Back close

E-Sign: Signature of new India

With the world being amid a technological revolution1 since the late 1990s, governments globally quickly adapted to advancements in technology and leveraged the resultant benefits to create large social impact. In early 2000s, many countries came up with laws to protect the rights of people between a technological whirlpool. India too, came up with the Information Technology (IT) Act2 in the year 2000.

I. Global eSignature laws

An offshoot of technological innovations was many governments making provisions for recognizing digital signatures. There are broadly three types of eSignature laws worldwide3

1.1 Minimalist or Permissive Electronic Signature Laws: These laws make eSignatures applicable in almost all cases and have the highest level of security for all stakeholders involved. Here, focus is not laid on how the contracts are signed digitally from a technology standpoint but on an eSignature holding the same value as a wet (paper) signature. Countries like USA, Canada, Australia, and New Zealand have such laws.

1.2 Prescriptive Electronic Signature Laws: These eSignature laws are the most difficult to adhere to if proper technological protocol for signing is not followed. Prescriptive laws dictate what processes and technology one needs to use to constitute a legally binding signature. The rarest type of electronic signature law, prescriptive laws are only used in a handful of countries including Brazil, India, Israel, and Malaysia.

1.3 Two-Tier Electronic Signature Laws: These laws have features of both minimalist and prescriptive laws. They not only allow and accept all forms of eSignatures for private agreements with the consent of all involved parties, but also regulate the process and technology that must be used for specific contracts. European nations, China and South Korea have such laws.

In India, the laws governing eSignatures are a part of Section 3A of the IT (Amendment) Act, 20084. One of the provisions in the act was to give authentication and acknowledge the acceptance of digital signatures. The IT Act provides for 2 types of electronic signatures namely eSignatures that combine an Aadhar5 with an eKYC6 and digital signatures that are generated by an asymmetric crypto-system and hash function. To make paper-less economy a reality, it was important to adopt technology that facilitated signing of contracts digitally and in a secure manner.

Historical Background

As India has Prescriptive Electronic Signature Laws, after the IT Act was implemented in the year 2000, recognizing the validity of digital signatures, it was important to set up a process to make these a reality. For this purpose, the concept of Digital Signature Certificates (DSCs) was created and adopted. These were USB-based keys that were used by parties wanting to sign any electronic record. These USB keys could only be issued by limited registered entities (Exhibit 1) and required the signer to undergo a long process (refer Fig. 2) to obtain them which included a tedious video KYC process and pay a fee of about Rupees 1000 (USD 12). Even after the whole process, the actual token took a few days to be delivered for use to the signer. 

Exhibit 1: List of ESPs

Safescrypt(n)Code SolutionseMudhra Ltd.C-DACCapricorn Identity Services Pvt. Ltd.NSDL e-Governance Infrastructure Ltd.VerasysCSCRajCOMP Info Services Ltd.Panta SignIDSignCDSL Ventures Ltd.XtraTrust
Fig. 2: Issuance of DSC

2.1. Technical Framework of the DSC: In this method of digital signage, the user, to be able to digitally sign any document digitally, it needed to have three key components namely Electronic record; Secure key pair and Hash algorithm.

2.1-1 Electronic Record: An electronic record is any document or piece of data that is stored electronically which is to be signed by the signees. The allowed formats for this record can be either PDF or XML for it be signed.

2.1-2 Secure Key Pair: The digital signature worked on the process of asymmetric cryptography which consists of two functions namely private key and public key.

Fig. 3: Components of Secure Key Pair

2.1-2a Private Key: This is a unique and confidential code available to the signer who owns the key pair

2.1-2b Public Key: This is a unique, but not confidential code that can be seen by any party who views the digital signature

Both keys were required together for any digital signage.

2.1-3 Hashing Function: A Hash result may be thought to be the unique digital fingerprint of any document. It was generated by an algorithm in the form of an alpha-numeric code. Hash result represented the electronic record only at the time at which the hash function was performed. If even a full stop was added to the electronic record, the hash result changed.

The hash function and the secure key pair were both stored in the hardware security module which was housed in the USB drive that was given by the CA.

