DSC vs Digital Signature vs Electronic Signature: Key Differences

A Digital Signature Certificate (DSC) is a physical or electronic document issued by a Certifying Authority (CA) licensed by the Controller of Certifying Authorities (CCA) under the Information Technology Act, 2000. It contains the holder's identity and a public key. A digital signature is the cryptographic output created using the DSC's private key to sign an electronic document, ensuring integrity and non-repudiation. An electronic signature is a broader term under Section 2(1)(ta) of the IT Act, encompassing any method of signing an electronic record, including digital signatures, scanned images of handwritten signatures, or typed names.

The key distinction lies in legal recognition and security. A digital signature using a DSC is the only method that provides the highest evidentiary value under the IT Act, particularly for documents requiring authentication under the Indian Evidence Act, 1872. An electronic signature, while legally valid, may not offer the same level of non-repudiation unless it meets specific security standards prescribed by the government.

You must use a DSC when filing documents with government portals such as the Ministry of Corporate Affairs (MCA), Income Tax Department, Goods and Services Tax (GST) Network, or for e-tendering with public sector undertakings. The IT Act mandates DSC for documents that require authentication under Section 3, which includes filings under the Companies Act, 2013, and the Income Tax Act, 1961.

A simple electronic signature (e.g., typing your name or pasting a scanned signature) is acceptable for internal business communications, contracts between private parties, or low-risk transactions where the parties trust each other. However, if the document may be challenged in court, a DSC-backed digital signature provides stronger legal protection because it creates a tamper-evident seal and links the signature uniquely to the signer.

To obtain a DSC, you must apply to a licensed Certifying Authority (CA) such as eMudhra, Sify, or Capricorn. The process requires identity verification through documents like Aadhaar, PAN card, or passport. The CCA prescribes two classes of DSCs: Class 2 (for individual identity verification) and Class 3 (for high-assurance transactions, such as e-tendering). Class 3 DSCs require in-person verification or video-based verification.

The DSC is valid for one or two years, after which it must be renewed. The cost varies by class and validity period, typically ranging from ₹1,000 to ₹5,000 per year. You must also install the DSC on your computer using a USB token or software token provided by the CA. The IT Act requires that the DSC be used only by the person to whom it is issued; sharing or using another's DSC is an offence under Section 66C.

No, an electronic signature cannot be used for all legal documents. Section 1(4) of the IT Act exempts certain documents from electronic authentication, including negotiable instruments (other than cheques), powers of attorney, trusts, wills, and contracts for the sale of immovable property. These documents must be executed in physical form with wet signatures.

For documents that are not exempted, an electronic signature is legally valid if it meets the requirements of Section 3A of the IT Act, which allows the government to prescribe specific electronic signature techniques. Currently, the only technique prescribed is the digital signature using a DSC. Other forms of electronic signatures (e.g., biometric or Aadhaar-based eSign) are also recognised if they comply with the prescribed security standards.

To verify a digital signature, you need the signer's DSC public key, which is embedded in the signed document. Most document viewers (e.g., Adobe Acrobat, Microsoft Office) have built-in verification tools. When you open a digitally signed PDF, the software checks whether the signature is valid, whether the document has been altered since signing, and whether the DSC is from a trusted CA.

You can also verify the DSC's status on the CCA's website or the issuing CA's repository. If the DSC has been revoked or expired, the signature will show as invalid. For legal proceedings, you may need to obtain a certificate from the CA confirming the DSC's validity at the time of signing. The IT Act presumes that a digital signature is genuine unless proven otherwise, shifting the burden of proof to the party challenging it.

If you need to sign documents for government filings, e-tendering, or high-value contracts, obtain a DSC from a licensed Certifying Authority. For routine internal documents, a simple electronic signature may suffice, but consult a qualified professional to assess your specific compliance requirements under the IT Act.

---

This page provides preliminary information. It is not legal advice. For your matter, consult a qualified professional.