital signature. Section 73 deals with the offense of publishing a digital signature with false particulars. While digital signatures have made it easier to conduct transactions online, steps need to be taken to add more security features to the system.