The module was activated by a unique PIN which acted as an identifier for the signer. Once all the key requirements for the signing were fulfilled, the user had to follow a 4-step procedure to sign any contract7:

Step1: Generating a Hash Result for the Electronic Record

  • The user plugs in the USB in his/her device and opens the PDF document that needs to be signed 
  • The user is prompted to enter the unique PIN 
  • The hash module is activated, and a unique hash ID is created for the document

Fig. 4: Generating a Hash Result for Electronic Record

Step 2: Encryption

The private key of the user then encrypts the obtained hash result and gives a scrambled hash result

Fig. 5: Encryption

Step 3: Affixture 

  • The scrambled hash and public key are stored together on the document that was to be signed and an electronic signature certificate is created
  • The scrambled hash result is affixed on the contract
Fig. 6: Affixture

Step 4: Decryption

  • The hash function is performed on the document with the same algorithm and the hash result is displayed. If the document hasn’t been tampered with, the hash will be same as the hash obtained in the first part 
  • The public key then decrypts the scrambled hash in the document. It will only work if the public key corresponding to the private key is used. 
  • Both generated hash results are matched, and the document signature is validated.

Fig. 7: Decryption
Challenge with the Current Process

Challenge with the Current Process

The major challenge with the DSC method was verifying documents physically which also added to the costs largely. Certifying authorities engaged registration authorities to carry out the verification of credentials prior to issuance of certificate that caused significant delays. Additionally, the physical USB dongle given to the users added to the cost of DSCs. There was also a huge environmental impact due to this technology that used USB drives which added to electronic waste and junk being produced.

In 2020, the smartphone penetration in India was 54%8. India is clearly a mobile-first country and for any technology introduced to reach masses, it should be compatible with mobile phones. The challenge with DSC was that it could not be used on handheld devices. Additionally, one of the main purposes to introduce electronic signature was to allow mobility and flexibility in signing of contracts. Carrying a USB at all times was not a very feasible solution.

In order to overcome all these challenges, the government launched the eSign- an online service for electronic signatures without using physical cryptographic token9 in 2015.

eSign Features and Developmental Process

eSign Features and Developmental Process

eSign allows users to digitally sign documents as long as the signer fulfils the criteria of having an Aadhar number and his/her biometrics and mobile number linked with Aadhar. The process of using eSign is fairly simple and straightforward. It has the steps listed as per Fig. 8.

Fig. 8: Steps of using eSign

This technology digitises the document verification step in the earlier process which was very time consuming by introducing eKYC. eKYC can also be done by one of two methods depending on the availability of resources:

eKYC based on OTP: Generates and sends an OTP to the registered mobile number of the user once he/she enters the Aadhar number. Once the correct OTP is entered, the DSC is issued stating that the details of the signer match the details present in the Aadhar data base. Post use, the provate keys are deleted ensuring safety.

eKYC based on Biometrics: In cases where biometric devises are available, eKYC can be done by using those details. Once the details are matched, the DSC is issued stating that the details of the signer match the details present in the Aadhar data base. Post use, the provate keys are deleted ensuring safety.

Any updates or changes to be made in the technology are handled by the aa committee which holds regular reviews. This method of esigning has obvious advantages over earlier method of using a DSC.

The advantages include huge saving of administrative cost and time; Aadhaar e-KYC based authentication ensures validity and reduces chances of misuse. It has also helped to improve user experience by making the signing process faster and easier. It prevents forgery and increases authenticity checks by allowing for the signatories to be verified. Flexible and fast integration with application using APIs allows for a wide variety of use cases for private players as well. Privacy concerns are also addressed with a complete audit trail and an immediate destruction of keys after usage.

Apart from the convenience provided by this technology, it has a major environmental impact as well. In addition to eliminating the need of paper contracts completely, it does not require any additional physical device like a USB device which might add to e-waste; making it a completely eco-friendly alternative to earlier methods of signing.

The sheer number of people using the service is a testimony of the kind of impact created by the technology.

Flow chart and Structure

Flow chart and Structure

The flowchart for using an eSign process is shown in Fig. 9.

Fig. 9: Flowchart of working of eSign Process 


At Application Service Provider (ASP)

  • Asks the end user to sign the document 
  • Creates the document hash (to be signed) on the client side 
  • Capture Aadhaar number and authentication factor (OTP/Biometric)
  • Creates the input API for eSign
  • Calls the eSign API of the eSign provider

At eSign Service Provider (ESP)

  • Validates the calling application input, and then creates the Aadhaar, e-KYC input based on Aadhaar e-KYC API specification 
  • Invokes the Aadhaar e-KYC API 
  • On success, creates a new key pair for that Aadhaar holder
  • Sends public key and eKYC information to the Certifying Authority for certification 

At Certifying Authority (CA)

