Everything you need to know about e-signature laws in India

Digitization has transformed the landscape in which businesses operate in India. Today, SMBs across many verticals leverage digital solutions to make critical business processes more efficient, including sales and marketing.

According to a report published by KPMG and Google, digital SMBs in India grow profits twice as fast as their offline counterparts. E-signatures represent one of the biggest opportunities to accelerate this shift towards digitization.

Contrary to popular belief, e-signatures have been legally valid in India for over 18 years now. The Information Technology Act (IT Act), passed in 2000, granted e-signatures the same legal status as handwritten signatures.

The Complete Guide to Electronic Signature Laws around the World

With SMBs being encouraged to adopt the latest digital technologies as part of the Digital India initiative, there has been a recent increase in e-signature adoption. However, even today, many businesses do not have a clear understanding of the legality of e-signatures in India.

This blog will help you better understand what it takes for e-signatures to be legally binding in India.

What types of e-signatures are recognized under the IT Act?

The IT Act recognizes the two following types of signatures:

(1) E-signatures that combine an Aadhaar with an eKYC service

Users with an Aadhaar ID, the unique identification number issued by the Indian government to all Indian residents, are free to use an online e-signature service to securely sign documents online. In this case, the online e-signature service integrates with an Application Service Provider (ASP) to provide users with a mobile or web app interface that they can interact with.

The users then use this app interface to apply e-signatures to any online document by authenticating their identity  using an eKYC service such as OTP (One time passcode) provided by an eSign Service Provider. The online e-signature service works with an accredited service provider to provide certificates and authentication services that comply with government guidelines.

(2) Digital signatures that are generated by an asymmetric crypto-system and hash function

An ‘asymmetric crypto system’ refers to a secure pair of keys: a private key and a public key. Both are unique to each user, and can be leveraged to verify and create an e-signature.

In this scenario, users obtain a digital signature from a reputed Certifying Authority (CA) in the form of a digital certificate. These certificates typically include the user’s name, public key, the expiration date of the certificate, and other necessary information about the user. Operating systems and browsers typically maintain a list of trusted CA root certificates that are used to verify digital certificates issued by a CA.

The user might also be issued a USB token containing the digital-certificate-based digital ID, along with a personal PIN, to sign a document.

What are the factors that make e-signatures valid in India?

Here are the 5 criteria that e-signatures need to satisfy in order to be valid as per the IT Act:

(1) E-signatures must be uniquely linked to the person signing the document. This condition is often met by issuing a digital-certificate-based digital ID.

(2) At the time of signing, the signer must have total control over the data used to generate the e-signature. Most online e-signature service providers allow signers to directly affix their e-signature to the document in order to meet this requirement.

(3) Any alteration to the affixed e-signature, or the document to which the signature is affixed, must be detectable. This is often met by encrypting the document with a tamper-evident seal.

(4) There should be an audit trail of steps taken during the signing process.

(5) The digital signature certificate must be issued by a Certifying Authority (CA) recognised by the Controller of Certifying Authorities (CCA) appointed under the IT Act.

Can document of all kinds be executed using e-signatures?

No. Certain documents that require a notarial process, or must be registered with a Registrar or Sub-Registrar, can only be executed using handwritten signatures to be legally enforceable. These primarily include:

(1) Negotiable instruments such as a promissory note or a bill of exchange other than a cheque

(2) Powers of attorney

(3) Trust deeds

(4) Wills and any other testamentary disposition

(5) Real estate contracts such as leases or sales agreements

Your search for India’s simplest e-signature solution ends here.

If you are looking to adopt an e-signature solution in order to quickly sign contracts, invoices, quotes or other crucial documents in a legally-compliant manner, try Aadhaar eSign by SignEasy.

What makes it the simplest e-signature solution? Aadhaar eSign does away with the complicated procedure required to obtain a USB token with a digital-certificate-based digital ID. Instead, it allows you to create a digital signature on the fly using your Aadhaar ID.

It also offers a complete fill-and-sign functionality that couples well with business workflows, allowing users to finish their documents in one shot.

Sign up for a free trial of Aadhaar eSign to run a paper-free, productive business.

Recommended Reads

Made with in USA & India