Nitty- Gritty of Aadhar eSign

Nitty- Gritty of Aadhar eSign
nitty-gritty.png

Digital signatures were not accessible to most Indians due to the time-consuming process of purchase, KYC, and usage.The DSC Token was the most widely utilized type of "electronic signature" prior to Aadhaar eSign.

The objective of Aadhaar eSign is pretty straightforward: to make it possible for  billions of people to utilize electronic signatures on a daily basis. With such a structure, mass consumption could not be encouraged. On the other hand, driving the mass adoption of Aadhaar eSign in a country with a population of more than 1 billion people like India was quite simple.

Aadhar eSign and DSC token are quite similar in terms of technology that ensures that the eSigned document cannot be altered once the Aadhaar eSign has been affixed. The method used to confirm the signer's identity is where the two most significantly diverge. DSC Tokens rely on a time-consuming, one-time KYC procedure, whereas Aadhaar eSign uses UIDAI-powered Aadhaar authentication to instantly confirm the signer's identity.

What is required for Aadhar eSign?

  • A valid Aadhar number

  • A valid phone number, email id, or biometric linked to the Aadhar number

  • Access to the linked phone number, email id, or biometric device

Benefits of Aadhar based eSign:

  • Privacy is maintained - The e-Sign service makes sure that the signer's privacy is maintained.

  • Different methods of authentication are possible in Aadhar based eSign service, including sending an OTP to the applicant’s registered mobile number or email address which is linked to the Aadhar number. Or an assisted biometric authentication, which includes the scanning of the applicant's iris or fingerprint linked to the Aadhar number.

  • Unlike DSC token, there is no plug-in dongle required for Aadhar based eSign. Signers can sign just by using an internet connection on mobile or laptop.

  • The Aadhar based esign services offered by different ASPs(application Service providers) are reliable like CA(Certifying Authorities), licensed and authorized by CCA(Controller of Certifying Authorities). 

Aadhar eSign Flow

  1. Signer preview the document on the interface provided by ASP(Application Service Provider) and give consent to Aadhar eSign.

  2. After giving the consent the signer is redirected to an ESP portal like NSDL/Vsign.

  3. On the eSign portal, signer enters the Aadhar number and authenticates via OTP received on linked email address or phone number or via biometric authentication. UIDAI does the authentication and paa it on to ESP

  4. After successful authentication, ESP orders the esignature from the Certifying Authority. Upon receipt of thief the order, the Certifying Authority relays an electronic signature certificate back to the ESP.

  5. ASP receives the electronic signature certificate from ESP and ensures afficture of signature. The ASP also makes sure that all the parties receives the signed document with the audit trail.

The stakeholders involved in the process

The Controller of Certifying Authority(CCA)

Government body setup by the Ministry of Information Technology (MeiTY) under the Information Technology Act 2000

The Office of Controller of Certifying Authorities (CCA), issues Certificate only to Certifying Authorities(CAs). CAs issue Digital Signature Certificates to end-entities. 

UIDAI(Unique Identification Authority Of India)

It is a statutory authority established under the provisions of the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016 (“Aadhaar Act 2016”) on 12 July 2016 by the Government of India, under the Ministry of Electronics and Information Technology (MeitY). UIDAI was created to issue Unique Identification numbers (UID), named as "Aadhaar", to all residents of India.

CA(Certifying Authority)

Certifying Authorities (CA) has been granted a license to issue a digital signature certificate under Section 24 of the Indian IT-Act 2000. One can procure Class 3 certificates from any of the certifying authorities. 

NSDL and Vsign are one of the Certitfying Authorities.

ESP(eSign Service Provider)

An entity providing eSign service. ESP must be integrated with a CA to regulate the transactions between the signer, the UIDAI and the CA.

NSDL and Vsign are one the ESPs.

ASP(application Service Provider)

An eSign ASP is a service provider for facilitating electronic signature service in India

Through the interface provided by the ASP, users can apply electronic signature on any electronic content by authenticating themselves through biometric or OTP. The interfaces are provided to users on a variety of devices such as computer, mobile phone etc.

FAQs

1. Do you keep a copy of my processed files?

Absolutely not. Your files are only yours. While your files are on our servers, they are strictly secured and no one can access them. We just keep them for a maximum of 2 hours so you can download them. Right after, they are completely removed forever from our servers. You can also delete the document by yourself at the end of each conversion. We won’t check, copy or analyze your files in any way.

2. Are company files safe with your service?

Yes. All uploads use https/SSL and include our end-to-end encryption for further privacy. These additional steps increase security and satisfy most corporate data privacy policies.

3. What pdf eSign do you offer?

The PDF eSign tool offers an intuitive signing experience for all your documents. There are 3 different ways to sign your PDF. It offers:

  • Aadhaar-based eSign, Type signature as text and Draw signature Here

4. What are other PDF utilities?

There are all the utilities zoopsign provides: