FREQUENTLY ASKED QUESTIONS

Categories

On this page, you will find all the Frequently asked question by our customer related to Digital Signature Certificate, Technologies and etc.

Still, you have any doubt, Feel Free to contact us on +91 8700418118

FAQ

FAQ

FAQ

FAQ

Digital Signature for Income Tax E-filing

Q. What is a digital certificate or a digital signature certificate (DSC)?

Ans. A digital certificate or a digital signature certificate(DSC) is a digital record of credentials of an individual or an organization. It verifies the ingenuity of an entity involved in an online transaction. DSCs come in handy during online transactions including e-filing of income tax return, e-tendering, online monetary transactions, etc. over the internet. They are also used during the exchange of confidential information through emails to ensure the security and originality of the information as well as its sender.
Q. What is a digital signature?

Ans. A digital signature is an electronic form of signature which verifies the authenticity of a digital document. Digital signatures also verify the identity or authenticity of the sender of the information over the Internet. They also add up to security measures employed during any online transactions.
Q. What is the difference between a digital signature and a digital signature certificate (DSC)?

Ans. Digital signatures offer authenticity verification, privacy, and security to its users during online transactions and exchange of information. Digital signatures are used for secure messaging, online banking application use, secure online workflow applications, supply chain management, etc.

Digital signature certificate contains the record of the holder of the certificate and details of the digital certificate.

These are digital documents that verify that a digital authentication associated with an individual or a specific entity does exist. Digital certificate helps prevent any sort of jeopardy to the identity and security of an individual or an entity, from an impersonator.
Q. Why do I need a Digital Signature Certificate?

Ans. A digital signature certificate is an electronic authenticity of one’s identity. It also offers a top notch security and privacy to user’s online transactions. Certificates can also be used to encrypt the information which will ensure that only the intended recipient can go through it. Digitally signing an information also assures the user that the information cannot be changed by a third party half way during transaction. It also verifies user’s identity as the sender of the information.
Q. What are the different types of DSC?
- Ans.
  
  Class 1 certificate: This digital certificate is issued to an individual for personal use. User may employ the certificate to prove the authenticity of his identity or of the information shared by him. It is mandatory for an individual, applying for a class 1 certificate, to have a valid email id.
  
  Class 2 certificate: This sort of digital signature is issued to individuals involved with an organization as well as for the personal use of an individual. Class 2 certificate is used to complete transactions which involves the Ministry of corporate affairs or the Registrar of companies. A person applying for a class 2 certificate needs to present a valid identity proof as well as the address proof.
  
  Class 3 certificate: Considered as the most exclusive digital certificate of all, class 3 certificate is the definitive identity authentication and security mean. It is mandatory for organizations and individuals involved in online e-tendering, e-procurement, patent filing and trademark filing process to have a valid class 3 certificate. It is essential for the person applying for this sort of certificate to register his physical presence before the certifying authority.
Q. What is a Root certificate?
Q. What is Digital Time Stamping?

Ans. As the name suggests,a digital time stamping service issues time stamps. The function of Digital time stamp is similar to any other time stamp i.e. to denote date & time of an action on a document. Digital timestamps are used to verify the original date of creation of a document.
Q. Are Digital Signatures legally valid in India?
Q. Where can I use Digital Signature Certificates?
Ans. You can use Digital Signature Certificates for:
- Secure exchange of information and online transactions
- Encrypting information in an email
- Identifying participants of an online transaction
- Proving authorship of a digital content
- Filing income tax returns
- Transactions with Ministry of Corporate Affairs
- Applying for e-tenders
- Proving the authenticity of a trademark

Public Key Infrastructure & Cryptography

Q. What is Public key infrastructure (PKI)?

Ans. PKI or Public Key Infrastructure is a set of comprehensive system policies, procedures, and technologies working together to allow secure and confidential communication between internet users. It involves encryption of information at the sender’s end and decryption at receiver’s end.
Q. How are PKI and security associated?

Ans. PKI manages and regulates cryptography i.e. encryption and decryption of data, which is a security measure for the safekeeping of confidential data. PKI accomplishes this task by pro-offering the facility of encoding information at the sender’s end and decoding it on the receiver’s end.
Q. What is cryptography?

