Video verification Mandatory for Class 2 Digital signature w.e.f : 1st of July 2018
Controller of Certifying Authorities (CCA) has mandated Physical Verification of DSC applicant by a Certifying Authority prior to issuance of Class 2 personal DSC latest by 01.07.2018
1. Video verification will be mandatory in class 2 DSC,(class 2 individual DSC mainly used for income Tax, PF, TDS,MCA, GST, etc)( Similar process currently applicable for Class 3 DSC, same process now will be applicable for Class 2 as well.)
2 . Aadhar Biomentric DSC will not require to do video Verification as person is physically verified with aadhar biometric authentication.
3. USB Token'S CSP is getting upgraded and will be application from 01.07.2018, hence old tokens will not work for renewals.
The said guideline is effective from July 1, 2018.
No More renewal of Digital signature possible:22/06/2016
Subsequent to the communication received from Office of CCA, all Certifying Authorities are required to stop the renewals. By this, all issuances of Digital Signature Certificates are required to undergo fresh application procedure.
We will not be able to process any renewal application hereafter. Renewal customers can easily perform Aadhaar based Digital Signature Certificates issuance, or submit a physical application with KYC documents.
We request your cooperation for the same.
New Digital signature issuance process effective from 1st of July 2015:
We would like to update that DSC issuance process is going a vital change w.e.f 1st July 2015. Detailed guidelines may be downloaded by clicking this link : Identity Verification Guidelines 2015 Version 1.0
Please find outlined the key new changes which would be required to be adhered to going forward:
1. Attestation procedure:
a) Attestation of supporting documents by RA will not be allowed.
b) The documents are to be attested only by Group A/B Gazetted Officers / Bank Manager / Post Master.
c) The Attesting Officers should also specify their Name, designation, office address and contact number.
d) The list of Gazetted Officers are also listed in CCA Guidelines.
e) The signature of applicant has to be in Blue-ink only.
2. Mobile Verification for all Classes of Certificate
a) Before Approval of DSC, Certifying Agency will make a telephonic verification, through the mobile number provided in application.
b) The mobile number should also be unique in each application, as is currently in the case of email ID.
3. Video Recording for Class 3
a) In place of physical verification, now CA / RA will make a video recording of the applicant for a specified time duration.
b) Before providing final Approval, Certifying Agency will verify the applicant through a video recording.
c) Applicant will have to answer a specific set of questions to establish his identity.
d) This recording will happen directly in CA System, in a tamper proof way. That means, if RA is recording the video, the recording has to be made in CA provided software / portal, and will be directly recorded to CA System.
e) Old videos or the videos sent over email or downloaded from web, etc will not be allowed.
4. Organization application
a) New set of documents prescribed for Organization verification.
Multiple documents are required, including Incorporation Certificate, AOA (2 pages), MOA(2 pages), Bank Statement, Audit Report of last year along with annual return, Board resolution for Authorized Signatory. Similar set of documents are also listed for Partnership Firms and Proprietorship entities.
b) Authorization letter should be signed in Blue Ink Only.
5. Application form
shall undergo changes as may be required for new verification guidelines.
Old forms shall not be accepted thereafter. The application form will be signed in Blue-ink only.
6. Aadhaar based eKYC: (HASSEL FREE)
New provision of Aadhaar based eKYC has been introduced.
In this case, there is NO need for mobile / video verification.
A Biometric device will be needed to perform a transaction via this mode.
More details on the modus operandi and process related to this mode will be intimated as and when formulated.
7. Foreign Nationals
New procedures have been notified as per Section 3 of the Guidelines.
Please note that in view of the new verification guidelines, there will be many procedural changes which may result in 5 to 7 days for issuance of a DSC until the new process stabilizes.
We request you to kindly inform your valued customers accordingly, so that they can plan their DSC requirement keeping this in mind.
Unique email id in DSC Application form:
The office of controller of certifying authorities (CCA) has observed that usage of common email IDs for multiple certificates is still in practice. The matter is of serious concern. Each and every certificate application should contain an unique email ID, and should belong to the applicant himself. Such email ID (and mobile number) should legitimately belong to the applicant.
CCA order copy
Digital signature (Class 2 and class 3 ) only in E-token form No pfx file any more :
•Issuance of SOFT TOKEN is discontinued wef 1/12/2013.
•All DSC download effective 01 Dec 2013 can only be downloaded onto “FIPS CERTIFIED TOKEN”(HARD TOKEN ONLY).
•USB Token is becoming mandatory.
More details refer to order
Verification of Credentials prior to issuance of Digital signature certificate (DSC)
In continuation to the office order no. CCA/DC(T).2013-98 dated 2nd August 2013, and discussion with all CAs on 06/09/2013 the following directions are being issued for strict compliance.
1.DSC will be issued by the CAs only after the application form (with ink signature) and supporting documents (duly attested as per the minuted of the CA meeting held on 7th of October , 2013) have been physically received and verified at the CAs premises.
2.The above will come into force from 1st of October , 2013
As notified by CCA, All CA will be issuing Digital Signature Certificates as per Interoperability guidelines from 4th of April 2011.
For details on:
1. Interoperability Guidelines refer to url ‐ http://cca.gov.in/rw/resource/dsc_guidelines_r2.pdf?download=true
2. CCA notification on ‐
Interoperability Guidelines ‐ http://cca.gov.in/rw/resource/Interoparability-Notification2011.pdf?download=true
1. Issuance of 2048 key strength with SHA1 end user certificate effective from 4th April 2011.
SHA2 with 2048 key strength will also be issued upon request from End user.
2. Change in application form as per latest DN field changes.
3. Change in Common name format in online enrollment form.
4. Inclusion of Postal Code field as mandatory in the online enrollment form
5. Only two types of certificates will be issued as mentioned below,
a) Signing Certificate (Used only for signing purpose)
b) Encryption Certificate (Used only for encryption purpose)
6. Only 1 year validity certificates (For SHA1) will be issued from 4th of April 2011 untill 31st Dec 2011.
7. Request numbers generated till 03.04.2011 will be rejected permanently post Interoperability changes
8. For certificate generated before Interoperability changes, replacement is not applicable after
interoperability changes move to production. (Since, there is a change in certificate details)
9. For certificates issued before Interoperability changes, renewal will be treated as Fresh issuance. (Since,
there is a change in certificate details)
10. Crypto tokens which do not support end user certificates with 2048 bit key strength should no longer be
used (Eg, Safenet iKey 1000, Safenet iKey 1032 and Aladdin e‐token 32K)
11. New CA and Sub CA certificates will be generated and hence the certificate chain has to be updated
accordingly in the website.