Digital signature is a tool for authenticating precious documents. It is handy and feasible, but misuse of a digital signature can create major issues. Read here to save yourself from forgery & fraud.
India is a country with a high number of Internet users and a growing digital economy. However, the use of digital signatures in India is still not widespread, and there are reports of misuse of digital signatures. A digital signature is basically an electronic signature that can be used to verify the identity of the sender of a message or document. In India, the use of digital signatures is regulated by the Information Technology Act, 2000.However, there have been reports of misuse of digital signatures in India. For instance, in May 2017, it was reported that around 10,000 tax returns had been filed using forged digital signatures. In another instance, in November 2017, it was reported that a fake website was created using a digital signature belonging to the Prime Minister’s Office. The misuse of digital signatures can have serious consequences, as it can lead to fraud and identity theft. It is important for users to be aware of the risks associated with the use of digital signatures, and to take measures to protect their own signature.
What Is a Digital Signature?
Digital Signature Certificate Online (DSC) is a computer-generated file that would be issued by a Certifying Authority (Pantasign CA, Safescrypt, e Mudhra, Capricorn, Verasys, (n)Code Solutions, IDSign CA) on submission of the required documents. Nowadays, due to this handy tool, we can process online applications or return filing easily and effectively.
What Are the Functions of a Digital Signature?
Digital Signature Certificate (D SC) can be used for authenticating any document digitally, i.e. by signing the document digitally. We have to obtain a digital signature based on individual requirements, and it has the following three classes:
Sr. No | Class of Digital Signature Certificate | Functions | Examples |
1 | Class 1 | These provide a basic level of assurance that the information provided in the application matches with the well-recognized consumer database i.e. the Certifying Authority. It is not used for document validation or signing a document. | Testing Purposes, i.e. verifying the contact details of a person. |
2 | Class 2 | The assurance provided by these Certificates is relevant in an environment where the risk of data assurance is moderate, i.e. it involves a substantial amount of monetary risk. It is used to validate a document and holds validity to signing documents digitally. | GST Return Filings, Income Tax Return Filings, Provident fund filings, etc. |
3 | Class 3 | This signature provides a high level of assurance which involves a high probability of fraud risk. These certificates are issued only on personal (physical) appearance. | Tender filing, e-biding, etc. |
What Are the Legal Consequences of Misuse of a Digital Signature Certificate?
- Information Technology Act,2000: Section 66C Punishment for identity theft. – A person who acts fraudulently or dishonestly and makes use of the electronic signature, password, or any other unique identification feature of any other person, shall be punished with imprisonment of either description for a term which may extend to three years and shall also be
- liable to a fine which may extend up to rupees one lakh.
Section 71 Misrepresentation or suppression of material fact to obtain any license or electronic signature. – It is applicable in the following situations:-
- If a person makes a misrepresentation to the controller or the certifying authority
- If a person suppresses any material fact from the controller or the certifying authority
Such misrepresentation or suppression of material fact only with the intent to obtain any license or electronic certificate from the controller or the certifying authority is punishable with imprisonment of up to two years and a fine which may extend up to rupees one lakh. The information to be provided to the controller or the certifying authority should be proper and correct. The presentation of wrong, incorrect, or false information is an offence under section 71 of the act.
As per Section 73 – Publication of electronic signature, which is false in certain particulars. The following situations shall amount to the publication of false particulars in an electronic certificate:
- Publication of electronic signature certificate which the certifying authority has not issued.
- Publication of electronic signature certificate which actual subscriber of the certificate has not accepted.
- Publication of the electronic signature certificate which is revoked or suspended.
Section 74 of the Information Technology Act, 2000: https://legislative.gov.in/actsofparliamentfromtheyear/information-technology-act-2000, punishes the creation, publication, or providing of an electronic signature certificate for fraudulent or unlawful purpose with imprisonment for a term which may extend up to two years or a fine which may extend up to one lakh.
The Indian Penal Code, 1860
Section 463 of the Indian Penal Code, 1860 – Forgery. Whoever makes any false documents or false electronic record or part of a document or electronic record, with intent to cause damage or injury, to the public or any person, or to support any claim or title, or to cause any person to part with property, or to enter into any express or implied contract, or with intent to commit fraud or that fraud may be committed, commits forgery.
An explanation for Section 463:
Where any person either fraudulently or dishonestly made, signed, sealed, executed, or transmitted a document or electronic record or its part thereof affixed with an electronic signature.
Where any person without proper authentication alters any document or any record maintained electronically or materially its part thereof, executed or affixed with electronic signature either by himself or by any other person, whether such person is alive or dead at the time of such alteration.
Where any person acts in a fraudulent or dishonest manner by sign, sealing, executing, or altering a document or an electronic record or affixing his or her electronic signature on any electronic record knowing that such person is of unsound mind and the person is unaware about the contents of the signed document or the type of alteration made.
Section 465 of the Indian Penal Code, 1860 – punishment for forgery. Whoever commits forgery shall be punished with imprisonment of either description for a term which may extend to two years, or with a fine, or with both. This offense is bailable and triable by the Magistrate First Class.
What Safety Measures Should Be Taken to Avoid the Digital Signatures
Misuse?
Digital Signature Certificate is a facilitative tool but also comes with a high risk. Following are some measures:
- Any person should keep the physical custody of the token with himself/herself
- If we are signing any document on behalf of our client, we should first obtain an authorization letter. We should proceed further with it, e.g. A practicing chartered accountant signing ITR or other GST returns on behalf of their client because practically, it is not possible to obtain custody of the token at every time of filing; there might be a clash of timings. So they should obtain an authorization letter along with its custody
A Myth About Digital Signature:
There is a myth about digital signature revolving among us “that signing on a paper and simply scanning it is a digital signature”, but this is wrong and might lead to fraud with an unknown person. In actuality, the digital signature is a token generated by the certifying authority on an application made to them. This token signs the document with the utility of the respective platform.
Conclusion
The misuse of digital signatures is a major problem in India. There are many ways in which people can misuse them, and this can have serious consequences. It is important to be aware of the ways in which digital signatures can be misused and to take steps to prevent this from happening.
Read More :