Digital SignatureMarket Analysis and Future Trends

Digital Signature : What is it…?Digital signatures are the most advanced and secure type of electronic signature. You can use them to comply with the most demanding legal and regulatory requirements because they provide the highest levels of assurance about each signer's identity and the authenticity of the documents they sign.

What makes it secure…?

Trusted Digital ID

Compliant, certificate-based digital IDs

come from accredited providers. You

need to prove your identity before you

can get one.

Unique

Every time you sign a document, you

use your own unique digital certificate

and PIN to validate your credentials and

prove you’re who you say you are.

Encrypted

Your digital signature and the document

you sign are encrypted together and

bound with a tamper-evident seal.

Easy to validate

Both the signed document and your digital

signature can be re-validated by a CA or TSP

for up to 10 years after the signing event.

01010

10100

HASH

ALGORITHIM

HASH VALUE

SENDER PRIVATE KEY

SIGNED MESSAGESENDER SENDER PUBLIC KEY

HASH VALUE

RECEIVER

SIGNED MESSAGE

Working Model

The Evolution and History1976

Whitfield Diffie and Martin Hellman

first described the notion of Digital

Signature

1977

The RSA Algorithm is invented

and used to produce a primitive

digital signature1989

The first widely marketed software

to offer digital signatures Lotus

Notes 1.0 is released

1988

Goldwasser, Micali and Rivest become the

first to rigorously define security

requirements of digital signature schemes

1989

PDF format adds ability to embed

digital signature into documents

2000

ESIGN act makes online signatures

legally binding2008

Digital signatures included in open standard

for PDF established by International

organization for standardization

Today

Digital signatures recognized as

most secure way to get documents

signed online

What's Better!“Digital Signature and Physical Signature”

Lot of Paper work

Easily tampered

Can be copied

Fraud issues

Security Concerns

A Digital Signature

is….

Highly secure

Tamper-evident

Cryptographically encrypted

Multifactor authentication

Certificate-based digital ID authentication

Whereas a Physical Signature

is....

Digital SignatureTypes of Solutions

1.CORPORATE SIGNER – ONPREMISE SIGNING OF PO, INVOICESCorporate Signer is an on-premise Digital Signature system that integrates into your ERP / CRM / SAP / Oracle.

2.DSC SIGNER - SIGN WITH YOUR USB TOKEN

DSC Signer allows you to sign any document with your DSC

(USB token)

• HOW IT WORKS• Corporate Signer is available as a on-premise solution.

• API is available for easy integration into your existing IT systems / ERP / MIS.

• Has multi-level security and protection features.

• Supports high throughputs as well as HSMs

• USE CASES• Corporate Financial Documents: Invoices, PO, Bills, Contracts, Sales Tax and other

compliance documentation, Vendor correspondence

• Corporate HR docs: Offer letters, appraisal letters, relieving letters, experience letters, etc.

• BENEFITS• Eliminates the use of paper, saves you the time & money spent on printing, handling

and archiving paper documents.

• Ensures that your physical signatures cannot be misused. Also ensures that

documents issued by you cannot be forged or misrepresented.

• Makes verification of previously issued / archived documents easy.

• HOW IT WORKSSelect and sign a document or multiple documents with

DSC

• USE CASES• Generic document signing with DSCContracts

• BENEFITS• Use your existing DSC to sign any document.

• Easy integration into your ERP / Tally / CRM

3. OMNISIGNER - CLOUD BASED SIGNATURE SOLUTIONOmniSigner is an all-purpose, cloud-based Digital Signature system which allows you to sign, send, track and archive your documents.

4. ESIGN GATEWAY - AADHAAR-BASED

SIGNINGThe eSign Gateway is an on-premise solution that allows Finserv

companies to consume eSignatures from multiple ESign Providers

(ESPs) while ensuring that no one else has access to their data.)

• HOW IT WORKS• OmniSigner is available as a cloud-based solution that can be accessed any-time,

anywhere through your secure account.

• Upload one or more documents. Sign and email for signatures by others.

• Track the status of all documents. Download signed documents.

