What is DAC ? What are its Benefits for Indians

Digital Address Code (DAC) as address for eKYC, property tax, online shopping !

The Department of Posts, Government of India, is in the process of creating an unique  Digital Address Code (#DAC) as a  proof of address  which can be used for booking an online delivery or for paying property tax.DAC would help in digitally authenticating an address.

--Currently, Aadhaar is commonly used as a proof of address. But the address mentioned on the Aadhaar card cannot be digitally authenticated. 

--DAC would be an unique address identity and is usable by all stakeholders.  DAC is expected to identify each address in the country uniquely and link the address to its geospatial coordinates represented numerically or alphanumerically.

--DAC is proposed as a solution. It would be an input that could be keyed in or captured out of a QR Code by apps of service providers and would be cognizable by digital maps.

--However, in the case of sensitive establishments, the DAC may not be issued or it may be linked to coordinates of a “neighbourhood” or city.

--DAC would be unique for each address i.e. each individual dwelling unit or office or business. For example, each flat in an apartment would get separate DAC. This code would be permanent for each address.

--The proposed DAC would be useful for the logistics and eCommerce industry and also help in targeting social sector benefits to the right beneficiary. As per the proposal, each and every dwelling unit in the country would get a DAC. For this, satellite imagery with 5m resolution has been proposed to be used.

--There will be a process for the verification of DACs. All verified DACs would be eligible for an online address authentication service.

Benefits of DAC:

The draft proposal has listed some of the following benefits of DAC:

1. The proposed DAC would be linked to geospatial coordinates. It will help provide address authentication as an online service.

2. The DAC would help in simplifying the KYC verification process in business sectors like banking, insurance, telecom etc. This would further result in reduced cost of doing business. DAC online authentication combined with Aadhaar authentication would be a truly digital eKYC.

3. The DAC may lead to higher productivity and quality of service in delivery services, especially eCommerce. It would also help reduce eCommerce fraud.

4. DAC is expected to simplify the delivery and implementation of Government Schemes.

5. The adoption of DAC would lead to increased financial and administrative efficiencies across sectors like property taxation, emergency response, disaster management, election management, infrastructure planning and management, census operations and grievance redressal.

6. The DAC is expected to fulfil the requirements put forth regarding 'One Nation One Address' (#ONOA) by the Working Group of Ministers on Employment Generation and Skill Development dated 22nd October 2020.

DSC & Electronic Signature Laws in India

DSC & Electronic Signatures Law in India
By Prashant Mali

What is a DSC i.e Digital Signature Certificate? 

Digital Signature Certificates (DSC) are the digital equivalent (that is electronic format) of physical or paper certificates. Examples of physical certificates are drivers' licenses, passports or membership cards. Certificates serve as proof of identity of an individual for a certain purpose; for example, a driver's license identifies someone who can legally drive in a particular country. Likewise, a digital certificate can be presented electronically to prove your identity, to access information or services on the Internet or to sign certain documents digitally. Licensed Certifying Authority (CA) issues the digital signature. Certifying Authority (CA) means a person who has been granted a license to issue a digital signature certificate under Section 24 of the Indian IT-Act 2000.

The list of licensed CAs along with their contact information is available on the Controller of Certifying Authorities (CCA) portal (www.cca.gov.in).

Digital Signature Vs. Digital Certificate

Digital signatures are based on three-pointers for authentication – Privacy, Non-repudiation and Integrity in the virtual world, while the objectives of the digital certificate are the authentication of documents, and bind the person who is putting the digital signature, which based on public key cryptography requires two separate keys, as secret and public. However, both the keys are linked together, one key encrypts the plain text, and another decrypts the ciphertext, and neither key can perform both the functions. The other difference is digital signature is an electronic process of signing an electronic document while a Digital Certificate is a computer-based record which is the identification of certifying agency or the identity of a subscriber

Digital Signature Vs. Electronic Signature

The Information Technology Amendment Bill 2006, replaces the word “Digital” with the word “Electronic” at several places in the principal act, which creates a slight difference between the two, electronic signature is wide in nature, while the digital signature is one of the many kinds of electronic signature.Section 2(ta) “electronic signature” means authentication of any electronic record by a subscriber by means of an electronic technique specified in the second schedule and includes digital signature and section 2(p) defined “Digital Signature Certificate” means a Digital Signature Certificate issued Under sub-section (4) of section 35. 

