- Information Security & Cyber Law
- Cyber Law Home
- Cyber Law & IT Act Overview
- Cyber Law Objectives
- Intellectual Property Right
- Cyber Security Strategies
- Policies To Mitigate Cyber Risk
- Network Security
- Information Technology Act, 2000
- Digital & Electronic Signatures
- Offences and Penalties
- Cyber Law Summary
- Cyber Crimes FAQs
- Cyber Law Resources
- Cyber Law - Quick Guide
- Cyber Law - Useful Resources
- Cyber Law - Discussion
Digital & Electronic Signatures
Digital Signature
A digital signature is a technique to validate the legitimacy of a digital message or a document. A valid digital signature provides the surety to the recipient that the message was generated by a known sender, such that the sender cannot deny having sent the message. Digital signatures are mostly used for software distribution, financial transactions, and in other cases where there is a risk of forgery.
Electronic Signature
An electronic signature or e-signature, indicates either that a person who demands to have created a message is the one who created it.
A signature can be defined as a schematic script related with a person. A signature on a document is a sign that the person accepts the purposes recorded in the document. In many engineering companies digital seals are also required for another layer of authentication and security. Digital seals and signatures are same as handwritten signatures and stamped seals.
Digital Signature to Electronic Signature
Digital Signature was the term defined in the old I.T. Act, 2000. Electronic Signature is the term defined by the amended act (I.T. Act, 2008). The concept of Electronic Signature is broader than Digital Signature. Section 3 of the Act delivers for the verification of Electronic Records by affixing Digital Signature.
As per the amendment, verification of electronic record by electronic signature or electronic authentication technique shall be considered reliable.
According to the United Nations Commission on International Trade Law (UNCITRAL), electronic authentication and signature methods may be classified into the following categories −
Those based on the knowledge of the user or the recipient, i.e., passwords, personal identification numbers (PINs), etc.
Those bases on the physical features of the user, i.e., biometrics.
Those based on the possession of an object by the user, i.e., codes or other information stored on a magnetic card.
Types of authentication and signature methods that, without falling under any of the above categories might also be used to indicate the originator of an electronic communication (Such as a facsimile of a handwritten signature, or a name typed at the bottom of an electronic message).
According to the UNCITRAL MODEL LAW on Electronic Signatures, the following technologies are presently in use −
- Digital Signature within a public key infrastructure (PKI)
- Biometric Device
- PINs
- Passwords
- Scanned handwritten signature
- Signature by Digital Pen
- Clickable “OK” or “I Accept” or “I Agree” click boxes