• Supports all Digital Signatures types including Aadhaar eSignatures, DSC, etc.

• USE CASES• Corporate HR docs: Offer letters, appraisal letters, relieving letters, experience letters,

etc.

• Corporate Documents: Agreements, Contracts, Vendor correspondence

• Educational Institutions: Verification letters, Transcripts, other student documents.

• BENEFITS• Eliminates the use of paper, saves you the time & money spent on printing,

handling and archiving paper documents.

• Ensures that your physical signatures cannot be misused. Also ensures that

documents issued by you cannot be forged or misrepresented.

• Makes verification of previously issued / archived documents easy.

• HOW IT WORKS• A Single Aadhaar eSign API for all your applications

• Original Data and eSignature information remains within

your organization.

• Signed documents are stored on-premise.

• Use any ESP in real-time.

• USE CASES• eMandates / eNach

• eSign for forms, contracts, agreements

• BENEFITS• Work with multiple ESPs with single API

• Data security -Your data and your client's data never leaves your

organization

• Better compliance with Regulations on data confidentiality.

• Lower pricing per eSign

• Better up-time

Digital Signature Applications

Software

Distribution

Electronic Mail Data storage

Electronic

funds transfer

Online banking,

e-commerce

Growth Drivers

Online shopping

Online documentation

Penetration of internet Growing acceptance in the

BFSI sector

E-commerce businesses

Security requirements Ease of accessLessen fraud

Digital SignatureMarket Segmentation : Industry & Applications

GOVERNMENT

INFORMATION

TECHNOLOGY

HEALTHCARE

AND

LIFESCIENCE

BFSI

TELECOM

RETAIL

EDUCATIONAL

INSTITUTES

Indian Law & Digital Signature

Laws for Digital Signature Digital signature is electronically generated and can be used to make sure the veracity and legitimacy of data. The dawn of information technology revolutionized the whole world, India

is not an exception to it; as technological activism is the social behavior in India.

IT Act Provisions Related to Digital SignatureSection 3 of IT Act, made the provision for it as:Authentication of electronic records - Subject to the provisions of this section, any subscriber may authenticate an electronic record by affixing his digital signature.

Section 4 made the provision for Legal recognition of electronic records — where any law provides that information or any other matter shall be in writing, typewritten or printed

form then not-withstanding anything contained in such law, given requirement shall be deemed to have been satisfied if such information or matter is—

(a) rendered or made available in an electronic form; and

(b) accessible so as to be usable for a subsequent reference

Section 5 Legal recognition of [electronic signatures] — where law provides that information or any other matter shall be authenticated by affixing the signature or any document

should be signed or bear the signature of any person then, notwithstanding anything contained in such law, such requirement shall be deemed to have been satisfied, if such

information or matter is authenticated by means of [electronic signatures] affixed in such manner as may be prescribed by the Central Government.

Makes or transmits any electronic record or part of any electronic record;

a) affixes any [electronic signature] on any electronic record;

b) Makes any mark denoting the execution of a document or the authenticity of the [electronic signature]

Firstly -----with the intention of causing it to be believed that such a document or a part of document, electronic record or [electronic signature] was made, signed, sealed,

executed, transmitted or affixed by or by the authority of a person by whom or by whose authority he knows that it was not made, signed, sealed, executed or affixed; or

Secondly —Who, without lawful authority, dishonestly or fraudulently, by cancellation or otherwise, alters a document or an electronic record in any material part thereof, after it

has been made, executed or affixed with [electronic signature] either by himself or by any other person, whether such person be living or dead at the time of such alteration; or

Thirdly —Who dishonestly or fraudulently causes any person to sign, seal, execute or alter a document or an electronic record or to affix his [electronic signature] on any

electronic record knowing that such person by reason of unsoundness of mind or intoxication cannot, or that by reason of deception practiced upon him, he does not know the

contents of the document or electronic record or the nature of the alteration.

Digital Signature and Digital Certificate Laws

Digital SignatureVs. Digital Certificate

Digital signatures are based on three pointers for authentication – Privacy, Non repudiation and Integrity in the virtual world, while the objectives of digital certificate are the

authentication of documents, and bind the person who is putting the digital signature, which based on public key cryptography requires two separate keys, as secret and public.

