A Digital Signature Certificate (DSC) is an Electronic Signature Certificate, legally equivalent to a handwritten signature, issued under Section 35 of the IT Act, 2000, by a licensed Certifying Authority. It connects the holder’s identity to an asymmetric key pair. This page explains the meaning, relevant definitions [Sections 2(1)(p) and 2(1)(tb)], the licensing process through the Controller of Certifying Authorities, and the Class 3 regime effective from 1 January 2021.
Digital Signature Certificate
A DSC functions as a tamper-proof digital identity for the holder, replacing the need to physically sign documents in regulated electronic transactions. The certificate is generated using public-key cryptography: a private key, held securely by the holder on a USB cryptographic token or hardware security module, and a corresponding public key embedded in the certificate. When the holder applies the private key to an electronic record, the resulting signature can be independently verified, establishing the signer’s identity and confirming that the record has not been altered after signing. Effective January 1, 2021, only Class 3 certificates are issued.
Recognised U/s 3A of IT Act 2000
A Digital Signature Certificate (DSC) is a type of Electronic Signature recognised under Section 3A of the IT Act, 2000. While all DSCs are electronic signatures, other methods, such as Aadhaar-based eSign, also qualify under the Second Schedule. The issuance of DSCs operates within a specific licensing hierarchy. The Controller of Certifying Authorities, established under Section 17, grants licenses to Certifying Authorities (CAs) under Section 24. These CAs, in turn, are responsible for issuing DSCs to subscribers under Section 35.
Types of Digital Signature Certificates
| No | DSC Variant | Issued To | Principal Use Cases |
|---|---|---|---|
| 1 | Class 3 Sign DSC | Individual person (director, partner, professional, citizen) |
|
| 2 | Class 3 Sign DSC | Organisation, in the name of an authorised signatory |
|
| 3 | Class 3 Encrypt DSC | Individual or organisation | Bid submission on GeM and the Central Public Procurement Portal (CPPP), secure data exchange in regulated workflows |
| 4 | Class 3 Sign + Encrypt (combined) | Individual or organisation | E-tendering on GeM and CPPP, State single-window investment clearance portals, and ICEGATE customs filings |
| 5 | Document Signer Certificate | Organisation as a legal entity | E-invoicing under GST, system-generated certificates, CA/CS bulk sign-offs, payroll documents |
| 6 | Foreign DSC | Foreign national or non-resident director | MCA21 filings by foreign directors, FEMA-related filings, and KYC submissions on Indian regulator portals |
Legal Provisions
For the operative statutory language, refer to Section 35 read with Sections 2(1)(p), 2(1)(tb), 3, 3A, 17, and 24 of the Information Technology Act, 2000. The Bare Act and the CCA Interoperability Guidelines are available on the Controller of Certifying Authorities’ website at cca.gov.in and the MeitY website at meity.gov.in.
Frequently Asked Questions
What is the difference between a Digital Signature and an electronic signature?
Under which law is a Digital Signature Certificate defined in India?
What classes of Digital Signature Certificate are currently issued in India?
In This Article
Author Bio
Meet Sanjeev Kumar, a distinguished advocate before the Supreme Court of India, High Courts, and National Tribunals. Founding Partner of Juriskps Law Offices, a premier law firm, he specializes in commercial, corporate, tax, arbitration, and IPR matters. His incisive legal insights enrich Setindiabiz’s blog with expert commentary.