  • Based on the eKYC authentication information received from UIDAI, Digital Signature Certificate is issued and sent to the ESP
  • At eSign Service Provider (ESP)
  • Signs the input document hash using the private key (Note: the original document never leaves the actual computer) 
  • Creates an audit trail for the transaction 
    • Audit includes the transaction details, timestamp, and Aadhaar e-KYC response 
    • This is used for pricing and reporting 
    • Sends the e-Sign API response back to the calling application after obtaining end-user acceptance

At Application Service Provider (ASP)

  • Receives the signature from the e-Sign provider
  • Attaches the signature to the document 
Stakeholder Analysis

Stakeholder Analysis

The stakeholders involved in the process include Application Service Provider (ASP), eSign Service Provider (ESP), the Certifying Authority (CA), e-KYC providers and the end user. All these players are instrumental in signing of a document through eSign. 

Application Service Provider: An organization or an entity using eSign service as part of their application to electronically sign the content. For example Government Departments, Banks, other public/ private organizations.

End User: An Individual using the application of ASP and represents himself/ herself for signing the document under legal framework. Also a resident holding the Aadhaar number and applicant/ subscriber for digital certificate.

eSign Service Provider: Trusted Third Party as per the definitions of Second Schedule of Information Technology Act to provide eSign service. ESP is a Licensed Certifying Authority (CA) that validates the data

Certifying Authority: An organization or an entity licensed under CCA; it issues Digital Signature Certificate and carries out allied CA operations. 

Unique Identification Authority of India (UIDAI)10: It provides unique identity to all Indian residents and also eKYC authentication service to registered KUAs.



eSign online electronic signature service can be effectively used in scenarios where signed documents are required to be submitted to service providers namely Government, Public or Private sector. There are several use cases for the service (Exhibit 2). This service has allowed the government to massively cut costs that were initially associated with the DSC Mechanism. This service will also allow businesses and enterprises to cut down on administrative costs associated with signing and drafting of contracts. This would also allow businesses to become more global, green and more sustainable. This initiative is a stepping stone for the nation towards a paper-less economy that has a green thumb. 

Exhibit 2: List of use cases and services

Use Case


Digital Locker



Application for ID, e-filing

Financial Sector

Application for account opening in banks and post office

Transport Department

Application for driving licence renewal, vehicle registration

Various Certificates 

Application for birth, caste, marriage, income certificate, etc. 


Application for issuance, reissue


Application for new connection


Application forms for course enrolment and exams

Member of Parliament

Submission of parliament questions

Way Forward

Way Forward

The technology has potential to be used within and outside the government and remove time delays due to signing of files and paperwork. It also has potential for being a good method of authenticating any document and ensuring that no tampering take place. It can be rolled out in a way to accommodate international transactions and contracts. The technology itself can be improved and built upon. With more and more smartphones coming with facial recognition technology, we can look at the possibility of integrating this technology with the eSign infrastructure to make it even more easier to use. This technology can also be leveraged to create a stable revenue stream and eventually become self-sufficient and sustainable.

Part 1- Profile of the respondents 


Number of responses


Age in years


Educational Qualification



Higher Secondary Education


Higher Secondary Education




Post Graduation


Doctorate in Philosophy


Organizational Type




Central Government


State Government


Public Sector Undertaking


Work Experience

0-8 years

Part 2- Awareness and Use of eSign App


Total Number of responses


Number of respondents who found it simple to use eSign


Number of respondents who did not found it simple to use eSign


Number of respondents who found it secure to use eSign


Number of respondents who did not found it secure to use eSign


Number of respondents who found the instructions easy to understand


Number of respondents who did not found the instructions easy to understand


Number of respondents who will recommend eSign to their friends and family


Number of respondents who will not recommend eSign to their friends and family


Digital Transformation and Sustainability


Total Number of responses


Number of people who believes Esign helped the government in achieving the reduction of paper usage and wastage 


Number of people who do not believe Esign helped the government in achieving the reduction of paper usage and wastage 


Number of people who believes Esign helped the government in avoiding the process of resources wastage due to repeated verifications


Number of people who do not believe Esign helped the government in avoiding the process of resources wastage due to repeated verifications


Business process transformation


Total Number of responses


Number of people who believes eSign streamlined processes and reduced paperwork for your company


Number of people who do not believe eSign streamlined processes and reduced paperwork for your company


Cost Benefit Analysis


Total Number of responses


Number of people who believe the objective of cost benefits been achieved by using eSign in terms of reduced paper usage, storage costs, and printing costs


Overall Ratings of Esign

Out of 500 respondents













Admissions Apply Now