However, both the keys are linked together, one key encrypts the plain text, and another decrypts the cipher text, and neither key can perform both the functions. The other

difference is digital signature is an electronic process of signing an electronic document while a Digital Certificate is a computer based record which is the identification of certifying

agency or the identity of subscriber

Digital SignatureVs. Electronic Signature

The Information Technology Amendment Bill 2006, replaces the word “Digital” with the word “Electronic” at several places in the principal act, which creates a slight difference

between the two, electronic signature is wide in nature, while the digital signature is one of the many kinds of electronic signature.

Section 2(ta) “electronic signature” means authentication of any electronic record by a subscriber by means of an electronic technique specified in the second schedule and includes

digital signature and section 2(p) defined “Digital Signature Certificate” means a Digital Signature Certificate issued Under sub-section (4) of section 35.

The Indian Evidence Act and Digital Signature

After the IT Act 2000, it was necessary to make an applicable amendment in the Indian Evidence act, to make it compatible.

Section 3 in the definition of “Evidence”, for the words “all documents produced for the inspection of the Court”, the word “all document including electronic records produced for

the inspection of the Court”

Section 47A, says when the court has to form an opinion as to the digital signature or any person, the opinion of the certifying authority which has issued the Digital Signature

Certificate is a relevant fact. It means while drawing the conclusion, court gives the weight of the digital signature as a relevant fact.

Further 67A proof as to digital signature – except in the case of a secure digital signature, if the digital signature of any subscriber is alleged to have been affixed to an electronic

record the fact that such digital signature is the digital signature of the subscriber must be proved.

Section 85B exhibits the positive presumption as Presumption as to electronic records and digital signatures.- (1) In any proceedings involving a secure electronic record, the Court

shall presume unless contrary is proved, that the secure electronic record has not been altered since the specific point of time to which the secure status relates.

Indian Penal CodeSection 464 Making a false document: A person is said to make a false document or false electronic

record—

First — who dishonestly or fraudulently-

Makes or transmits any electronic record or part of any electronic record;

affixes any [electronic signature] on any electronic record;

makes any mark denoting the execution of a document or the authenticity of the [electronic signature],

with the intention of causing it to be believed that such a document or a part of document, electronic record or [electronic signature] was made, signed, sealed,

executed, transmitted or affixed by or by the authority of a person by whom or by whose authority he knows that it was not made, signed, sealed, executed or affixed.

Secondly —Who, without lawful authority, dishonestly or fraudulently, by cancellation or otherwise, alters a document or an electronic record in any material

part thereof, after it has been made, executed or affixed with [electronic signature] either by himself or by any other person, whether such person be living or dead at

the time of such alteration.

Thirdly —Who dishonestly or fraudulently causes any person to sign, seal, execute or alter a document or an electronic record or to affix his [electronic

signature] on any electronic record knowing that such person by reason of unsoundness of mind or intoxication cannot, or that by reason of deception practiced upon

him, he does not know the contents of the document or electronic record or the nature of the alteration.

Laws for Digital Signature

Major Global Players

Adobe

Systems

Docusign

Ascertia

Entrust

Datacard

Microsoft

Corporation

Gemalto

Signix

International

Business

solutions

IdenTrust

Oracle

Corporation

Co-sign

E-signlive

AssureSign

Sertifi

Rpost

Alphatrust

eOriginal

GOPaperless

Kofax

Korea

system’s Tech

Kotrade

Secured

Signing

Globalsign

Right

Signature

Digital SignatureMarket size and Value

The Digital signature market which comprises of services, Deployment, Application , BFSI, Government and

Defence, Legal, Real Estate, Manufacturing and Engineering, Healthcare and Lifesciences, etc is estimated to grow from USD 662.7 Million in 2016 to USD 2657.0 Million by 2021, at an expected Compound Annual Growth Rate (CAGR) of 32.0% from 2016 to 2021.

“Software solutions are expected to grow at the highest CAGR during the forecast period”

The main reason for this explicitly is software solutions are gaining traction, based on the need to decrease cost and time-taken for transactions. The software sub segment is majorly contributing to the growth of this market, due to the need for its implementation among different industries for improved compliance and greater end–user benefit.

Whereas, the hardware solution has a lesser scope than the software solution in this market and is being used to store the digital signature-related information. Digital signature vendors are emphasizing on offering customizable solutions to accelerate their growth in this market.

“The on-premises deployment model is expected to exhibit a larger market share during the forecast period”

The on-premises deployment model is contributing the most, when compared with the cloud deployment model. This is due to its acceptance among enterprises across verticals and in this deployment mode, the solution is deployed on the client’s system, thereby insuring them with data security & compliance. On-premises deployment offers more flexibility and control over enterprises and can be regulated by clients themselves.

“Europe is expected to witness a high growth potential during the forecast period”

North America held the largest market share in 2016, while Europe would be the fastest-maturing in terms of CAGR. Since newly introduced electronic signature regulations in Europe would boost cross-country trading among the European countries, the need for secure reliable transactions, authenticating the identity of the user over digital network, and the new release of regulations for electronic signatures by the European Electronic Messaging Association are driving the adoption of digital signature solutions in Europe.

Digital Signature Market was valued at $517 million in 2018, and is expected to reach $3,440 million by 2022.

Digital SignatureFuture Trends

Future Applications

Government Judicial Telecom E-commerce BFSI

Issuing forms and licenses

Filing tax returns online

Online Government

orders/treasury orders

Registration

Online file movement system

Public information records

E-voting

Railway reservations &

ticketing

E-education

Online money orders

Instant posting of judgment on the web.

Secured electronic communications within judiciary

Authentic archiving of Judicial records

Submission of affidavits

Giving certified copies of the Judgment

Subscriber’s services

management

Shifting of telephones,

Accessories (Clip,

Cordless)

Small Payments through

telephones bills

Mobile Authentication of

SMS

Intra/Inter offices authentic

communications

Procurement of material

Network Management

functions

Online Shopping

Payments

Sellers verification

Purchase verification

Money Transfers

Payments

Account opening/ Access

Non- Financial Transactions

Tax payment

Online Trading

Insurance opening

Changes in Legality

If both parties agree to these, digital signatures are then valid and legally binding.

Changes in Security

Greater Efficiency in Multi-Transaction Contracts

Changes in Controls and Audits

Greater Efficiency in Internal Contracts

Improvement in Company Image

Improved Corporate Social Responsibility

Better Time Management

Better Cost Management

Accelerated Company Evolution

What will be changed…!!

• The prospect of fully implementing digital signatures in general commerce presents both benefits and costs.

• The costs consist mainly of: Institutional overhead: The cost of establishing and utilizing certification authorities, repositories, and other important services, as well as assuring quality in the performance of their functions.

• Subscriber and Relying Party Costs: A digital signer will require software, and will probably have to pay a certification authority some price to issue a certificate. Hardware to secure the subscriber's private key may also be advisable. Persons relying on digital signatures will incur expenses for verification software and perhaps for access to certificates and certificate revocation lists (CRL) in a repository.

• On the plus side, the principal advantage to be gained is more reliable authentication of messages. Digital signatures if properly implemented and utilized offer promising solutions to the problems of: Imposters, by minimizing the risk of dealing with imposters or persons who attempt to escape responsibility by claiming to have been impersonated; Message integrity, by minimizing the risk of undetected message tampering and forgery, and of false claims that a message was altered after it was sent.

Challenges

“Sign IT, Secure IT”Because IT is about you

India Headquarters

Cygnet Infotech Pvt. Ltd.

16-Swastik Society, Nr. AMCO Bank,

Stadium Circle, Navrangpura,

Ahmedabad—380009,

Gujarat, India.

inquiry@cygnetinfotech.com

+91-79-67124000 | +91-79-4901-2525

www.cygnet-infotech.com

Ahmadabad

Mumbai

Pune

Noida

India

USA

UK

Dubai

Germany

Australia

South Africa

World