Aadhaar eSign based electronic signatures being used by Legality are completely legally accepted and secure manner of electronically signing documents, under effect of Gazette Notification No. 2015 Jan -GSR 61(E) Electronic Signature or Electronic Authentication Technique and Procedure Rules, 2015. Aadhaar eSigns are recognised as an accepted method of secure electronic signatures as part of the Second Schedule of the Information Technology Act, 2010 (IT Act). The IT Act recognises secure electronic signatures such as Aadhaar eSign as having legal validity equivalent to that of physical signatures. Aadhaar eSigns work under the regulatory framework set up by Controller of Certifying Authorities, Ministry of Electronics and Information Technology, Government of India.

What types of e-signatures are recognized under the IT Act, 2000?

The IT Act recognizes the two following types of signatures:

(1) E-signatures that combine an Aadhaar with an eKYC service

Users with an Aadhaar ID, the unique identification number issued by the Indian government to all Indian residents, are free to use an online e-signature service to securely sign documents online. In this case, the online e-signature service integrates with an Application Service Provider (ASP) to provide users with a mobile or web app interface that they can interact with. The users then use this app interface to apply e-signatures to any online document by authenticating their identity using an eKYC service such as OTP (One time passcode) provided by an eSign Service Provider. The online e-signature service works with an accredited service provider to provide certificates and authentication services that comply with government guidelines.

(2) Digital signatures that are generated by an asymmetric crypto-system and hash function

An ‘asymmetric cryptosystem’ refers to a secure pair of keys: a private key and a public key. Both are unique to each user, and can be leveraged to verify and create an e-signature.

In this scenario, users obtain a digital signature from a reputed Certifying Authority (CA) in the form of a digital certificate. These certificates typically include the user’s name, public key, the expiration date of the certificate, and other necessary information about the user. Operating systems and browsers typically maintain a list of trusted CA root certificates that are used to verify digital certificates issued by a CA. The user might also be issued a USB token containing the digital-certificate-based digital ID, along with a personal PIN, to sign a document.

 What are the factors that make e-signatures valid in India?

Here are the 5 criteria that e-signatures need to satisfy in order to be valid as per the IT Act:

(1) E-signatures must be uniquely linked to the person signing the document. This condition is often met by issuing a digital-certificate-based digital ID.

(2) At the time of signing, the signer must have total control over the data used to generate the e-signature. Most online e-signature service providers allow signers to directly affix their e-signature to the document in order to meet this requirement.

(3) Any alteration to the affixed e-signature, or the document to which the signature is affixed, must be detectable. This is often met by encrypting the document with a tamper-evident seal.

(4) There should be an audit trail of steps taken during the signing process.

(5) The digital signature certificate must be issued by a Certifying Authority (CA) recognised by the Controller of Certifying Authorities (CCA) appointed under the IT Act, 2000.

Can document of all kinds be executed using e-signatures?

No. Certain documents that require a notarial process, or must be registered with a Registrar or Sub-Registrar, can only be executed using handwritten signatures to be legally enforceable. These primarily include:

(1) Negotiable instruments such as a promissory note or a bill of exchange other than a cheque

(2) Powers of attorney

(3) Trust deeds

(4) Wills and any other testamentary disposition

(5) Real estate contracts such as leases or sales agreements

You can’t be a Company director without mobile phone, email ID and DSC, under the new KYC norms. This is the fallout of the new DIR-3-KYC norms brought forth by the Ministry of Corporate Affairs (MCA). The Rules require every director to file the KYC form by 31 August 2018, after which the Directors’ Identification Number (DIN) granted to the director shall be “deactivated”. The rules also lay down that such de-activated DIN shall be re-activated only after the person has filed the KYC Form. One of the mandatory requisites of the new KYC form is that the director shall provide his/ her mobile number, email ID and file the e-form with his/her own digital signature (Differential Scanning Calorimetry or DSC).