Ans. Cryptography is the practice of employing encryption and decryption techniques for a secure sharing and storing of data and information across insecure networks such as the Internet, in a secure manner. Cryptography essentially comprises of encrypting the information at one end and decrypting it at the other end. Encrypted data remains hidden and inaccessible to everyone except the intended recipient.
Q. What is encryption and decryption of data?

Ans. Encryption is the process of encoding a message or a piece of information in such a manner, that only the authorized party can receive and go through it. The sender of the information uses an encryption key to scramble information so that it is unintelligible to adversaries.

Decryption is the complementary process of encryption. A user who receives an encrypted data needs to decrypt it before he can go through it. Decryption converts the scrambled information back to its original form by the use of a decryption key.
Q. What are the types of cryptography?

Ans. Symmetric, or secret key, cryptography uses a single key to both encrypt and decrypt the data.

Asymmetric or public-key cryptography is a method for securely exchanging messages, by assigning a complimentary pair of keys, one public and one private, to the individuals involved in the exchange of information.
Q. What is the difference between public and private keys?
Q. How does a Digital Certificate work in Public Key Infrastructure (PKI)?

Ans. Public Key Infrastructure is the regulatory process behind the use and functioning of digital certificates. PKI employs cryptography in digital signature certificates for controlling the flow of information and limiting it to intended recipients. The certificate contains information about a user’s identity along with the public key for accessing the information.

The private key is retained with the digital certificate holder on a computer hard disk or on an external device such as a smart card. The owner of the digital certificate is in control of the private key which can only be used with the issued password.
Q. What is the difference between digitally signing and encrypting an email?

Ans. Digitally signing an email message comprises attaching a Digital Certificate to it so that the recipient is reassured that the sender of the information is authentic and the information has not tampered midway. Although, signing a message does not ensure protection from third-party monitoring.

Encrypting a message ensures that the information being shared on an insecure network can be accessed by the intended recipient of the information only. This is a safeguard measure against the monitoring of confidential information. In order to send a signed message, you must have a Digital Certificate. Encrypting a message requires the sender to have the recipient’s Digital Certificate.
Q. What actually happens when I digitally sign any transaction?
Ans. Once a transaction is digitally signed, it gets encrypted by a private key. When the recipient receives the information with the digital certificate attached to it, he can verify the information using the public key associated with the certificate.

Thus, signing a transaction:
- Verifies a user’s identity and maintains non-repudiation of information
- Establishes user’s credentials to perform the transaction
- Protects the integrity and ingenuity of the information itself.
Once a transaction is digitally signed by a user, it offers substantial proof of involvement of users in the transaction, this is referred to as non-repudiation of information.

Certificate Validation Mechanism

Q. What is Certificate Validation?
Q. What is Certificate Validation Mechanism?
Q. What are the various validation mechanisms available?
Q. What is Certificate Revocation?
Ans. Certificate Revocation is the cancellation of the Digital Signature Certificate.

A certificate may be revoked because of any of the following reasons:
- Inaccuracy in the data on the digital certificate
- Revocation on the request from the subscriber of the digital certificate.
- In the case of secrecy of private key being compromised
- Change of any information on digital certificate.
Q. What is Certificate Revocation List (CRL) ?

Ans. Certificate Revocation List is a list published by Certifying Authorities which contains the detail of all the digital certificates that have been revoked, expired, or are considered no longer valid. The CRL is updated on a periodic basis and published at regular intervals by Certificate Authorities.
Q. What is a CRL Validation?

Ans. CRL validation is one of the mechanisms to check the validity or status of the Digital Signature Certificates. A digital certificate can be checked against the list of a digital certificates enlisted in CRL. If the details of a digital certificate are presenting the CRL, it implies that the digital certificate is no longer valid.
Q. What is OCSP Validation?

Ans. OCSP which stands for online certificate status protocol, is another mechanism to check the validity of a digital certificate. Whenever a user tries to use the digital certificate over the server, OSCP requests a validity check,the server responds back with the status of the digital certificate.
Q. What is CAM?
Q. Why do I need to validate a Digital Certificate?

Open chat

1

Hi, Welcome to BuyDSConline.com
How can we help you?